| |
| |||||||
Log-Analyse und Auswertung: Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> SytemwiederherstellungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.07.2014, 15:36
| #1 |
 |  Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung
Geändert von troJanina (16.07.2014 um 15:47 Uhr) |
|
16.07.2014, 17:03
| #2 |
| /// the machine /// TB-Ausbilder    | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
17.07.2014, 14:58
| #3 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung Habe heute einem 'Java 7 Update 65' Install nachgegeben.
__________________Java -> Unsicherheitsfaktor? |
|
17.07.2014, 17:08
| #4 |
| /// the machine /// TB-Ausbilder | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.07.2014, 12:59
| #5 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung Ja weis ich eigentlich, nur wollte ich verhindern das meine Daten (ü. div Suchmaschinen) durch Suchmaschinenrobots theoretisch auffindbar wären.... kann man das nicht irgendwie 'hidden' ? FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Admin (administrator) on ADMIN-PC on 17-07-2014 15:24:23
Running from C:\Users\Admin\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3107219873-2018675022-240828242-1000\...\MountPoints2: {706505d0-d90a-11e3-ba44-806e6f6e6963} - D:\EIProcessCaller.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk
ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> No File
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: https://www.google.de/
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: KeeFox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\Extensions\keefox@chris.tomlinson [2014-06-27]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27]
FF HKCU\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR DefaultSearchKeyword: www.yahoo.com
CHR DefaultSearchProvider: Yahoo! (Avast)
CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11]
CHR HKCU\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-05-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-30] (Macrovision Europe Ltd.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-17 15:24 - 2014-07-17 15:24 - 00014904 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:23 - 2014-07-17 15:24 - 00000000 ____D () C:\FRST
2014-07-17 15:23 - 2014-07-17 15:23 - 02086912 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:17 - 2014-07-17 15:14 - 00000168 _____ () C:\Windows\setupact.log
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-16 16:18 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 12:25 - 2014-07-16 12:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:24 - 2014-07-16 12:25 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 17:11 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 17:11 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 17:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 17:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 17:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 17:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 17:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 17:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 17:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 17:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 17:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 17:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 17:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 17:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 17:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 17:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 17:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 17:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 17:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 17:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 17:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 17:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 17:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 17:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 17:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 17:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 17:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 17:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 17:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 17:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 17:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 17:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 17:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 17:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 17:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 17:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 17:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 17:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 17:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 17:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 17:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 17:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 17:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:25 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\di4BlockAndSurf
2014-07-10 11:25 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-09 17:04 - 2014-07-10 17:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-09 16:40 - 2014-07-10 11:59 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-09 16:40 - 2014-07-10 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy
2014-07-09 16:40 - 2014-07-10 11:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\fst_de_89
2014-07-09 16:39 - 2014-07-10 11:41 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-09 16:39 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-09 16:39 - 2014-07-10 11:34 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-09 16:39 - 2014-07-10 11:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-07-09 16:39 - 2014-07-09 17:08 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-09 16:39 - 2014-07-09 16:39 - 00002910 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.quick.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00000318 _____ () C:\Users\Admin\AppData\Roaming\aps.uninstall.scan.results
2014-07-09 16:38 - 2014-07-10 11:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\sweet-page
2014-07-09 16:38 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-09 16:27 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\SearchProtect
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-07-09 10:35 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 10:35 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 10:35 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 10:35 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 10:35 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 10:35 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 10:35 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 10:35 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 10:35 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 10:35 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 10:35 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 10:35 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 14:39 - 2014-07-17 14:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-06-27 14:37 - 2014-06-27 14:38 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:31 - 2014-06-27 16:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-07-17 10:17 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-27 13:43 - 2014-07-10 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-27 13:43 - 2014-07-04 10:56 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:42 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:38 - 2014-06-27 13:39 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 13:23 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-07-10 17:16 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:42 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:41 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:41 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll
2014-06-24 12:41 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll
2014-06-24 12:41 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll
2014-06-24 12:41 - 2012-04-18 15:24 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNQ4809O.dll
2014-06-24 12:41 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll
2014-06-24 12:41 - 2010-03-11 10:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNQ4809Y.dll
2014-06-24 12:39 - 2014-06-24 12:42 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-24 12:36 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\SysWOW64\CNQ4809N.DAT
2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\system32\CNQ4809N.DAT
2014-06-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2014-06-24 12:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2014-06-21 18:06 - 2000-06-29 10:00 - 00036864 _____ (Agfa-Gevaert N.V.) C:\Windows\SysWOW64\agusbsti.dll
2014-06-21 18:05 - 1998-11-17 12:44 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-18 13:03 - 2014-06-18 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 11:03 - 2014-07-04 13:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-06-17 17:19 - 2014-06-17 17:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-06-17 17:16 - 2014-06-17 17:16 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-17 17:14 - 2014-06-17 17:14 - 00000000 ____D () C:\Users\Admin\Documents\Updater5
2014-06-17 17:13 - 2014-06-26 14:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2
2014-06-17 17:12 - 2014-06-17 17:12 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-17 17:10 - 2014-06-17 17:10 - 27843432 _____ (pdfforge ) C:\Users\Admin\Downloads\PDFCreator-1_7_3_setup.exe
==================== One Month Modified Files and Folders =======
2014-07-17 15:24 - 2014-07-17 15:24 - 00014904 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-07-17 15:24 - 2014-07-17 15:23 - 00000000 ____D () C:\FRST
2014-07-17 15:23 - 2014-07-17 15:23 - 02086912 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-17 15:21 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-17 15:21 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-17 15:20 - 2014-05-20 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-17 15:20 - 2014-05-11 11:09 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-17 15:20 - 2011-04-12 09:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat
2014-07-17 15:20 - 2011-04-12 09:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat
2014-07-17 15:20 - 2009-07-14 07:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-17 15:17 - 2014-05-11 14:51 - 01846220 _____ () C:\Windows\WindowsUpdate.log
2014-07-17 15:14 - 2014-07-17 10:17 - 00000168 _____ () C:\Windows\setupact.log
2014-07-17 15:14 - 2014-05-11 11:09 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-17 15:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-17 14:30 - 2014-06-27 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass
2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-17 10:17 - 2014-06-27 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-17 02:49 - 2014-05-11 15:47 - 00000000 ____D () C:\Windows\Panther
2014-07-16 22:52 - 2014-05-29 14:54 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F773CA57-B648-47F7-B599-0236F79381D3}
2014-07-16 16:18 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-16 15:02 - 2014-05-31 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TV-Browser
2014-07-16 12:44 - 2014-07-16 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView
2014-07-16 12:25 - 2014-07-16 12:24 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk
2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView
2014-07-16 12:20 - 2014-05-27 17:05 - 00000000 ____D () C:\Users\Admin\Desktop\toolz
2014-07-11 22:39 - 2014-05-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-07-11 08:48 - 2014-05-11 11:11 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-11 08:44 - 2009-07-14 06:45 - 02236160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 08:43 - 2014-05-11 10:55 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 08:43 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:02 - 2014-05-31 18:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-05-31 18:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 17:38 - 2014-05-11 10:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss
2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-10 17:20 - 2014-07-09 17:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe
2014-07-10 17:16 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-07-10 16:08 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-10 12:20 - 2014-05-20 15:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 12:20 - 2014-05-20 15:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 12:20 - 2014-05-20 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 11:59 - 2014-07-09 16:40 - 00000000 ____D () C:\Program Files (x86)\fst_de_89
2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-07-10 11:42 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin
2014-07-10 11:41 - 2014-07-09 16:39 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-07-10 11:41 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-10 11:41 - 2014-05-30 15:12 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\system32\Macromed
2014-07-10 11:41 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 11:34 - 2014-07-09 16:39 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-07-10 11:34 - 2014-07-09 16:39 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-07-10 11:33 - 2014-07-10 11:25 - 00000000 ____D () C:\Program Files (x86)\di4BlockAndSurf
2014-07-10 11:33 - 2014-07-09 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy
2014-07-10 11:33 - 2014-07-09 16:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-07-10 11:33 - 2014-07-09 16:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\sweet-page
2014-07-10 11:33 - 2014-07-09 16:38 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Audiograbber
2014-07-10 11:33 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\Security Guard
2014-07-10 11:33 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-10 11:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-10 11:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-07-10 11:28 - 2014-07-09 16:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\fst_de_89
2014-07-10 11:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-09 17:08 - 2014-07-09 16:39 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-07-09 16:39 - 2014-07-09 16:39 - 00002910 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00001144 _____ () C:\Users\Admin\AppData\Roaming\aps.scan.quick.results
2014-07-09 16:39 - 2014-07-09 16:39 - 00000318 _____ () C:\Users\Admin\AppData\Roaming\aps.uninstall.scan.results
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\SearchProtect
2014-07-09 16:27 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-07-07 17:04 - 2014-07-10 11:25 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-07-04 13:26 - 2014-06-18 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-07-04 10:56 - 2014-06-27 13:43 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-02 15:10 - 2014-05-27 17:05 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL
2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL
2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12
2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe
2014-06-30 04:09 - 2014-07-10 17:11 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 17:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass
2014-06-27 16:31 - 2014-06-27 14:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-06-27 14:38 - 2014-06-27 14:37 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-06-27 14:35 - 2014-05-11 10:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk
2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-27 13:43 - 2014-06-27 13:42 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-27 13:39 - 2014-06-27 13:38 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-06-27 10:30 - 2014-05-11 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-27 10:29 - 2014-05-11 11:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-26 14:33 - 2014-06-17 17:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2
2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log
2014-06-24 16:10 - 2014-06-24 13:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon
2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210
2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV
2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON
2014-06-24 12:43 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk
2014-06-24 12:42 - 2014-06-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual
2014-06-24 12:42 - 2014-06-24 12:39 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk
2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-06-21 18:07 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-20 22:14 - 2014-07-10 17:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 10:35 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 22:15 - 2014-05-11 11:09 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 22:15 - 2014-05-11 11:09 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 03:39 - 2014-07-10 17:10 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-10 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-10 17:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-10 17:10 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-10 17:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:42 - 2014-07-09 10:35 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:41 - 2014-07-10 17:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-10 17:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-10 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-10 17:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-10 17:10 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-10 17:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 10:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-10 17:10 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-10 17:10 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-10 17:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-10 17:10 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 10:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-10 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-10 17:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 10:35 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-10 17:10 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 10:35 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-10 17:10 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 10:35 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-10 17:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-10 17:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 10:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-10 17:10 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-10 17:10 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-10 17:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-10 17:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 10:35 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 10:35 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-10 17:10 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-10 17:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-10 17:10 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 10:35 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-10 17:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-10 17:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-10 17:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-10 17:10 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-10 17:10 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-10 17:10 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-10 17:10 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-10 17:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-10 17:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-10 17:10 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-10 17:10 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-10 17:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-10 17:10 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 10:35 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-10 17:10 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-10 17:10 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 21:26 - 2014-05-20 15:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 13:03 - 2014-06-18 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 04:18 - 2014-07-10 17:11 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-10 17:11 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-10 17:11 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 17:19 - 2014-06-17 17:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-06-17 17:16 - 2014-06-17 17:16 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-17 17:14 - 2014-06-17 17:14 - 00000000 ____D () C:\Users\Admin\Documents\Updater5
2014-06-17 17:12 - 2014-06-17 17:12 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-17 17:10 - 2014-06-17 17:10 - 27843432 _____ (pdfforge ) C:\Users\Admin\Downloads\PDFCreator-1_7_3_setup.exe
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 18:12
==================== End Of Log ============================
--- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Admin at 2014-07-17 15:24:44
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.1 - Futuremark Corporation)
Adobe Acrobat 8 Professional - English, Français, Deutsch (x32 Version: 8.1.0 - Adobe Systems) Hidden
Adobe After Effects CS3 (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Presets (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Template Projects & Footage (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Contribute CS3 (x32 Version: 4.1 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM-x32\...\Adobe_b8d47b526dcac7b06fa9efb844abcb5) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS3 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Encore CS3 Library (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS3 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Flash Video Encoder (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (x32 Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Functional Content (x32 Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS3 Third Party Content (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe SING CS3 (x32 Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Codecs (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Soundbooth CS3 Scores (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Video Profiles (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät (HKLM\...\{ECFFD23C-3111-4685-8118-E1F79644203F}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1000 J110 series Hilfe (HKLM-x32\...\{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}) (Version: 140.0.65.65 - Hewlett Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
Intel(R) Network Connections 18.1.59.0 (Version: 18.1.59.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.0.0.1083 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.100 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
mst IsUsedBy (HKLM-x32\...\{E4346E0D-7C75-4D7D-8E0E-3E6453862194}) (Version: 2.0.8.148 - mst software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PCMark 7 (HKLM-x32\...\{75C3C9C0-6CE6-42FA-A0E9-658E8F539124}) (Version: 1.4.0 - Futuremark)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Super Finder XT 1.6.3.2 (HKLM-x32\...\Super Finder XT_is1) (Version: - FSL - FreeSoftLand)
TV-Browser 3.3.3 (HKLM-x32\...\tvbrowser) (Version: 3.3.3 - TV-Browser Team)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)
==================== Restore Points =========================
09-07-2014 14:41:47 Windows Defender Checkpoint
09-07-2014 15:19:24 Windows Update
09-07-2014 15:27:28 Windows Update
09-07-2014 21:36:01 Windows Update
10-07-2014 09:31:59 Wiederherstellungsvorgang
10-07-2014 09:34:29 avast! antivirus system restore point
10-07-2014 09:36:13 Wiederherstellungsvorgang
10-07-2014 09:58:51 Windows Defender Checkpoint
10-07-2014 15:10:07 Windows Update
10-07-2014 15:37:35 Windows Update
16-07-2014 07:03:20 Windows Update
17-07-2014 08:38:03 Installed Java 7 Update 65
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {08F0B6A6-BC94-42EB-A16A-71960CC65AEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {1259B87E-2A35-408F-9327-C76CE9343B18} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {15EB952D-1DB4-411A-86D6-BCF3F57ED93B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {196BD57A-22BB-4DDD-B5FD-2876E278BD04} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11] (Google Inc.)
Task: {374A65CF-CE87-470F-9E4F-CD40F268695A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-27] (AVAST Software)
Task: {5AB27DA4-1E86-475D-A089-9720DD4228E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {F4ED350A-9437-4661-988F-001F5EB2E222} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-06-22 06:48 - 2011-06-22 06:48 - 00034304 _____ () C:\Windows\System32\ssp7ml6.dll
2014-06-24 12:43 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-06-22 06:48 - 2011-06-22 06:48 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssp7mdu.dll
2014-06-27 13:43 - 2014-06-27 13:43 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-17 10:17 - 2014-07-17 10:17 - 02793472 _____ () C:\Program Files\AVAST Software\Avast\defs\14071700\algo.dll
2014-06-27 13:43 - 2014-06-27 13:43 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-18 13:03 - 2014-06-18 13:03 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-10 12:20 - 2014-07-10 12:20 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
2014-05-11 15:06 - 2013-02-16 02:17 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Super Finder XT.lnk => C:\Windows\pss\Super Finder XT.lnk.Startup
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/17/2014 03:14:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2014 03:09:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/17/2014 02:26:41 PM) (Source: MsiInstaller) (EventID: 11706) (User: Admin-PC)
Description: Produkt: Adobe Acrobat 8 Professional - English, Français, Deutsch -- Fehler 1706. Für das Produkt Adobe Acrobat 8 Professional - English, Français, Deutsch wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets AcroPro.msi.
Error: (07/17/2014 10:17:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2014 10:43:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/16/2014 04:10:29 PM) (Source: MsiInstaller) (EventID: 11706) (User: Admin-PC)
Description: Produkt: Adobe Acrobat 8 Professional - English, Français, Deutsch -- Fehler 1706. Für das Produkt Adobe Acrobat 8 Professional - English, Français, Deutsch wurde kein Installationspaket gefunden. Wiederholen Sie die Installation und verwenden Sie dabei eine gültige Kopie des Installationspakets AcroPro.msi.
Error: (07/16/2014 08:59:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 09:45:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/15/2014 00:41:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/14/2014 10:48:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Server" wurde mit folgendem Fehler beendet:
%%14
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Error: (07/11/2014 10:39:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1062
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 16040 MB
Available physical RAM: 12287.84 MB
Total Pagefile: 32078.17 MB
Available Pagefile: 28204.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:146.39 GB) (Free:89.19 GB) NTFS
Drive e: (Daten) (Fixed) (Total:785.03 GB) (Free:784.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 3331867A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=785 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von troJanina (18.07.2014 um 13:04 Uhr) Grund: rest(code) |
|
18.07.2014, 19:00
| #6 |
| /// the machine /// TB-Ausbilder | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung hi, Scan mit Combofix
__________________ --> Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung |
|
18.07.2014, 23:43
| #7 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung erster Scan nicht von Desktop ausgeführt u. mit Browser welcher offenbar laut Scan geschlossen wurde Code:
ATTFilter ComboFix 14-07-17.03 - Admin 19.07.2014 0:08.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16040.11450 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-18 bis 2014-07-18 ))))))))))))))))))))))))))))))
.
.
2014-07-18 22:12 . 2014-07-18 22:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-18 07:48 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0FD1984-80DE-43CD-B5A3-DEBA7D14F81A}\mpengine.dll
2014-07-17 13:23 . 2014-07-17 13:24 -------- d-----w- C:\FRST
2014-07-17 08:38 . 2014-07-17 08:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-16 10:25 . 2014-07-16 10:44 -------- d-----w- c:\users\Admin\AppData\Roaming\XnView
2014-07-16 10:24 . 2014-07-16 10:24 -------- d-----w- c:\program files (x86)\XnView
2014-07-15 10:53 . 2014-07-18 15:05 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-07-10 15:10 . 2014-05-30 08:08 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-07-10 15:09 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-10 15:09 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-10 15:09 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-10 09:25 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\di4BlockAndSurf
2014-07-10 09:25 . 2014-07-07 15:04 57528 ----a-w- c:\windows\system32\drivers\webinstr.sys
2014-07-09 20:57 . 2014-06-19 00:50 570368 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2014-07-09 15:04 . 2014-07-10 15:20 -------- d-----w- c:\program files\CCleaner
2014-07-09 14:40 . 2014-07-10 09:59 -------- d-----w- c:\program files (x86)\fst_de_89
2014-07-09 14:40 . 2014-07-10 09:28 -------- d-----w- c:\users\Admin\AppData\Local\fst_de_89
2014-07-09 14:39 . 2014-07-10 09:34 -------- d-----w- c:\programdata\IePluginServices
2014-07-09 14:39 . 2014-07-10 09:41 -------- d-----w- c:\program files (x86)\SupTab
2014-07-09 14:39 . 2014-07-10 09:34 -------- d-----w- c:\programdata\WindowsMangerProtect
2014-07-09 14:38 . 2014-07-10 09:33 -------- d-----w- c:\users\Admin\AppData\Roaming\sweet-page
2014-07-09 14:38 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\AnyProtectEx
2014-07-09 14:28 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\Audiograbber
2014-07-09 14:28 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-07-09 14:27 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\Security Guard
2014-07-09 14:27 . 2014-07-09 14:27 -------- d-----w- c:\users\Admin\AppData\Local\SearchProtect
2014-07-02 13:09 . 2014-07-02 13:09 -------- d-----w- c:\windows\system32\appmgmt
2014-07-01 12:34 . 2014-07-01 12:34 -------- d-----w- c:\program files (x86)\FSL
2014-06-27 14:47 . 2014-06-27 14:47 -------- d-----w- c:\users\Admin\AppData\Local\KeePass
2014-06-27 12:39 . 2014-07-17 14:16 -------- d-----w- c:\users\Admin\AppData\Roaming\KeePass
2014-06-27 12:31 . 2014-06-27 14:31 -------- d-----w- c:\program files (x86)\KeePass Password Safe 2
2014-06-24 15:42 . 2014-06-24 15:42 -------- d-----w- c:\programdata\CanonIJ
2014-06-24 11:23 . 2014-06-24 14:10 -------- d-----w- c:\users\Admin\AppData\Roaming\Canon
2014-06-24 10:43 . 2014-06-24 10:43 -------- d-----w- c:\program files\Common Files\CANON
2014-06-24 10:41 . 2012-07-04 09:55 1354240 ----a-w- c:\windows\system32\CNQ4809C.dll
2014-06-24 10:41 . 2012-07-04 09:55 112128 ----a-w- c:\windows\system32\CNQ4809I.dll
2014-06-24 10:41 . 2012-07-04 09:29 106496 ----a-w- c:\windows\SysWow64\CNQ4809U.dll
2014-06-24 10:41 . 2010-12-17 12:47 515584 ----a-w- c:\windows\system32\CNQ4809L.dll
2014-06-24 10:41 . 2010-03-11 08:57 248320 ----a-w- c:\windows\system32\CNQ4809Y.dll
2014-06-24 10:41 . 2012-04-18 13:24 103424 ----a-w- c:\windows\system32\CNQ4809O.dll
2014-06-24 10:41 . 2014-06-24 10:41 -------- d--h--w- c:\program files\CanonBJ
2014-06-24 10:39 . 2014-06-24 10:42 -------- d-----w- c:\program files (x86)\Canon
2014-06-24 10:36 . 2014-06-24 10:36 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-06-24 10:36 . 2010-12-17 12:47 438272 ----a-w- c:\windows\SysWow64\CNQ4809L.dll
2014-06-24 10:36 . 2008-08-25 16:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2014-06-24 10:36 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2014-06-21 16:06 . 2000-06-29 08:00 36864 ----a-w- c:\windows\SysWow64\agusbsti.dll
2014-06-21 13:04 . 2014-06-21 13:04 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 01:02 . 2014-05-31 16:48 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-10 15:38 . 2014-05-11 08:01 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-10 10:20 . 2014-05-20 13:04 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 10:20 . 2014-05-20 13:04 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-11 09:25 . 2014-05-11 09:25 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-05-11 09:25 . 2014-05-11 09:25 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-05-11 08:20 . 2014-05-11 08:20 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-05-11 08:20 . 2014-05-11 08:20 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-05-11 08:20 . 2014-05-11 08:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20 413696 ----a-w- c:\windows\system32\html.iec
2014-05-11 08:20 . 2014-05-11 08:20 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-05-11 08:20 . 2014-05-11 08:20 247808 ----a-w- c:\windows\system32\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-05-11 08:20 . 2014-05-11 08:20 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20 81408 ----a-w- c:\windows\system32\icardie.dll
2014-05-11 08:20 . 2014-05-11 08:20 774144 ----a-w- c:\windows\system32\jscript.dll
2014-05-11 08:20 . 2014-05-11 08:20 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-05-11 08:20 . 2014-05-11 08:20 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-11 08:20 . 2014-05-11 08:20 235520 ----a-w- c:\windows\system32\url.dll
2014-05-11 08:20 . 2014-05-11 08:20 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20 147968 ----a-w- c:\windows\system32\occache.dll
2014-05-11 08:20 . 2014-05-11 08:20 143872 ----a-w- c:\windows\system32\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20 13824 ----a-w- c:\windows\system32\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-05-11 08:20 . 2014-05-11 08:20 101376 ----a-w- c:\windows\system32\inseng.dll
2014-05-11 08:17 . 2014-05-11 08:17 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-05-11 08:17 . 2014-05-11 08:17 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-25 15:44 . 2002-12-20 12:02 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-25 02:34 . 2014-06-12 08:39 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-12 08:39 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-27 4086432]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2014-04-13 2099200]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Super Finder XT.lnk - c:\program files (x86)\FSL\SuperFinder\SuperFinder.exe auto [2014-7-1 2447360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 13:21 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-20 10:20]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-27 11:43 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-18 13427784]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mSearch Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
uInternet Settings,ProxyOverride = *.local
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-19 00:13:36
ComboFix-quarantined-files.txt 2014-07-18 22:13
.
Vor Suchlauf: 9 Verzeichnis(se), 95.685.386.240 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 95.489.163.264 Bytes frei
.
- - End Of File - - A014D2A44104076446BC7D006AED77EB
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter ComboFix 14-07-17.03 - Admin 19.07.2014 0:28.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16040.13845 [GMT 2:00]
ausgeführt von:: c:\users\Admin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-18 bis 2014-07-18 ))))))))))))))))))))))))))))))
.
.
2014-07-18 22:31 . 2014-07-18 22:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-18 07:48 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F0FD1984-80DE-43CD-B5A3-DEBA7D14F81A}\mpengine.dll
2014-07-17 13:23 . 2014-07-17 13:24 -------- d-----w- C:\FRST
2014-07-17 08:38 . 2014-07-17 08:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-16 10:25 . 2014-07-16 10:44 -------- d-----w- c:\users\Admin\AppData\Roaming\XnView
2014-07-16 10:24 . 2014-07-16 10:24 -------- d-----w- c:\program files (x86)\XnView
2014-07-15 10:53 . 2014-07-18 15:05 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-07-10 15:10 . 2014-05-30 08:08 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-07-10 15:09 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-10 15:09 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-10 15:09 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-07-10 09:25 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\di4BlockAndSurf
2014-07-10 09:25 . 2014-07-07 15:04 57528 ----a-w- c:\windows\system32\drivers\webinstr.sys
2014-07-09 20:57 . 2014-06-19 00:50 570368 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll
2014-07-09 15:04 . 2014-07-10 15:20 -------- d-----w- c:\program files\CCleaner
2014-07-09 14:40 . 2014-07-10 09:59 -------- d-----w- c:\program files (x86)\fst_de_89
2014-07-09 14:40 . 2014-07-10 09:28 -------- d-----w- c:\users\Admin\AppData\Local\fst_de_89
2014-07-09 14:39 . 2014-07-10 09:34 -------- d-----w- c:\programdata\IePluginServices
2014-07-09 14:39 . 2014-07-10 09:41 -------- d-----w- c:\program files (x86)\SupTab
2014-07-09 14:39 . 2014-07-10 09:34 -------- d-----w- c:\programdata\WindowsMangerProtect
2014-07-09 14:38 . 2014-07-10 09:33 -------- d-----w- c:\users\Admin\AppData\Roaming\sweet-page
2014-07-09 14:38 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\AnyProtectEx
2014-07-09 14:28 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\Audiograbber
2014-07-09 14:28 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-07-09 14:27 . 2014-07-10 09:33 -------- d-----w- c:\program files (x86)\Security Guard
2014-07-09 14:27 . 2014-07-09 14:27 -------- d-----w- c:\users\Admin\AppData\Local\SearchProtect
2014-07-02 13:09 . 2014-07-02 13:09 -------- d-----w- c:\windows\system32\appmgmt
2014-07-01 12:34 . 2014-07-01 12:34 -------- d-----w- c:\program files (x86)\FSL
2014-06-27 14:47 . 2014-06-27 14:47 -------- d-----w- c:\users\Admin\AppData\Local\KeePass
2014-06-27 12:39 . 2014-07-17 14:16 -------- d-----w- c:\users\Admin\AppData\Roaming\KeePass
2014-06-27 12:31 . 2014-06-27 14:31 -------- d-----w- c:\program files (x86)\KeePass Password Safe 2
2014-06-24 15:42 . 2014-06-24 15:42 -------- d-----w- c:\programdata\CanonIJ
2014-06-24 11:23 . 2014-06-24 14:10 -------- d-----w- c:\users\Admin\AppData\Roaming\Canon
2014-06-24 10:43 . 2014-06-24 10:43 -------- d-----w- c:\program files\Common Files\CANON
2014-06-24 10:41 . 2012-07-04 09:55 1354240 ----a-w- c:\windows\system32\CNQ4809C.dll
2014-06-24 10:41 . 2012-07-04 09:55 112128 ----a-w- c:\windows\system32\CNQ4809I.dll
2014-06-24 10:41 . 2012-07-04 09:29 106496 ----a-w- c:\windows\SysWow64\CNQ4809U.dll
2014-06-24 10:41 . 2010-12-17 12:47 515584 ----a-w- c:\windows\system32\CNQ4809L.dll
2014-06-24 10:41 . 2010-03-11 08:57 248320 ----a-w- c:\windows\system32\CNQ4809Y.dll
2014-06-24 10:41 . 2012-04-18 13:24 103424 ----a-w- c:\windows\system32\CNQ4809O.dll
2014-06-24 10:41 . 2014-06-24 10:41 -------- d--h--w- c:\program files\CanonBJ
2014-06-24 10:39 . 2014-06-24 10:42 -------- d-----w- c:\program files (x86)\Canon
2014-06-24 10:36 . 2014-06-24 10:36 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2014-06-24 10:36 . 2010-12-17 12:47 438272 ----a-w- c:\windows\SysWow64\CNQ4809L.dll
2014-06-24 10:36 . 2008-08-25 16:02 17920 ----a-w- c:\windows\system32\CNHMCA6.dll
2014-06-24 10:36 . 2008-08-25 16:02 15872 ----a-w- c:\windows\SysWow64\CNHMCA.dll
2014-06-21 16:06 . 2000-06-29 08:00 36864 ----a-w- c:\windows\SysWow64\agusbsti.dll
2014-06-21 13:04 . 2014-06-21 13:04 -------- d-----w- c:\programdata\McAfee
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-11 01:02 . 2014-05-31 16:48 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-10 15:38 . 2014-05-11 08:01 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-10 10:20 . 2014-05-20 13:04 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-10 10:20 . 2014-05-20 13:04 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-11 09:25 . 2014-05-11 09:25 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-05-11 09:25 . 2014-05-11 09:25 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2014-05-11 09:25 . 2014-05-11 09:25 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-05-11 08:20 . 2014-05-11 08:20 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-11 08:20 . 2014-05-11 08:20 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-11 08:20 . 2014-05-11 08:20 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-05-11 08:20 . 2014-05-11 08:20 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-05-11 08:20 . 2014-05-11 08:20 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-05-11 08:20 . 2014-05-11 08:20 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-05-11 08:20 . 2014-05-11 08:20 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-05-11 08:20 . 2014-05-11 08:20 413696 ----a-w- c:\windows\system32\html.iec
2014-05-11 08:20 . 2014-05-11 08:20 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-05-11 08:20 . 2014-05-11 08:20 247808 ----a-w- c:\windows\system32\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-05-11 08:20 . 2014-05-11 08:20 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-05-11 08:20 . 2014-05-11 08:20 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-05-11 08:20 . 2014-05-11 08:20 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-05-11 08:20 . 2014-05-11 08:20 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-05-11 08:20 . 2014-05-11 08:20 81408 ----a-w- c:\windows\system32\icardie.dll
2014-05-11 08:20 . 2014-05-11 08:20 774144 ----a-w- c:\windows\system32\jscript.dll
2014-05-11 08:20 . 2014-05-11 08:20 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-05-11 08:20 . 2014-05-11 08:20 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-05-11 08:20 . 2014-05-11 08:20 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-05-11 08:20 . 2014-05-11 08:20 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-05-11 08:20 . 2014-05-11 08:20 235520 ----a-w- c:\windows\system32\url.dll
2014-05-11 08:20 . 2014-05-11 08:20 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-05-11 08:20 . 2014-05-11 08:20 147968 ----a-w- c:\windows\system32\occache.dll
2014-05-11 08:20 . 2014-05-11 08:20 143872 ----a-w- c:\windows\system32\wextract.exe
2014-05-11 08:20 . 2014-05-11 08:20 13824 ----a-w- c:\windows\system32\mshta.exe
2014-05-11 08:20 . 2014-05-11 08:20 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-05-11 08:20 . 2014-05-11 08:20 101376 ----a-w- c:\windows\system32\inseng.dll
2014-05-11 08:17 . 2014-05-11 08:17 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-05-11 08:17 . 2014-05-11 08:17 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-05-11 08:17 . 2014-05-11 08:17 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-05-11 08:17 . 2014-05-11 08:17 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-05-11 08:17 . 2014-05-11 08:17 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-05-11 08:17 . 2014-05-11 08:17 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-05-11 08:17 . 2014-05-11 08:17 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-05-11 08:17 . 2014-05-11 08:17 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-05-11 08:17 . 2014-05-11 08:17 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-05-11 08:17 . 2014-05-11 08:17 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-05-11 08:17 . 2014-05-11 08:17 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-05-11 08:17 . 2014-05-11 08:17 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-05-11 08:17 . 2014-05-11 08:17 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-05-11 08:17 . 2014-05-11 08:17 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-04-25 15:44 . 2002-12-20 12:02 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-04-25 02:34 . 2014-06-12 08:39 801280 ----a-w- c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-12 08:39 626688 ----a-w- c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-03-06 291128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-27 4086432]
"KeePass 2 PreLoad"="c:\program files (x86)\KeePass Password Safe 2\KeePass.exe" [2014-04-13 2099200]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
c:\users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Super Finder XT.lnk - c:\program files (x86)\FSL\SuperFinder\SuperFinder.exe auto [2014-7-1 2447360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 13:21 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-20 10:20]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-11 09:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-27 11:43 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-18 13427784]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-01-31 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-03-22 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-03-22 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-03-22 441840]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mSearch Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
uInternet Settings,ProxyOverride = *.local
IE: An vorhandenes PDF anfügen - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
Trusted Zone: samsungsetup.com\www
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlDbg9c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil9c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-19 00:32:38
ComboFix-quarantined-files.txt 2014-07-18 22:32
.
Vor Suchlauf: 12 Verzeichnis(se), 95.916.478.464 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 95.614.971.904 Bytes frei
.
- - End Of File - - D0B1EEE5D53D08DF2ECE94CF1EB3A594
A36C5E4F47E84449FF07ED3517B43A31
Nebenbei: macht (Avast) Antivirus neben Windows Defender Sinn? Das Win7 Sicherheits-Wartungscenter will offenbar beide Geändert von troJanina (18.07.2014 um 23:53 Uhr) Grund: erster Scan nicht von Desktop ausgeführt u. mit Browser |
|
19.07.2014, 20:44
| #8 |
| /// the machine /// TB-Ausbilder | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung Defender wird vom AV schon abgeschaltet falls es stört  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.07.2014, 19:45
| #9 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung als <code></code>? Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 20.07.2014 Suchlauf-Zeit: 18:33:59 Logdatei: suchlauf_verlaufsprotokoll.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.20.04 Rootkit Datenbank: v2014.07.17.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Admin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 302657 Verstrichene Zeit: 3 Min, 44 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 20 PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [d9eb1d84d5a6bc7a0e731e9ba9597e82], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [d9eb1d84d5a6bc7a0e731e9ba9597e82], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\UI, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], PUP.Optional.FreeSoftwareToday.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FrEeSoFtOdAy, In Quarantäne, [7b49d2cf98e39b9b0e1219a350b2e818], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x64, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x86, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\Download, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\fst_de_89, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\fst_de_89\1.10, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_de_89, In Quarantäne, [6c581a876219231359b8d2eb8c76f808], Dateien: 27 PUP.Optional.Trovi.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\trovi-search.xml, In Quarantäne, [863e7c25740765d1ab22fed4ea189f61], PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [6064dcc5c3b826102369a86d12f2f20e], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [d9eb1d84d5a6bc7a0e731e9ba9597e82], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\CRASH_DUMP_P6540_T2624_D2014_07_09_T17_07_39.dmp, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\CRASH_REPORT_P6540_T2624_D2014_07_09_T17_07_39.txt, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.SearchProtect.A, C:\Users\Admin\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [43818c15f68592a4a6dc8b2ec2402cd4], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-07-09[16-39-08-596].log, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [487c237edaa178be1dd865562bd7cd33], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\175.crx, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\175.dat, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\175.xpi, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\a.db, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\b.db, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\di0BlockAndSurfyv175.bin, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\di0BlockAndSurfyv175.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\di6BlockAndSurfM.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\Sqlite3.dll, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x64\TandemRunner.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\di4BlockAndSurf\x86\TandemRunner.exe, In Quarantäne, [0fb5534e3f3cfa3c7f392597679b2cd4], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\upfst_de_89.cyl, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\upfst_de_89.exe, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\user_profil.cyp, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Users\Admin\AppData\Local\fst_de_89\fst_de_89\1.10\cnf.cyl, In Quarantäne, [fec6178ab4c7dc5aa56b5c618a7826da], PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_de_89\unins000.dat, In Quarantäne, [6c581a876219231359b8d2eb8c76f808], PUP.Optional.FreeSoftToday.A, C:\Program Files (x86)\fst_de_89\unins000.msg, In Quarantäne, [6c581a876219231359b8d2eb8c76f808], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.216 - Bericht erstellt am 20/07/2014 um 19:26:30
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Downloads\adwcleaner_3.216.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\aps.scan.quick.results
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\aps.scan.results
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\aps.uninstall.scan.results
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322196&octid=EB_ORIGINAL_CTID&ISID=MA1B62CB1-5364-43EE-B9DD-ED2D9A7D585D&SearchSource=58&CUI=&UM=6&UP=SP7DD54E2A-E878-4BF3-8857-B931A5991ECF&q={searchTerms}&SSPV=
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
*************************
AdwCleaner[R0].txt - [1903 octets] - [20/07/2014 19:10:56]
AdwCleaner[S0].txt - [1778 octets] - [20/07/2014 19:26:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1838 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Admin on 20.07.2014 at 19:33:53,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\z8c3id95.default\minidumps [104 files]
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.07.2014 at 19:39:47,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und das FRST: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014 Ran by Admin (administrator) on ADMIN-PC on 20-07-2014 20:04:22 Running from C:\Users\Admin\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-01-31] (Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> No File BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default FF SearchEngineOrder.1: Yahoo! (Avast) FF Homepage: https://www.google.de/ FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\yahoo-avast.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: KeeFox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\Extensions\keefox@chris.tomlinson [2014-06-27] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27] FF HKCU\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl" CHR DefaultSearchKeyword: www.yahoo.com CHR DefaultSearchProvider: Yahoo! (Avast) CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11] CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11] CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11] CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11] CHR HKCU\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-05-11] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-30] (Macrovision Europe Ltd.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] () R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-20] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-20 20:03 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT 2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe 2014-07-20 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-20 19:05 - 2014-07-20 19:26 - 00000000 ____D () C:\AdwCleaner 2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe 2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt 2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt 2014-07-20 18:29 - 2014-07-20 19:28 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-20 18:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-20 18:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-20 18:29 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-19 12:21 - 2014-07-20 19:27 - 00013508 _____ () C:\Windows\PFRO.log 2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt 2014-07-19 00:25 - 2014-07-20 20:04 - 00003364 _____ () C:\Users\Admin\Desktop\win.txt 2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk 2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt 2014-07-19 00:08 - 2014-07-19 00:32 - 00000000 ____D () C:\Qoobox 2014-07-19 00:08 - 2014-07-19 00:12 - 00000000 ____D () C:\Windows\erdnt 2014-07-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe 2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk 2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip 2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56 2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe 2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe 2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt 2014-07-17 15:41 - 2014-07-20 20:04 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-07-17 15:23 - 2014-07-20 20:04 - 00000000 ____D () C:\FRST 2014-07-17 15:23 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-17 10:17 - 2014-07-20 19:27 - 00001120 _____ () C:\Windows\setupact.log 2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-16 16:18 - 2014-07-20 18:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-16 12:25 - 2014-07-16 12:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView 2014-07-16 12:24 - 2014-07-16 12:25 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk 2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView 2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss 2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe 2014-07-10 17:11 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 17:11 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 17:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 17:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 17:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 17:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 17:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 17:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 17:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 17:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 17:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 17:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 17:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 17:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 17:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 17:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 17:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 17:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 17:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 17:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 17:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 17:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 17:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 17:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 17:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 17:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 17:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 17:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 17:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 17:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 17:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 17:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 17:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 17:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 17:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 17:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 17:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 17:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 17:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 17:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 17:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 17:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 17:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 17:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 17:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 17:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 17:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 17:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 17:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 17:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 17:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 17:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 17:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 17:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 17:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol 2014-07-10 11:25 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-09 17:04 - 2014-07-10 17:20 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Audiograbber 2014-07-09 16:27 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Security Guard 2014-07-09 10:35 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 10:35 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 10:35 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 10:35 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 10:35 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 10:35 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 10:35 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 10:35 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 10:35 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 10:35 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 10:35 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 10:35 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL 2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12 2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe 2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass 2014-06-27 14:39 - 2014-07-17 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass 2014-06-27 14:37 - 2014-06-27 14:38 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner 2014-06-27 14:31 - 2014-06-27 16:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2 2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk 2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe 2014-06-27 13:43 - 2014-07-20 19:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-27 13:43 - 2014-07-10 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-06-27 13:43 - 2014-07-04 10:56 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-27 13:42 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-27 13:38 - 2014-06-27 13:39 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe 2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log 2014-06-24 13:23 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon 2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210 2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX 2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV 2014-06-24 12:43 - 2014-07-18 17:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON 2014-06-24 12:42 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk 2014-06-24 12:41 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual 2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ 2014-06-24 12:41 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll 2014-06-24 12:41 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll 2014-06-24 12:41 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll 2014-06-24 12:41 - 2012-04-18 15:24 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNQ4809O.dll 2014-06-24 12:41 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll 2014-06-24 12:41 - 2010-03-11 10:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNQ4809Y.dll 2014-06-24 12:39 - 2014-06-24 12:42 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk 2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-06-24 12:36 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll 2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\SysWOW64\CNQ4809N.DAT 2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\system32\CNQ4809N.DAT 2014-06-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll 2014-06-24 12:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll 2014-06-21 18:06 - 2000-06-29 10:00 - 00036864 _____ (Agfa-Gevaert N.V.) C:\Windows\SysWOW64\agusbsti.dll 2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee ==================== One Month Modified Files and Folders ======= 2014-07-20 20:04 - 2014-07-19 00:25 - 00003364 _____ () C:\Users\Admin\Desktop\win.txt 2014-07-20 20:04 - 2014-07-17 15:41 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt 2014-07-20 20:04 - 2014-07-17 15:23 - 00000000 ____D () C:\FRST 2014-07-20 20:02 - 2014-07-20 20:03 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2014-07-20 20:02 - 2014-07-17 15:23 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT 2014-07-20 19:33 - 2011-04-12 09:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat 2014-07-20 19:33 - 2011-04-12 09:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat 2014-07-20 19:33 - 2009-07-14 07:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe 2014-07-20 19:28 - 2014-07-20 18:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-20 19:27 - 2014-07-19 12:21 - 00013508 _____ () C:\Windows\PFRO.log 2014-07-20 19:27 - 2014-07-17 10:17 - 00001120 _____ () C:\Windows\setupact.log 2014-07-20 19:27 - 2014-06-27 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-20 19:27 - 2014-05-11 14:51 - 01943692 _____ () C:\Windows\WindowsUpdate.log 2014-07-20 19:27 - 2014-05-11 11:09 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-20 19:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-20 19:26 - 2014-07-20 19:05 - 00000000 ____D () C:\AdwCleaner 2014-07-20 19:20 - 2014-05-20 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-20 19:20 - 2014-05-11 11:09 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe 2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt 2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt 2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-20 18:28 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-20 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-20 13:53 - 2014-05-29 14:54 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F773CA57-B648-47F7-B599-0236F79381D3} 2014-07-19 12:50 - 2014-05-31 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TV-Browser 2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt 2014-07-19 00:32 - 2014-07-19 00:08 - 00000000 ____D () C:\Qoobox 2014-07-19 00:31 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk 2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt 2014-07-19 00:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-07-19 00:12 - 2014-07-19 00:08 - 00000000 ____D () C:\Windows\erdnt 2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe 2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk 2014-07-18 17:26 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-18 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip 2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56 2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe 2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe 2014-07-18 15:22 - 2014-05-11 11:11 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-18 02:18 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-17 16:16 - 2014-06-27 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass 2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-17 02:49 - 2014-05-11 15:47 - 00000000 ____D () C:\Windows\Panther 2014-07-16 12:44 - 2014-07-16 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView 2014-07-16 12:25 - 2014-07-16 12:24 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk 2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView 2014-07-16 12:20 - 2014-05-27 17:05 - 00000000 ____D () C:\Users\Admin\Desktop\toolz 2014-07-11 22:39 - 2014-05-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-11 08:44 - 2009-07-14 06:45 - 02236160 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-11 08:43 - 2014-05-11 10:55 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-11 08:43 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-11 03:02 - 2014-05-31 18:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-11 02:56 - 2014-05-31 18:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-11 02:56 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-11 02:55 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-10 17:38 - 2014-05-11 10:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-10 17:38 - 2014-05-11 10:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss 2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-10 17:20 - 2014-07-09 17:04 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe 2014-07-10 12:20 - 2014-05-20 15:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-10 12:20 - 2014-05-20 15:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-10 12:20 - 2014-05-20 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol 2014-07-10 11:42 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin 2014-07-10 11:41 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-07-10 11:41 - 2014-05-30 15:12 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\system32\Macromed 2014-07-10 11:41 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Audiograbber 2014-07-10 11:33 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\Security Guard 2014-07-10 11:33 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-07-10 11:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-07-10 11:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-07-10 11:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-07-07 17:04 - 2014-07-10 11:25 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-04 13:26 - 2014-06-18 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2014-07-04 10:56 - 2014-06-27 13:43 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-07-02 15:10 - 2014-05-27 17:05 - 00000000 ____D () C:\Program Files (x86)\Everything 2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL 2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12 2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe 2014-06-30 04:09 - 2014-07-10 17:11 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 17:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass 2014-06-27 16:31 - 2014-06-27 14:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2 2014-06-27 14:38 - 2014-06-27 14:37 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner 2014-06-27 14:35 - 2014-05-11 10:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk 2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe 2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-27 13:43 - 2014-06-27 13:42 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-27 13:39 - 2014-06-27 13:38 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe 2014-06-27 10:30 - 2014-05-11 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-06-27 10:29 - 2014-05-11 11:14 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-26 14:33 - 2014-06-17 17:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2 2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log 2014-06-24 16:10 - 2014-06-24 13:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon 2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210 2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX 2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV 2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON 2014-06-24 12:43 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk 2014-06-24 12:42 - 2014-06-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual 2014-06-24 12:42 - 2014-06-24 12:39 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ 2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk 2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-06-21 18:07 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore 2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee 2014-06-20 22:14 - 2014-07-10 17:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 10:35 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-20 16:58 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- Geändert von troJanina (20.07.2014 um 18:58 Uhr) |
|
21.07.2014, 10:54
| #10 |
| /// the machine /// TB-Ausbilder | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> SytemwiederherstellungESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.07.2014, 15:47
| #11 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> SytemwiederherstellungCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1ad772e712a5ab49afbeb21629390830
# engine=19277
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-21 02:34:24
# local_time=2014-07-21 04:34:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 967964 2083916 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 283555 157583114 0 0
# scanned=160767
# found=6
# cleaned=0
# scan_time=998
sh=C5883F4245AE2C0515FB1D04A08FD82885B06398 ft=1 fh=8d649859311d4519 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=16CF5D6E11C0F55548A67B8B5D04FA3460C76A2D ft=1 fh=7418003a088e68c3 vn="Win64/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=E26341069187332C55F4E5DC3DEB99EB4DFFA8A9 ft=1 fh=48600f80b4b84481 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=5F1CA50D4A8220CCF7C99930C3CFC877F7391498 ft=1 fh=4dfb759bf3cb5672 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe"
sh=2AC94F46C9DBB6CEA025C6E8FA97A26A8BA9C388 ft=1 fh=3a2a8c2dbf805015 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Admin\Downloads\PDFCreator-1_7_3_setup.exe"
SecurityCheck.exe vom Desktop ausgeführt checkup.txt: Code:
ATTFilter UNSUPPORTED OPERATING SYSTEM! ABORTED!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-07-2014 Ran by Admin (administrator) on ADMIN-PC on 21-07-2014 16:54:56 Running from C:\Users\Admin\Desktop Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (FSL) C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [36352 2013-01-31] (Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe_ID0EYTHM] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-27] (AVAST Software) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Super Finder XT.lnk ShortcutTarget: Super Finder XT.lnk -> C:\Program Files (x86)\FSL\SuperFinder\SuperFinder.exe (FSL) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> No File BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll No File Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default FF SearchEngineOrder.1: Yahoo! (Avast) FF Homepage: https://www.google.de/ FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll No File FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\searchplugins\yahoo-avast.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: KeeFox - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z8c3id95.default\Extensions\keefox@chris.tomlinson [2014-06-27] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-27] FF HKCU\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] Chrome: ======= CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl" CHR DefaultSearchKeyword: www.yahoo.com CHR DefaultSearchProvider: Yahoo! (Avast) CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} CHR DefaultNewTabURL: CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-11] CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-11] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-11] CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-11] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-11] CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-11] CHR HKCU\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-05-11] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-27] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-27] (AVAST Software) R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-05-30] (Macrovision Europe Ltd.) [File not signed] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-27] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-27] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-27] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-27] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-27] () R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-27] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-21 16:50 - 2014-07-21 16:50 - 00854390 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe 2014-07-21 16:14 - 2014-07-21 16:14 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-21 16:12 - 2014-07-21 16:12 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe 2014-07-20 20:03 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT 2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe 2014-07-20 19:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-07-20 19:05 - 2014-07-20 19:26 - 00000000 ____D () C:\AdwCleaner 2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe 2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt 2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt 2014-07-20 18:29 - 2014-07-21 16:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-20 18:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-20 18:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-20 18:29 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-19 12:21 - 2014-07-20 19:27 - 00013508 _____ () C:\Windows\PFRO.log 2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt 2014-07-19 00:25 - 2014-07-21 16:50 - 00006217 _____ () C:\Users\Admin\Desktop\win.txt 2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk 2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt 2014-07-19 00:08 - 2014-07-19 00:32 - 00000000 ____D () C:\Qoobox 2014-07-19 00:08 - 2014-07-19 00:12 - 00000000 ____D () C:\Windows\erdnt 2014-07-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-07-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-07-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-07-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe 2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk 2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip 2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56 2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe 2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe 2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt 2014-07-17 15:41 - 2014-07-21 16:54 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-07-17 15:23 - 2014-07-21 16:54 - 00000000 ____D () C:\FRST 2014-07-17 15:23 - 2014-07-20 20:02 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-17 10:17 - 2014-07-20 19:27 - 00001120 _____ () C:\Windows\setupact.log 2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-16 16:18 - 2014-07-20 18:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-16 12:25 - 2014-07-16 12:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView 2014-07-16 12:24 - 2014-07-16 12:25 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk 2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView 2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss 2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe 2014-07-10 17:11 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 17:11 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 17:11 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 17:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 17:11 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 17:11 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 17:11 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 17:11 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 17:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 17:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 17:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 17:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 17:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 17:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 17:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 17:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 17:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 17:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 17:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 17:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 17:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 17:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 17:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 17:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 17:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 17:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 17:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 17:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 17:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 17:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 17:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 17:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 17:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 17:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 17:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 17:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 17:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 17:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 17:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 17:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 17:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 17:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 17:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 17:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 17:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 17:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 17:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 17:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 17:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 17:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 17:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 17:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 17:10 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 17:10 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 17:09 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 17:09 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 17:09 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol 2014-07-10 11:25 - 2014-07-07 17:04 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-09 17:04 - 2014-07-10 17:20 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-09 16:28 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Audiograbber 2014-07-09 16:27 - 2014-07-10 11:33 - 00000000 ____D () C:\Program Files (x86)\Security Guard 2014-07-09 10:35 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 10:35 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 10:35 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 10:35 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 10:35 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 10:35 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 10:35 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 10:35 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 10:35 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 10:35 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 10:35 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 10:35 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL 2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12 2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe 2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass 2014-06-27 14:39 - 2014-07-17 16:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass 2014-06-27 14:37 - 2014-06-27 14:38 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner 2014-06-27 14:31 - 2014-06-27 16:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2 2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk 2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe 2014-06-27 13:43 - 2014-07-20 19:27 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-27 13:43 - 2014-07-10 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-06-27 13:43 - 2014-07-04 10:56 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-27 13:42 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-27 13:38 - 2014-06-27 13:39 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe 2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log 2014-06-24 13:23 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon 2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210 2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX 2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV 2014-06-24 12:43 - 2014-07-18 17:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON 2014-06-24 12:42 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk 2014-06-24 12:41 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual 2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ 2014-06-24 12:41 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ4809C.dll 2014-06-24 12:41 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ4809I.dll 2014-06-24 12:41 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809U.dll 2014-06-24 12:41 - 2012-04-18 15:24 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNQ4809O.dll 2014-06-24 12:41 - 2010-12-17 14:47 - 00515584 _____ (CANON INC.) C:\Windows\system32\CNQ4809L.dll 2014-06-24 12:41 - 2010-03-11 10:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNQ4809Y.dll 2014-06-24 12:39 - 2014-06-24 12:42 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk 2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-06-24 12:36 - 2010-12-17 14:47 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ4809L.dll 2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\SysWOW64\CNQ4809N.DAT 2014-06-24 12:36 - 2010-03-19 13:55 - 00393256 _____ () C:\Windows\system32\CNQ4809N.DAT 2014-06-24 12:36 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll 2014-06-24 12:36 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll 2014-06-21 18:06 - 2000-06-29 10:00 - 00036864 _____ (Agfa-Gevaert N.V.) C:\Windows\SysWOW64\agusbsti.dll 2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee ==================== One Month Modified Files and Folders ======= 2014-07-21 16:55 - 2014-07-17 15:41 - 00015095 _____ () C:\Users\Admin\Desktop\FRST.txt 2014-07-21 16:54 - 2014-07-17 15:23 - 00000000 ____D () C:\FRST 2014-07-21 16:50 - 2014-07-21 16:50 - 00854390 _____ () C:\Users\Admin\Desktop\SecurityCheck.exe 2014-07-21 16:50 - 2014-07-19 00:25 - 00006217 _____ () C:\Users\Admin\Desktop\win.txt 2014-07-21 16:49 - 2014-07-20 18:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-21 16:20 - 2014-05-20 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-21 16:20 - 2014-05-11 11:09 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-21 16:14 - 2014-07-21 16:14 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-21 16:12 - 2014-07-21 16:12 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe 2014-07-21 14:34 - 2014-05-29 14:54 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F773CA57-B648-47F7-B599-0236F79381D3} 2014-07-21 06:50 - 2014-05-11 14:51 - 01955888 _____ () C:\Windows\WindowsUpdate.log 2014-07-20 22:20 - 2014-05-11 11:09 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-20 20:02 - 2014-07-20 20:03 - 02089984 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe 2014-07-20 20:02 - 2014-07-17 15:23 - 02089984 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-07-20 19:39 - 2014-07-20 19:39 - 00001014 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-20 19:35 - 2009-07-14 06:45 - 00025328 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-20 19:33 - 2014-07-20 19:33 - 00000000 ____D () C:\Windows\ERUNT 2014-07-20 19:33 - 2011-04-12 09:43 - 00699726 _____ () C:\Windows\system32\perfh007.dat 2014-07-20 19:33 - 2011-04-12 09:43 - 00149364 _____ () C:\Windows\system32\perfc007.dat 2014-07-20 19:33 - 2009-07-14 07:13 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-20 19:31 - 2014-07-20 19:31 - 01016261 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe 2014-07-20 19:27 - 2014-07-19 12:21 - 00013508 _____ () C:\Windows\PFRO.log 2014-07-20 19:27 - 2014-07-17 10:17 - 00001120 _____ () C:\Windows\setupact.log 2014-07-20 19:27 - 2014-06-27 13:43 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-20 19:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-20 19:26 - 2014-07-20 19:05 - 00000000 ____D () C:\AdwCleaner 2014-07-20 19:05 - 2014-07-20 19:05 - 01354223 _____ () C:\Users\Admin\Downloads\adwcleaner_3.216.exe 2014-07-20 19:04 - 2014-07-20 19:04 - 00001642 _____ () C:\Users\Admin\Desktop\schutz-protokoll.txt 2014-07-20 19:03 - 2014-07-20 19:03 - 00007634 _____ () C:\Users\Admin\Desktop\suchlauf_verlaufsprotokoll.txt 2014-07-20 18:29 - 2014-07-20 18:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-20 18:29 - 2014-07-20 18:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-20 18:28 - 2014-07-16 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-20 17:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-19 12:50 - 2014-05-31 18:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TV-Browser 2014-07-19 00:32 - 2014-07-19 00:32 - 00027296 _____ () C:\ComboFix.txt 2014-07-19 00:32 - 2014-07-19 00:08 - 00000000 ____D () C:\Qoobox 2014-07-19 00:31 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-07-19 00:23 - 2014-07-19 00:23 - 00001459 _____ () C:\Users\Admin\Desktop\ComboFix.exe - Verknüpfung.lnk 2014-07-19 00:13 - 2014-07-19 00:13 - 00031486 _____ () C:\ComboFix_.txt 2014-07-19 00:13 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-07-19 00:12 - 2014-07-19 00:08 - 00000000 ____D () C:\Windows\erdnt 2014-07-19 00:07 - 2014-07-19 00:07 - 05221938 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe 2014-07-18 23:53 - 2014-07-18 23:53 - 00001304 _____ () C:\Users\Admin\Desktop\Notepad.lnk 2014-07-18 17:26 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-07-18 16:55 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-07-18 16:35 - 2014-07-18 16:35 - 02439631 _____ () C:\Users\Admin\Downloads\FireShot_0.98.56.zip 2014-07-18 16:35 - 2014-07-18 16:35 - 00000000 ____D () C:\Users\Admin\Downloads\FireShot_0.98.56 2014-07-18 16:33 - 2014-07-18 16:33 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\FireShot_0.98.56 - CHIP-Installer.exe 2014-07-18 16:31 - 2014-07-18 16:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\fireshot_ie_install-0.98.4 - CHIP-Installer.exe 2014-07-18 15:22 - 2014-05-11 11:11 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-07-18 02:18 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-07-17 16:16 - 2014-06-27 14:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\KeePass 2014-07-17 15:48 - 2014-07-17 15:48 - 00022276 _____ () C:\Users\Admin\Desktop\Addition.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00057937 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-07-17 15:24 - 2014-07-17 15:24 - 00022276 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-07-17 10:38 - 2014-07-17 10:38 - 00004220 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-17 10:38 - 2014-07-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-17 10:38 - 2014-05-31 18:48 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-17 10:17 - 2014-07-17 10:17 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-17 02:49 - 2014-05-11 15:47 - 00000000 ____D () C:\Windows\Panther 2014-07-16 12:44 - 2014-07-16 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XnView 2014-07-16 12:25 - 2014-07-16 12:24 - 00000919 _____ () C:\Users\Admin\Desktop\XnView.lnk 2014-07-16 12:24 - 2014-07-16 12:24 - 04868432 _____ (Gougelet Pierre-e ) C:\Users\Admin\Downloads\XnView-win.exe 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2014-07-16 12:24 - 2014-07-16 12:24 - 00000000 ____D () C:\Program Files (x86)\XnView 2014-07-16 12:20 - 2014-05-27 17:05 - 00000000 ____D () C:\Users\Admin\Desktop\toolz 2014-07-11 22:39 - 2014-05-11 11:15 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-07-11 08:44 - 2009-07-14 06:45 - 02236160 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-11 08:43 - 2014-05-11 10:55 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-11 08:43 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 08:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-11 03:02 - 2014-05-31 18:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-11 02:56 - 2014-05-31 18:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-11 02:56 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-11 02:55 - 2014-05-31 18:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-10 17:38 - 2014-05-11 10:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-10 17:38 - 2014-05-11 10:01 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-10 17:23 - 2014-07-10 17:23 - 00000000 ____D () C:\Windows\pss 2014-07-10 17:20 - 2014-07-10 17:20 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-07-10 17:20 - 2014-07-10 17:20 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-10 17:20 - 2014-07-09 17:04 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-10 17:18 - 2014-07-10 17:18 - 03736040 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup415_slim.exe 2014-07-10 12:20 - 2014-05-20 15:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-10 12:20 - 2014-05-20 15:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-10 12:20 - 2014-05-20 15:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-10 11:42 - 2014-07-10 11:42 - 00000512 __RSH () C:\ProgramData\ntuser.pol 2014-07-10 11:42 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin 2014-07-10 11:41 - 2014-06-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-07-10 11:41 - 2014-05-30 15:12 - 00000000 ____D () C:\ProgramData\FLEXnet 2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2014-07-10 11:41 - 2014-05-20 15:04 - 00000000 ____D () C:\Windows\system32\Macromed 2014-07-10 11:41 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\ShellNew 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 __RSD () C:\Windows\Media 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-10 11:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-10 11:33 - 2014-07-09 16:28 - 00000000 ____D () C:\Program Files (x86)\Audiograbber 2014-07-10 11:33 - 2014-07-09 16:27 - 00000000 ____D () C:\Program Files (x86)\Security Guard 2014-07-10 11:33 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-07-10 11:33 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-07-10 11:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy 2014-07-10 11:25 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-07-07 17:04 - 2014-07-10 11:25 - 00057528 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys 2014-07-04 13:26 - 2014-06-18 11:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2014-07-04 10:56 - 2014-06-27 13:43 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-07-02 15:10 - 2014-05-27 17:05 - 00000000 ____D () C:\Program Files (x86)\Everything 2014-07-02 15:09 - 2014-07-02 15:09 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-07-01 14:34 - 2014-07-01 14:34 - 00001133 _____ () C:\Users\Admin\Desktop\Super Finder XT.lnk 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL 2014-07-01 14:34 - 2014-07-01 14:34 - 00000000 ____D () C:\Program Files (x86)\FSL 2014-07-01 14:33 - 2014-07-01 14:33 - 00000000 ____D () C:\Users\Admin\Downloads\everything12 2014-07-01 14:31 - 2014-07-01 14:31 - 05184839 _____ (FSL - FreeSoftLand ) C:\Users\Admin\Downloads\super-finder-xt_20431.exe 2014-06-30 04:09 - 2014-07-10 17:11 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 17:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-28 04:13 - 2014-05-20 15:00 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-27 16:47 - 2014-06-27 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\KeePass 2014-06-27 16:31 - 2014-06-27 14:31 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2 2014-06-27 14:38 - 2014-06-27 14:37 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner 2014-06-27 14:35 - 2014-05-11 10:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2014-06-27 14:31 - 2014-06-27 14:31 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk 2014-06-27 14:31 - 2014-06-27 14:31 - 00001105 _____ () C:\Users\Admin\Desktop\KeePass 2.lnk 2014-06-27 14:27 - 2014-06-27 14:27 - 02545000 _____ (Dominik Reichl ) C:\Users\Admin\Downloads\KeePass-2.26-Setup.exe 2014-06-27 13:43 - 2014-06-27 13:43 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-27 13:43 - 2014-06-27 13:43 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-27 13:43 - 2014-06-27 13:43 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-27 13:43 - 2014-06-27 13:43 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVAST Software 2014-06-27 13:43 - 2014-06-27 13:43 - 00000000 ____D () C:\Program Files\AVAST Software 2014-06-27 13:43 - 2014-06-27 13:42 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-27 13:39 - 2014-06-27 13:38 - 91906368 _____ (AVAST Software) C:\Users\Admin\Downloads\avast_free_antivirus_setup_9.0.2021.exe 2014-06-27 10:30 - 2014-05-11 11:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-06-27 10:29 - 2014-05-11 11:14 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-26 14:33 - 2014-06-17 17:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\PDF Architect 2 2014-06-24 17:42 - 2014-06-24 17:42 - 00000000 ____D () C:\ProgramData\CanonIJ 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 ___HD () C:\ProgramData\CanonIJScan 2014-06-24 16:10 - 2014-06-24 16:10 - 00000000 _____ () C:\Users\Admin\Sti_Trace.log 2014-06-24 16:10 - 2014-06-24 13:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canon 2014-06-24 12:55 - 2014-06-24 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan LiDE 210 2014-06-24 12:46 - 2014-06-24 12:46 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX 2014-06-24 12:44 - 2014-06-24 12:44 - 00000000 ___HD () C:\ProgramData\CanonIJEGV 2014-06-24 12:43 - 2014-06-24 12:43 - 00002075 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\ProgramData\CanonIJWSpt 2014-06-24 12:43 - 2014-06-24 12:43 - 00000000 ____D () C:\Program Files\Common Files\CANON 2014-06-24 12:43 - 2014-06-24 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-24 12:42 - 2014-06-24 12:42 - 00002372 _____ () C:\Users\Public\Desktop\Canon CanoScan LiDE 210 Online-Handbuch.lnk 2014-06-24 12:42 - 2014-06-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan LiDE 210 Manual 2014-06-24 12:42 - 2014-06-24 12:39 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-06-24 12:41 - 2014-06-24 12:41 - 00000000 ___HD () C:\Program Files\CanonBJ 2014-06-24 12:38 - 2014-06-24 12:38 - 00000355 _____ () C:\Users\Admin\Desktop\Computer - Verknüpfung.lnk 2014-06-24 12:36 - 2014-06-24 12:36 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information 2014-06-21 18:07 - 2014-05-11 14:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore 2014-06-21 15:04 - 2014-06-21 15:04 - 00000000 ____D () C:\ProgramData\McAfee Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-20 16:58 ==================== End Of Log ============================ --- --- --- --- --- --- Geändert von troJanina (21.07.2014 um 16:02 Uhr) |
|
22.07.2014, 10:49
| #12 |
| /// the machine /// TB-Ausbilder | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.07.2014, 11:59
| #13 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung kann die Fixlog.txt Datei nicht mehr finden ..hätte ich wohl vor der DelFix Aktion posten sollen  Was jetzt ? |
|
24.07.2014, 09:30
| #14 |
| /// the machine /// TB-Ausbilder | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung nicht schlimm
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.07.2014, 09:48
| #15 |
| | Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung Habs nochmal wiederholt (falls etz noch Sinn macht) Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014
Ran by Admin at 2014-07-24 10:44:06 Run:1
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
*****************
"C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.
==== End of Fixlog ====
Beide nebeneinander laufen lassen? Windows Defender + Avast - - - Geändert von troJanina (24.07.2014 um 09:51 Uhr) Grund: Text hinzugefügt |
|
| Themen zu Verknüpfung zu Adobe CS3 fehlt plötzl. / vorh.Audiograbber download m. viel 'Anhang' -> Sytemwiederherstellung |
| adobe, anhang, audiograbber, download, installier, pup.optional.blockandsurf.a, pup.optional.freesofttoday.a, pup.optional.freesoftwaretoday.a, pup.optional.iepluginservices.a, pup.optional.searchprotect.a, pup.optional.sweetpage.a, pup.optional.trovi.a, pup.optional.wpm.a, sweet-page, sweet-page entfernen, sweetpage, sweetpage entfernen, systemwiederherstellung, sytemwiederherstellung, verschoben, win32/clientconnect.a, win32/downloadsponsor.a, win32/installmonetizer.aq, win64/thinknice.a, win64/thinknice.b |
Linear-Darstellung
