oups, sorry, dann jetzt erst mal ein FRST log vor dem Deinstallieren, und dann später über den WINDOWS EXPLORER noch ein FRST LOG nach dem Deinstallieren...
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Rainer-User (ATTENTION: The logged in user is not administrator) on RAINER-PC on 10-11-2013 23:10:38
Running from C:\Users\Rainer-User\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
() C:\Program Files\Microsoft Office\Office\WINWORD.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [421888 2007-04-16] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2008-11-21] (TOSHIBA)
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1011712 2009-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-04-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [468320 2009-03-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [503808 2009-03-31] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [729088 2009-03-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-03-24] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\TEco.exe [1323008 2009-04-24] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1283384 2009-04-01] (TOSHIBA Corporation)
HKLM\...\Run: [TPCHWMsg] - C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe [570736 2009-04-15] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [299008 2009-05-12] (TOSHIBA CORPORATION)
HKLM\...\Run: [cfFncEnabler.exe] - C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe [16384 2009-03-24] (Toshiba Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [96144 2009-03-04] (Toshiba Europe GmbH)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [OrderReminder] - C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [TOSHIBA Online Product Information] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [6158240 2009-03-16] (TOSHIBA)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [135680 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {254244ce-3d84-11e0-9e9d-00225fd03898} - F:\LaunchU3.exe -a
IMEO\bb2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\bounce-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\cfaddgadgets.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\cfmain.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\cfprofile.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\chuzzle-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\ci3-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dinerdash2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dora-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\farm-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\fate-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\golf-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\granny-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\jewelquest-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mahjong-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mysterypinewyork-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mytribe-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\ndstray.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\onplay.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\pcdiag.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\polar-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\slingo-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\smartfacevsetting.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\smoothview.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tempro.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tfcconf.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tfcrst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tintouch.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\todisc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\topi.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\toshddvd.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\toshibaregistration.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\toshibaservicestation.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tosramutil.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tossdfmt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tosssdalert.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tpchviewer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tradewinds-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\trordclauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\twebcamera.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\winbej2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\worldofgoo-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\zuma-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {86F2975F-2635-49CD-AA91-45DE49527C94} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={72680FDB-E8CB-437D-AEE8-9F9D0761B89D}&mid=34d71d940f5847d1b30bd16a1c122099-aca251ad60a79a90d151588985182fee0518d1c3&lang=de&ds=tt014&pr=sa&d=2011-12-19 22:25:18&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files\Browser Guard\browserguard.dll (Browser Guard)
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: haufereader - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default
FF user.js: detected! => C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @protectdisc.com/NPMPDRM - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin: @soft-xpansion/npsxpdf - C:\Program Files\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\searchplugins\metaCrawler.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: metacrawler.com - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\ffxtlbr@metacrawler.com
FF Extension: Ghostery - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\firefox@ghostery(273).com
FF Extension: MetaCrawler New Tab - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37}
FF Extension: WOT - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(9106)
FF Extension: No Name - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF Extension: DownloadHelper - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(6700)
FF Extension: firefox - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\firefox@ghostery.com.xpi
FF Extension: No Name - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKLM\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-07] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-07] (BonanzaDeals)
S4 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S4 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [242424 2009-02-11] (WildTangent, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 HRService; C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe [71024 2010-10-25] ()
R2 iphlpsvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-09-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [638976 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-09-24] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-06] (soft Xpansion)
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
S4 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [62776 2009-04-01] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-24] (TOSHIBA Corporation)
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation)
R2 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [656752 2009-04-15] (TOSHIBA Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1529656 2013-10-22] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-10] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-09-24] (McAfee, Inc.)
S3 FTD2XX; C:\Windows\System32\Drivers\FTD2XX.sys [29292 2004-10-15] (FTDI Ltd.)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2011-01-24] (FTDI Ltd.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133928 2013-09-24] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235488 2013-09-24] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-09-24] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365256 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [571608 2013-09-24] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [301248 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80656 2013-09-20] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213200 2013-09-24] (McAfee, Inc.)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [154272 2008-11-11] (Realtek Semiconductor Corp.)
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
S3 SAFAUSB; C:\Windows\System32\Drivers\VocTrace.sys [16035 2003-12-19] (Windows (R) 2000 DDK provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-12-12] (TuneUp Software)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-03-20] (TOSHIBA Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-10 23:10 - 2013-11-10 23:10 - 00000000 ____D C:\FRST
2013-11-10 23:09 - 2013-11-10 23:09 - 01090275 _____ (Farbar) C:\Users\Rainer-User\Downloads\FRST.exe
2013-11-09 00:07 - 2013-11-09 00:07 - 00000851 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-09 00:07 - 2013-11-09 00:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-08 23:34 - 2013-11-08 23:34 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-08 23:32 - 2013-11-08 23:31 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 23:32 - 2013-11-08 23:31 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 23:32 - 2013-11-08 23:31 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 23:32 - 2013-11-08 23:31 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-08 23:28 - 2013-11-08 23:28 - 00915368 _____ (Oracle Corporation) C:\Users\Rainer-User\Downloads\jre-7u45-windows-i586-iftw.exe
2013-11-08 23:22 - 2013-11-09 00:07 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-08 23:02 - 2013-11-08 23:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95(1).exe
2013-11-07 22:16 - 2013-11-10 22:21 - 00000914 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-11-07 22:16 - 2013-11-10 22:21 - 00000910 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-11-07 22:16 - 2013-11-10 22:16 - 00000296 _____ C:\Windows\Tasks\MetaCrawler.job
2013-11-07 22:16 - 2013-11-08 07:43 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-07 22:15 - 2013-11-10 22:16 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\metaCrawler
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-07 22:12 - 2013-11-07 22:12 - 00702696 _____ C:\Users\Rainer-User\Downloads\ZipExtractorSetup.exe
2013-11-05 20:08 - 2013-11-05 20:08 - 00001669 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-05 20:07 - 2013-11-05 20:08 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-05 20:07 - 2013-11-05 20:08 - 00000000 ____D C:\Program Files\iTunes
2013-11-05 20:07 - 2013-11-05 20:07 - 00000000 ____D C:\Program Files\iPod
2013-11-05 19:38 - 2013-10-22 15:37 - 00030008 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-11-05 19:38 - 2013-10-22 15:37 - 00022328 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-10-31 20:56 - 2013-11-08 23:43 - 00000000 ____D C:\Program Files\VS Revo Group
2013-10-31 20:55 - 2013-10-31 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95.exe
2013-10-31 13:55 - 2013-10-31 14:26 - 00000000 ____D C:\Users\Marie-Sophie\Documents\meine Textdokumente
2013-10-31 13:17 - 2013-10-31 13:17 - 00000054 ____H C:\Users\Marie-Sophie\Documents\~$chmal neu.xps
2013-10-31 11:51 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-10-30 20:55 - 2013-10-30 20:55 - 00001270 _____ C:\Users\Rainer-User\Downloads\DelFix.txt
2013-10-30 20:53 - 2013-10-30 20:54 - 00001270 _____ C:\DelFix.txt
2013-10-30 20:51 - 2013-10-30 20:51 - 00000246 _____ C:\Windows\system32\defogger_enable.log
2013-10-27 21:14 - 2013-10-27 21:14 - 01060070 _____ C:\Users\Rainer-User\Downloads\adwcleaner.exe
2013-10-27 20:24 - 2013-10-27 20:24 - 00000000 ____D C:\Users\Rainer-User\AppData\Local\AskPartnerNetwork
2013-10-17 15:42 - 2013-10-17 15:42 - 00000000 ____D C:\Users\Marie-Sophie\AppData\Roaming\Avira
2013-10-17 11:23 - 2013-10-17 11:23 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Avira
2013-10-16 23:00 - 2013-10-16 23:00 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Avira
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-10-16 22:53 - 2013-10-16 22:53 - 00001852 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-16 22:52 - 2013-10-16 22:53 - 00000000 ____D C:\ProgramData\Avira
2013-10-16 22:52 - 2013-10-16 22:52 - 00000000 ____D C:\Program Files\Avira
2013-10-16 22:52 - 2013-10-10 18:14 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-16 22:52 - 2013-10-10 18:14 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-16 22:52 - 2013-10-10 18:14 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-16 22:52 - 2013-10-10 18:14 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-10-16 22:48 - 2013-10-16 22:50 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de(1).exe.part
2013-10-16 22:42 - 2013-10-16 22:44 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de.exe
2013-10-15 22:57 - 2013-10-15 22:57 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Malwarebytes
2013-10-11 15:27 - 2013-09-23 13:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 15:27 - 2013-09-23 13:57 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 15:27 - 2013-09-23 13:57 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-11 15:27 - 2013-09-23 13:55 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-11 15:27 - 2013-09-23 13:53 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 06017024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-11 15:27 - 2013-09-23 13:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 15:27 - 2013-09-23 13:50 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-11 15:27 - 2013-09-23 13:49 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-10-11 15:27 - 2013-09-23 12:14 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-11 15:27 - 2013-09-23 10:29 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 15:27 - 2013-09-23 10:29 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-11 15:27 - 2013-09-23 10:27 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 15:27 - 2013-09-23 10:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-11 15:27 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 15:27 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-11 15:27 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-11 15:27 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-11 15:27 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-11 15:27 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-11 15:27 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-11 15:27 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-11 15:27 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-11 15:27 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-11 15:27 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 15:27 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-11 15:27 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 15:27 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 15:27 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 15:23 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 15:23 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 15:22 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 15:22 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 15:22 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 15:22 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-11 15:22 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-11 15:22 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-11 15:22 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-11 15:22 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-11 15:22 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
==================== One Month Modified Files and Folders =======
2013-11-10 23:10 - 2013-11-10 23:10 - 00000000 ____D C:\FRST
2013-11-10 23:09 - 2013-11-10 23:09 - 01090275 _____ (Farbar) C:\Users\Rainer-User\Downloads\FRST.exe
2013-11-10 23:03 - 2010-11-14 20:59 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Skype
2013-11-10 22:59 - 2011-09-26 22:43 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 22:38 - 2012-04-04 20:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 22:21 - 2013-11-07 22:16 - 00000914 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-11-10 22:21 - 2013-11-07 22:16 - 00000910 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-11-10 22:16 - 2013-11-07 22:16 - 00000296 _____ C:\Windows\Tasks\MetaCrawler.job
2013-11-10 22:16 - 2013-11-07 22:15 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job
2013-11-10 21:55 - 2013-02-20 07:55 - 00001756 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-11-10 21:51 - 2011-12-02 21:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-10 21:51 - 2011-09-26 22:43 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 21:49 - 2008-02-24 08:46 - 01300167 _____ C:\Windows\WindowsUpdate.log
2013-11-10 21:45 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 21:45 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 21:45 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 18:41 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-09 00:07 - 2013-11-09 00:07 - 00000851 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-09 00:07 - 2013-11-09 00:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-09 00:07 - 2013-11-08 23:22 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-08 23:51 - 2008-01-21 03:47 - 00765700 _____ C:\Windows\PFRO.log
2013-11-08 23:43 - 2013-10-31 20:56 - 00000000 ____D C:\Program Files\VS Revo Group
2013-11-08 23:34 - 2013-11-08 23:34 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-08 23:31 - 2013-11-08 23:32 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 23:31 - 2013-11-08 23:32 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 23:31 - 2013-11-08 23:32 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 23:31 - 2013-11-08 23:32 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-08 23:28 - 2013-11-08 23:28 - 00915368 _____ (Oracle Corporation) C:\Users\Rainer-User\Downloads\jre-7u45-windows-i586-iftw.exe
2013-11-08 23:02 - 2013-11-08 23:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95(1).exe
2013-11-08 07:43 - 2013-11-07 22:16 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\metaCrawler
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-07 22:12 - 2013-11-07 22:12 - 00702696 _____ C:\Users\Rainer-User\Downloads\ZipExtractorSetup.exe
2013-11-07 18:07 - 2011-11-24 16:13 - 00000000 ____D C:\Users\Marie-Sophie\AppData\Roaming\Skype
2013-11-05 20:08 - 2013-11-05 20:08 - 00001669 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-05 20:08 - 2013-11-05 20:07 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-05 20:08 - 2013-11-05 20:07 - 00000000 ____D C:\Program Files\iTunes
2013-11-05 20:07 - 2013-11-05 20:07 - 00000000 ____D C:\Program Files\iPod
2013-11-05 20:07 - 2011-08-09 22:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-05 20:01 - 2010-08-29 22:01 - 00000000 ____D C:\Users\Rainer
2013-11-05 19:37 - 2011-11-27 23:47 - 00000000 ____D C:\Program Files\TuneUp Utilities 2012
2013-11-01 08:53 - 2010-11-17 07:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Skype
2013-10-31 23:59 - 2008-01-21 08:16 - 01504852 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 20:55 - 2013-10-31 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95.exe
2013-10-31 14:26 - 2013-10-31 13:55 - 00000000 ____D C:\Users\Marie-Sophie\Documents\meine Textdokumente
2013-10-31 13:17 - 2013-10-31 13:17 - 00000054 ____H C:\Users\Marie-Sophie\Documents\~$chmal neu.xps
2013-10-31 11:46 - 2011-12-15 00:57 - 00000000 ____D C:\Program Files\Common Files\Mcafee
2013-10-30 20:55 - 2013-10-30 20:55 - 00001270 _____ C:\Users\Rainer-User\Downloads\DelFix.txt
2013-10-30 20:54 - 2013-10-30 20:53 - 00001270 _____ C:\DelFix.txt
2013-10-30 20:53 - 2013-10-07 22:38 - 00000000 ____D C:\Windows\ERUNT
2013-10-30 20:51 - 2013-10-30 20:51 - 00000246 _____ C:\Windows\system32\defogger_enable.log
2013-10-27 21:34 - 2013-10-07 22:17 - 00000000 ____D C:\AdwCleaner
2013-10-27 21:14 - 2013-10-27 21:14 - 01060070 _____ C:\Users\Rainer-User\Downloads\adwcleaner.exe
2013-10-27 20:43 - 2013-10-06 23:03 - 00023075 _____ C:\Users\Rainer-User\Downloads\Addition.txt
2013-10-27 20:24 - 2013-10-27 20:24 - 00000000 ____D C:\Users\Rainer-User\AppData\Local\AskPartnerNetwork
2013-10-27 16:49 - 2012-06-21 19:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-27 16:49 - 2012-01-16 22:41 - 00000000 ____D C:\Users\Rainer-User\Downloads\SnippingToolPlusv3-4-1-0
2013-10-27 16:49 - 2011-11-11 13:22 - 00000000 ____D C:\Users\Conny\Documents\Audible
2013-10-27 16:49 - 2011-11-10 23:49 - 00000000 ____D C:\Users\Rainer-User\Documents\Audible
2013-10-27 16:49 - 2010-09-18 15:07 - 00000000 ____D C:\Users\Felix
2013-10-27 16:49 - 2010-09-01 11:43 - 00000000 ____D C:\Users\Marie-Sophie
2013-10-27 16:49 - 2010-08-30 07:28 - 00000000 ____D C:\Users\Conny
2013-10-27 16:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2013-10-27 16:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-10-27 16:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2013-10-27 08:23 - 2012-07-02 16:14 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-10-27 08:22 - 2012-07-02 16:16 - 00000000 ____D C:\Users\Conny\Documents\Klett
2013-10-22 15:37 - 2013-11-05 19:38 - 00030008 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-10-22 15:37 - 2013-11-05 19:38 - 00022328 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-10-22 15:37 - 2011-12-19 22:25 - 00032568 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-10-20 22:21 - 2011-11-20 20:35 - 00000020 ____H C:\ProgramData\PKP_DLdu.DAT
2013-10-20 22:17 - 2011-11-20 20:37 - 00000020 ____H C:\ProgramData\PKP_DLdw.DAT
2013-10-17 15:42 - 2013-10-17 15:42 - 00000000 ____D C:\Users\Marie-Sophie\AppData\Roaming\Avira
2013-10-17 11:23 - 2013-10-17 11:23 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Avira
2013-10-16 23:00 - 2013-10-16 23:00 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Avira
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-10-16 22:53 - 2013-10-16 22:53 - 00001852 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-16 22:53 - 2013-10-16 22:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-16 22:52 - 2013-10-16 22:52 - 00000000 ____D C:\Program Files\Avira
2013-10-16 22:52 - 2011-12-15 00:50 - 00000000 ____D C:\ProgramData\McAfee
2013-10-16 22:50 - 2013-10-16 22:48 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de(1).exe.part
2013-10-16 22:44 - 2013-10-16 22:42 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de.exe
2013-10-16 20:38 - 2012-06-21 19:14 - 00001924 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-16 20:38 - 2012-06-21 19:14 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 23:01 - 2011-12-15 00:57 - 00000000 ____D C:\Program Files\McAfee
2013-10-15 22:57 - 2013-10-15 22:57 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Malwarebytes
2013-10-12 16:02 - 2010-11-14 20:59 - 00000000 ___RD C:\Program Files\Skype
2013-10-12 16:02 - 2010-11-14 20:59 - 00000000 ____D C:\ProgramData\Skype
2013-10-12 10:56 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-12 07:14 - 2006-11-02 13:47 - 00310152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-12 06:58 - 2013-08-07 11:11 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 06:53 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
Some content of TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\apptorun.exe
C:\Users\Conny\AppData\Local\Temp\avgnt.exe
C:\Users\Conny\AppData\Local\Temp\contentDATs.exe
C:\Users\Conny\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Conny\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Conny\AppData\Local\Temp\setup_pdd1.exe
C:\Users\Marie-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie-Sophie\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Marie-Sophie\AppData\Local\Temp\li51axaq.dll
C:\Users\Marie-Sophie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rainer-User\AppData\Local\Temp\apptorun.exe
C:\Users\Rainer-User\AppData\Local\Temp\avgnt.exe
C:\Users\Rainer-User\AppData\Local\Temp\contentDATs.exe
C:\Users\Rainer-User\AppData\Local\Temp\dxaink_e.dll
C:\Users\Rainer-User\AppData\Local\Temp\EADE2F0.exe
C:\Users\Rainer-User\AppData\Local\Temp\installerdll5318245.dll
C:\Users\Rainer-User\AppData\Local\Temp\Setup.exe
C:\Users\Rainer-User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rainer-User\AppData\Local\Temp\t04rjzbp.dll
C:\Users\Rainer-User\AppData\Local\Temp\TEMPRO_2.3.1.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
so, und jetzt noch das FRST LOG nach dem Deinstallieren, ich habe jetzt den WINDOWS EXPLORER offen...
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-11-2013 01
Ran by Rainer-User (ATTENTION: The logged in user is not administrator) on RAINER-PC on 10-11-2013 23:26:31
Running from C:\Users\Rainer-User\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Audible, Inc.) C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7289376 2009-03-30] (Realtek Semiconductor)
HKLM\...\Run: [HWSetup] - C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [421888 2007-04-16] (TOSHIBA Electronics, Inc.)
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2008-11-21] (TOSHIBA)
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1011712 2009-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-04-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe [468320 2009-03-06] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55160 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe [503808 2009-03-31] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [729088 2009-03-23] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe [163840 2009-03-24] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\TEco.exe [1323008 2009-04-24] (TOSHIBA Corporation)
HKLM\...\Run: [ToshibaServiceStation] - C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1283384 2009-04-01] (TOSHIBA Corporation)
HKLM\...\Run: [TPCHWMsg] - C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe [570736 2009-04-15] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [299008 2009-05-12] (TOSHIBA CORPORATION)
HKLM\...\Run: [cfFncEnabler.exe] - C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe [16384 2009-03-24] (Toshiba Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050072 2010-10-26] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [96144 2009-03-04] (Toshiba Europe GmbH)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\SkyTel.exe [1833504 2009-03-30] (Realtek Semiconductor Corp.)
HKLM\...\Run: [OrderReminder] - C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-01-30] (Hewlett-Packard)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [516912 2013-09-24] (McAfee, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [TOSHIBA Online Product Information] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe [6158240 2009-03-16] (TOSHIBA)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [135680 2008-07-03] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
MountPoints2: F - F:\LaunchU3.exe -a
MountPoints2: {254244ce-3d84-11e0-9e9d-00225fd03898} - F:\LaunchU3.exe -a
IMEO\bb2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\bounce-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\cfaddgadgets.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\cfmain.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\cfprofile.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\chuzzle-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\ci3-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dinerdash2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\dora-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\farm-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\fate-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\golf-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\granny-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\jewelquest-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mahjong-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mysterypinewyork-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\mytribe-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\ndstray.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\onplay.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\pcdiag.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\polar-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\slingo-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\smartfacevsetting.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\smoothview.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tempro.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tfcconf.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tfcrst.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tintouch.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\todisc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\topi.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\toshddvd.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\toshibaregistration.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\toshibaservicestation.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tosramutil.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tossdfmt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tosssdalert.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tpchviewer.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\tradewinds-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\trordclauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\twebcamera.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\winbej2-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\worldofgoo-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
IMEO\zuma-wt.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe"
Startup: C:\Users\Conny\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {86F2975F-2635-49CD-AA91-45DE49527C94} URL = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={72680FDB-E8CB-437D-AEE8-9F9D0761B89D}&mid=34d71d940f5847d1b30bd16a1c122099-aca251ad60a79a90d151588985182fee0518d1c3&lang=de&ds=tt014&pr=sa&d=2011-12-19 22:25:18&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files\Browser Guard\browserguard.dll (Browser Guard)
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: haufereader - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default
FF user.js: detected! => C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @mcafee.com/SAFFPlugin - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @protectdisc.com/NPMPDRM - C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin: @soft-xpansion/npsxpdf - C:\Program Files\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\searchplugins\metaCrawler.xml
FF Extension: metacrawler.com - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\ffxtlbr@metacrawler.com
FF Extension: Ghostery - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\firefox@ghostery(273).com
FF Extension: MetaCrawler New Tab - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{60364604-8b4c-42f4-a2ca-a76ca7b61b37}
FF Extension: WOT - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}(9106)
FF Extension: No Name - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF Extension: DownloadHelper - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(6700)
FF Extension: firefox - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\firefox@ghostery.com.xpi
FF Extension: No Name - C:\Users\Rainer-User\AppData\Roaming\Mozilla\Firefox\Profiles\pqwcenxs.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK
FF HKLM\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
S2 bonanzadealslive; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-07] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-11-07] (BonanzaDeals)
S4 camsvc; C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe [20544 2009-04-16] (TOSHIBA)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
S4 GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [242424 2009-02-11] (WildTangent, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 HRService; C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe [71024 2010-10-25] ()
R2 iphlpsvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [145088 2013-09-24] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [471592 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [638976 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [169320 2013-09-24] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [172416 2013-09-24] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [281560 2013-07-30] (McAfee, Inc.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-06] (soft Xpansion)
R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-10-26] (Toshiba Europe GmbH)
S4 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [62776 2009-04-01] (TOSHIBA Corporation)
R2 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [176128 2009-04-24] (TOSHIBA Corporation)
R2 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [73728 2009-03-17] (TOSHIBA Corporation)
R2 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [656752 2009-04-15] (TOSHIBA Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1529656 2013-10-22] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [330144 2007-07-27] (Protect Software GmbH)
R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [251680 2007-07-27] (Protect Software GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [89376 2013-10-10] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-10-05] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [60920 2013-09-24] (McAfee, Inc.)
S3 FTD2XX; C:\Windows\System32\Drivers\FTD2XX.sys [29292 2004-10-15] (FTDI Ltd.)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [60104 2011-01-24] (FTDI Ltd.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [25896 2008-05-07] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [133928 2013-09-24] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [235488 2013-09-24] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [65928 2013-09-24] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [365256 2013-09-24] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [571608 2013-09-24] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [301248 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80656 2013-09-20] (McAfee, Inc.)
R1 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213200 2013-09-24] (McAfee, Inc.)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [22272 2009-03-18] (TOSHIBA Corporation)
R3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [154272 2008-11-11] (Realtek Semiconductor Corp.)
R1 RtlProt; C:\Windows\System32\DRIVERS\rtlprot.sys [25896 2007-04-23] (Windows (R) Codename Longhorn DDK provider)
S3 SAFAUSB; C:\Windows\System32\Drivers\VocTrace.sys [16035 2003-12-19] (Windows (R) 2000 DDK provider)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2011-12-12] (TuneUp Software)
R2 TVALZFL; C:\Windows\System32\DRIVERS\TVALZFL.sys [12920 2009-03-20] (TOSHIBA Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-10 23:20 - 2013-11-10 23:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95(2).exe
2013-11-10 23:10 - 2013-11-10 23:10 - 00000000 ____D C:\FRST
2013-11-10 23:09 - 2013-11-10 23:09 - 01090275 _____ (Farbar) C:\Users\Rainer-User\Downloads\FRST.exe
2013-11-08 23:34 - 2013-11-08 23:34 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-08 23:32 - 2013-11-08 23:31 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 23:32 - 2013-11-08 23:31 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 23:32 - 2013-11-08 23:31 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 23:32 - 2013-11-08 23:31 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-08 23:28 - 2013-11-08 23:28 - 00915368 _____ (Oracle Corporation) C:\Users\Rainer-User\Downloads\jre-7u45-windows-i586-iftw.exe
2013-11-08 23:02 - 2013-11-08 23:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95(1).exe
2013-11-07 22:16 - 2013-11-10 23:21 - 00000914 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-11-07 22:16 - 2013-11-10 23:15 - 00000296 _____ C:\Windows\Tasks\MetaCrawler.job
2013-11-07 22:16 - 2013-11-10 22:21 - 00000910 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-11-07 22:16 - 2013-11-08 07:43 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-07 22:15 - 2013-11-10 23:15 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\metaCrawler
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-07 22:12 - 2013-11-07 22:12 - 00702696 _____ C:\Users\Rainer-User\Downloads\ZipExtractorSetup.exe
2013-11-05 20:08 - 2013-11-05 20:08 - 00001669 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-05 20:07 - 2013-11-05 20:08 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-05 20:07 - 2013-11-05 20:08 - 00000000 ____D C:\Program Files\iTunes
2013-11-05 20:07 - 2013-11-05 20:07 - 00000000 ____D C:\Program Files\iPod
2013-11-05 19:38 - 2013-10-22 15:37 - 00030008 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-11-05 19:38 - 2013-10-22 15:37 - 00022328 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-10-31 20:56 - 2013-11-10 23:21 - 00000000 ____D C:\Program Files\VS Revo Group
2013-10-31 20:55 - 2013-10-31 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95.exe
2013-10-31 13:55 - 2013-10-31 14:26 - 00000000 ____D C:\Users\Marie-Sophie\Documents\meine Textdokumente
2013-10-31 13:17 - 2013-10-31 13:17 - 00000054 ____H C:\Users\Marie-Sophie\Documents\~$chmal neu.xps
2013-10-31 11:51 - 2013-09-23 13:48 - 00147912 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-10-30 20:55 - 2013-10-30 20:55 - 00001270 _____ C:\Users\Rainer-User\Downloads\DelFix.txt
2013-10-30 20:53 - 2013-10-30 20:54 - 00001270 _____ C:\DelFix.txt
2013-10-30 20:51 - 2013-10-30 20:51 - 00000246 _____ C:\Windows\system32\defogger_enable.log
2013-10-27 21:14 - 2013-10-27 21:14 - 01060070 _____ C:\Users\Rainer-User\Downloads\adwcleaner.exe
2013-10-27 20:24 - 2013-10-27 20:24 - 00000000 ____D C:\Users\Rainer-User\AppData\Local\AskPartnerNetwork
2013-10-17 15:42 - 2013-10-17 15:42 - 00000000 ____D C:\Users\Marie-Sophie\AppData\Roaming\Avira
2013-10-17 11:23 - 2013-10-17 11:23 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Avira
2013-10-16 23:00 - 2013-10-16 23:00 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Avira
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-10-16 22:53 - 2013-10-16 22:53 - 00001852 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-16 22:52 - 2013-10-16 22:53 - 00000000 ____D C:\ProgramData\Avira
2013-10-16 22:52 - 2013-10-16 22:52 - 00000000 ____D C:\Program Files\Avira
2013-10-16 22:52 - 2013-10-10 18:14 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-16 22:52 - 2013-10-10 18:14 - 00089376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-16 22:52 - 2013-10-10 18:14 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-16 22:52 - 2013-10-10 18:14 - 00028520 _____ (Avira GmbH) C:\Windows\system32\Drivers\ssmdrv.sys
2013-10-16 22:48 - 2013-10-16 22:50 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de(1).exe.part
2013-10-16 22:42 - 2013-10-16 22:44 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de.exe
2013-10-15 22:57 - 2013-10-15 22:57 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Malwarebytes
2013-10-11 15:27 - 2013-09-23 13:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-11 15:27 - 2013-09-23 13:57 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-11 15:27 - 2013-09-23 13:57 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-11 15:27 - 2013-09-23 13:55 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-11 15:27 - 2013-09-23 13:53 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 06017024 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-11 15:27 - 2013-09-23 13:52 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 11111936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-11 15:27 - 2013-09-23 13:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-11 15:27 - 2013-09-23 13:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-11 15:27 - 2013-09-23 13:50 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-11 15:27 - 2013-09-23 13:49 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2013-10-11 15:27 - 2013-09-23 12:14 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-11 15:27 - 2013-09-23 10:29 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-11 15:27 - 2013-09-23 10:29 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-11 15:27 - 2013-09-23 10:27 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-11 15:27 - 2013-09-23 10:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-11 15:27 - 2013-08-29 08:36 - 02050048 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-11 15:27 - 2013-08-27 03:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-10-11 15:27 - 2013-08-27 03:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-11 15:27 - 2013-08-27 03:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-10-11 15:27 - 2013-08-27 03:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-11 15:27 - 2013-08-27 02:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-11 15:27 - 2013-08-27 02:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-11 15:27 - 2013-08-27 02:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-11 15:27 - 2013-08-27 02:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-11 15:27 - 2013-08-27 02:28 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-11 15:27 - 2013-08-01 04:16 - 00638400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-11 15:27 - 2013-08-01 03:49 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-11 15:27 - 2013-07-20 11:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-11 15:27 - 2013-07-04 05:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-11 15:27 - 2013-06-27 00:01 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-11 15:23 - 2013-06-04 05:16 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-11 15:23 - 2013-06-04 02:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-11 15:22 - 2013-07-12 10:04 - 00134272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-10-11 15:22 - 2013-07-03 03:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-10-11 15:22 - 2013-07-03 03:10 - 00025472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-11 15:22 - 2013-06-29 03:07 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-11 15:22 - 2013-06-29 03:07 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-11 15:22 - 2013-06-29 03:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-11 15:22 - 2013-06-29 03:06 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-11 15:22 - 2011-05-05 14:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-11 15:22 - 2011-05-05 14:54 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
==================== One Month Modified Files and Folders =======
2013-11-10 23:21 - 2013-11-07 22:16 - 00000914 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-11-10 23:21 - 2013-10-31 20:56 - 00000000 ____D C:\Program Files\VS Revo Group
2013-11-10 23:20 - 2013-11-10 23:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95(2).exe
2013-11-10 23:15 - 2013-11-07 22:16 - 00000296 _____ C:\Windows\Tasks\MetaCrawler.job
2013-11-10 23:15 - 2013-11-07 22:15 - 00000296 _____ C:\Windows\Tasks\DigitalSite.job
2013-11-10 23:13 - 2013-10-06 23:03 - 00021710 _____ C:\Users\Rainer-User\Downloads\Addition.txt
2013-11-10 23:10 - 2013-11-10 23:10 - 00000000 ____D C:\FRST
2013-11-10 23:09 - 2013-11-10 23:09 - 01090275 _____ (Farbar) C:\Users\Rainer-User\Downloads\FRST.exe
2013-11-10 23:03 - 2010-11-14 20:59 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Skype
2013-11-10 22:59 - 2011-09-26 22:43 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-10 22:38 - 2012-04-04 20:24 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-10 22:21 - 2013-11-07 22:16 - 00000910 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-11-10 21:55 - 2013-02-20 07:55 - 00001756 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-11-10 21:51 - 2011-12-02 21:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-11-10 21:51 - 2011-09-26 22:43 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-10 21:49 - 2008-02-24 08:46 - 01300167 _____ C:\Windows\WindowsUpdate.log
2013-11-10 21:45 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-10 21:45 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-10 21:45 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-10 18:41 - 2006-11-02 14:01 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-08 23:51 - 2008-01-21 03:47 - 00765700 _____ C:\Windows\PFRO.log
2013-11-08 23:34 - 2013-11-08 23:34 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\ProgramData\Oracle
2013-11-08 23:32 - 2013-11-08 23:32 - 00000000 ____D C:\Program Files\Common Files\Java
2013-11-08 23:31 - 2013-11-08 23:32 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-11-08 23:31 - 2013-11-08 23:32 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-11-08 23:31 - 2013-11-08 23:32 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-11-08 23:31 - 2013-11-08 23:32 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-11-08 23:28 - 2013-11-08 23:28 - 00915368 _____ (Oracle Corporation) C:\Users\Rainer-User\Downloads\jre-7u45-windows-i586-iftw.exe
2013-11-08 23:02 - 2013-11-08 23:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95(1).exe
2013-11-08 07:43 - 2013-11-07 22:16 - 00000000 ____D C:\Program Files\MyPC Backup
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\metaCrawler
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDealsLive
2013-11-07 22:15 - 2013-11-07 22:15 - 00000000 ____D C:\Program Files\BonanzaDeals
2013-11-07 22:12 - 2013-11-07 22:12 - 00702696 _____ C:\Users\Rainer-User\Downloads\ZipExtractorSetup.exe
2013-11-07 18:07 - 2011-11-24 16:13 - 00000000 ____D C:\Users\Marie-Sophie\AppData\Roaming\Skype
2013-11-05 20:08 - 2013-11-05 20:08 - 00001669 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-05 20:08 - 2013-11-05 20:07 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-11-05 20:08 - 2013-11-05 20:07 - 00000000 ____D C:\Program Files\iTunes
2013-11-05 20:07 - 2013-11-05 20:07 - 00000000 ____D C:\Program Files\iPod
2013-11-05 20:07 - 2011-08-09 22:12 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-11-05 20:01 - 2010-08-29 22:01 - 00000000 ____D C:\Users\Rainer
2013-11-05 19:37 - 2011-11-27 23:47 - 00000000 ____D C:\Program Files\TuneUp Utilities 2012
2013-11-01 08:53 - 2010-11-17 07:51 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Skype
2013-10-31 23:59 - 2008-01-21 08:16 - 01504852 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-31 20:55 - 2013-10-31 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Rainer-User\Downloads\revosetup95.exe
2013-10-31 14:26 - 2013-10-31 13:55 - 00000000 ____D C:\Users\Marie-Sophie\Documents\meine Textdokumente
2013-10-31 13:17 - 2013-10-31 13:17 - 00000054 ____H C:\Users\Marie-Sophie\Documents\~$chmal neu.xps
2013-10-31 11:46 - 2011-12-15 00:57 - 00000000 ____D C:\Program Files\Common Files\Mcafee
2013-10-30 20:55 - 2013-10-30 20:55 - 00001270 _____ C:\Users\Rainer-User\Downloads\DelFix.txt
2013-10-30 20:54 - 2013-10-30 20:53 - 00001270 _____ C:\DelFix.txt
2013-10-30 20:53 - 2013-10-07 22:38 - 00000000 ____D C:\Windows\ERUNT
2013-10-30 20:51 - 2013-10-30 20:51 - 00000246 _____ C:\Windows\system32\defogger_enable.log
2013-10-27 21:34 - 2013-10-07 22:17 - 00000000 ____D C:\AdwCleaner
2013-10-27 21:14 - 2013-10-27 21:14 - 01060070 _____ C:\Users\Rainer-User\Downloads\adwcleaner.exe
2013-10-27 20:24 - 2013-10-27 20:24 - 00000000 ____D C:\Users\Rainer-User\AppData\Local\AskPartnerNetwork
2013-10-27 16:49 - 2012-06-21 19:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-27 16:49 - 2012-01-16 22:41 - 00000000 ____D C:\Users\Rainer-User\Downloads\SnippingToolPlusv3-4-1-0
2013-10-27 16:49 - 2011-11-11 13:22 - 00000000 ____D C:\Users\Conny\Documents\Audible
2013-10-27 16:49 - 2011-11-10 23:49 - 00000000 ____D C:\Users\Rainer-User\Documents\Audible
2013-10-27 16:49 - 2010-09-18 15:07 - 00000000 ____D C:\Users\Felix
2013-10-27 16:49 - 2010-09-01 11:43 - 00000000 ____D C:\Users\Marie-Sophie
2013-10-27 16:49 - 2010-08-30 07:28 - 00000000 ____D C:\Users\Conny
2013-10-27 16:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2013-10-27 16:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\Msdtc
2013-10-27 16:49 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2013-10-27 08:23 - 2012-07-02 16:14 - 00000000 ____D C:\Program Files\Common Files\Adobe AIR
2013-10-27 08:22 - 2012-07-02 16:16 - 00000000 ____D C:\Users\Conny\Documents\Klett
2013-10-22 15:37 - 2013-11-05 19:38 - 00030008 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2013-10-22 15:37 - 2013-11-05 19:38 - 00022328 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-10-22 15:37 - 2011-12-19 22:25 - 00032568 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-10-20 22:21 - 2011-11-20 20:35 - 00000020 ____H C:\ProgramData\PKP_DLdu.DAT
2013-10-20 22:17 - 2011-11-20 20:37 - 00000020 ____H C:\ProgramData\PKP_DLdw.DAT
2013-10-17 15:42 - 2013-10-17 15:42 - 00000000 ____D C:\Users\Marie-Sophie\AppData\Roaming\Avira
2013-10-17 11:23 - 2013-10-17 11:23 - 00000000 ____D C:\Users\Conny\AppData\Roaming\Avira
2013-10-16 23:00 - 2013-10-16 23:00 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Avira
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-10-16 22:56 - 2013-10-16 22:56 - 00000000 ____D C:\Program Files\AskPartnerNetwork
2013-10-16 22:53 - 2013-10-16 22:53 - 00001852 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-16 22:53 - 2013-10-16 22:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-16 22:52 - 2013-10-16 22:52 - 00000000 ____D C:\Program Files\Avira
2013-10-16 22:52 - 2011-12-15 00:50 - 00000000 ____D C:\ProgramData\McAfee
2013-10-16 22:50 - 2013-10-16 22:48 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de(1).exe.part
2013-10-16 22:44 - 2013-10-16 22:42 - 123853152 _____ C:\Users\Rainer-User\Downloads\avira_free_antivirus_de.exe
2013-10-16 20:38 - 2012-06-21 19:14 - 00001924 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-16 20:38 - 2012-06-21 19:14 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-15 23:01 - 2011-12-15 00:57 - 00000000 ____D C:\Program Files\McAfee
2013-10-15 22:57 - 2013-10-15 22:57 - 00000000 ____D C:\Users\Rainer-User\AppData\Roaming\Malwarebytes
2013-10-12 16:02 - 2010-11-14 20:59 - 00000000 ___RD C:\Program Files\Skype
2013-10-12 16:02 - 2010-11-14 20:59 - 00000000 ____D C:\ProgramData\Skype
2013-10-12 10:56 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-12 07:14 - 2006-11-02 13:47 - 00310152 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-12 06:58 - 2013-08-07 11:11 - 00000000 ____D C:\Windows\system32\MRT
2013-10-12 06:53 - 2006-11-02 11:24 - 78106760 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
Files to move or delete:
====================
C:\ProgramData\PKP_DLdu.DAT
C:\ProgramData\PKP_DLdw.DAT
Some content of TEMP:
====================
C:\Users\Conny\AppData\Local\Temp\apptorun.exe
C:\Users\Conny\AppData\Local\Temp\avgnt.exe
C:\Users\Conny\AppData\Local\Temp\contentDATs.exe
C:\Users\Conny\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Conny\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Conny\AppData\Local\Temp\setup_pdd1.exe
C:\Users\Marie-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie-Sophie\AppData\Local\Temp\LEGOLOTR.exe
C:\Users\Marie-Sophie\AppData\Local\Temp\li51axaq.dll
C:\Users\Marie-Sophie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rainer-User\AppData\Local\Temp\apptorun.exe
C:\Users\Rainer-User\AppData\Local\Temp\avgnt.exe
C:\Users\Rainer-User\AppData\Local\Temp\contentDATs.exe
C:\Users\Rainer-User\AppData\Local\Temp\dxaink_e.dll
C:\Users\Rainer-User\AppData\Local\Temp\EADE2F0.exe
C:\Users\Rainer-User\AppData\Local\Temp\installerdll5318245.dll
C:\Users\Rainer-User\AppData\Local\Temp\Setup.exe
C:\Users\Rainer-User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Rainer-User\AppData\Local\Temp\t04rjzbp.dll
C:\Users\Rainer-User\AppData\Local\Temp\TEMPRO_2.3.1.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
jetzt bin ich gespannt, was Du jetzt rausfindest...
Viele Grüße, Rainer |
