|
australian brewingcompany - wie entfernen ? beim Scannen mit gmer gab es einen Blue Screen und das System hat neu gestartet. Fehlermeldung Problemsignatur: Problemereignisname: BlueScreen Betriebsystemversion: 6.1.7601.2.1.0.768.3 Gebietsschema-ID: 1031 Zusatzinformationen zum Problem: BCCode: 1000007e BCP1: FFFFFFFF80000004 BCP2: FFFFF8000304BCE8 BCP3: FFFFF880009A9998 BCP4: FFFFF880009A91F0 OS Version: 6_1_7601 Service Pack: 1_0 Product: 768_1 Dateien, die bei der Beschreibung des Problems hilfreich sind: C:\Windows\Minidump\112613-23680-01.dmp C:\Users\Manuela\AppData\Local\Temp\WER-48531-0.sysdata.xml Lesen Sie unsere Datenschutzbestimmungen online: hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407 Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline: C:\Windows\system32\de-DE\erofflps.txt und hier FRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-11-2013 01 Ran by Manuela (administrator) on MANUELA-PC on 26-11-2013 20:40:59 Running from C:\Users\Manuela\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Users\Manuela\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Opera Software) C:\Program Files (x86)\Opera\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2074408 2013-11-14] (Synaptics Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU\...\Run: [Facebook Update] - C:\Users\Manuela\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-12] (Facebook Inc.) HKCU\...\Run: [BackgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Manuela\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION MountPoints2: E - E:\setup.EXE /AUTORUN HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) AppInit_DLLs-x32: C:\PROGRA~2\CLONED~1\DVDGHO~1\DVDGHO~1.DLL [ ] () IFEO\broadcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\chrome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\firefox.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=46364&st=chrome&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_a76337893a2f4851814856562526a95a_39_1006_20131022_DE_ie_sp_ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=46364&st=home&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&st=chrome&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q= HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=46364&st=chrome&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=46364&st=chrome&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.certified-toolbar.com?si=46364&st=home&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=46364&st=chrome&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=46364&st=home&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=46364&st=chrome&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q= URLSearchHook: HKLM-x32 - RadioTotal Toolbar - {2ee84ac6-8dd6-4a14-bd37-b79c8f9ecf4d} - C:\Program Files (x86)\RadioTotal\prxtbRad1.dll (Conduit Ltd.) URLSearchHook: HKCU - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File URLSearchHook: HKCU - (No Name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No File URLSearchHook: HKCU - RadioTotal Toolbar - {2ee84ac6-8dd6-4a14-bd37-b79c8f9ecf4d} - C:\Program Files (x86)\RadioTotal\prxtbRad1.dll (Conduit Ltd.) SearchScopes: HKLM-x32 - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q={searchTerms} SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=4.3&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q={searchTerms} SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=46364&st=bs&tid=3869&ver=3.7&ts=1375381764796&tguid=46364-3869-1375381764796-80D724F669970CF6F0AE2790535595D7&q={searchTerms} SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=cpd&s={searchTerms}&f=4 SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=12A58E9FFA1ABE53&affID=119357&tt=040713_rdrctful&tsp=4933 SearchScopes: HKCU - {13447CB8-C6D7-498A-B940-086E1598330B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317483&CUI=UN86551777817471510&UM=2 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = SearchScopes: HKCU - {CEEC11D0-41B5-4098-AF69-8CF1D2E8372A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=c64d9547-6b02-4b2c-97ff-5feae50b14d6&apn_sauid=A4F76F5E-A4DA-405C-B931-0B81EE832C94 SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File BHO-x32: Plus-HD-2.4 - {11111111-1111-1111-1111-110311341134} - C:\Program Files (x86)\Plus-HD-2.4\Plus-HD-2.4-bho.dll (Plus HD) BHO-x32: RadioTotal Toolbar - {2ee84ac6-8dd6-4a14-bd37-b79c8f9ecf4d} - C:\Program Files (x86)\RadioTotal\prxtbRad1.dll (Conduit Ltd.) BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: StumbleUpon - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Manuela\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.) BHO-x32: WinSecurity - {f42e9111-a9a5-4482-ad2e-1ef9da85b0bf} - C:\Program Files (x86)\WinSecurity\winsecurity.dll (WinSecurity) BHO-x32: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No File Toolbar: HKLM-x32 - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) Toolbar: HKLM-x32 - RadioTotal Toolbar - {2ee84ac6-8dd6-4a14-bd37-b79c8f9ecf4d} - C:\Program Files (x86)\RadioTotal\prxtbRad1.dll (Conduit Ltd.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} - No File Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {2EE84AC6-8DD6-4A14-BD37-B79C8F9ECF4D} - No File Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default FF user.js: detected! => C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default\user.js FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_a76337893a2f4851814856562526a95a_39_1006_20131022_DE_ff_sp_ FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3317483&SearchSource=2&CUI=UN17336173016023235&UM=2&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Manuela\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml FF Extension: Amazon Browser Bar - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default\Extensions\abb@amazon.com FF Extension: Plus-HD-2.4 - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default\Extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default\Extensions\ich@maltegoetz.de FF Extension: No Name - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default\Extensions\staged FF Extension: RadioTotal - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\Profiles\xmodr5w8.default\Extensions\{2ee84ac6-8dd6-4a14-bd37-b79c8f9ecf4d} FF Extension: No Name - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions FF Extension: No Name - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins FF Extension: ftdownloader - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\profiles\extensions\ftdownloader@ftdownloader.com.xpi FF Extension: No Name - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.js FF Extension: No Name - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js FF Extension: No Name - C:\Users\Manuela\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js.orig FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [{ee8cd9f6-dae3-4889-816b-99fe80dae284}] - C:\Program Files (x86)\WinSecurity\winsecurity.xpi FF Extension: No Name - C:\Program Files (x86)\WinSecurity\winsecurity.xpi FF HKCU\...\Firefox\Extensions: [{d94342cc-b2eb-4bb9-8ef0-782a1bd67c83}] - C:\Program Files (x86)\LyricsDroid\133.xpi FF Extension: No Name - C:\Program Files (x86)\LyricsDroid\133.xpi FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi FF Extension: priam_prefs - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi Chrome: ======= CHR HomePage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_a76337893a2f4851814856562526a95a_39_1006_20131022_DE_cr_sp_ CHR RestoreOnStartup: "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_a76337893a2f4851814856562526a95a_39_1006_20131022_DE_cr_sp_" CHR Extension: (New Tab for Chrome) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg\1.0.0.0_0 CHR Extension: () - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html CHR Extension: (Bargain Workbench) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebcpofjimbbchggpnfcaiieolloeodp\1.4.1.0_0 CHR Extension: (Plus-HD-2.4) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.29_0 CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0 CHR Extension: (Chrome In-App Payments service) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Fast Discountz) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldchfemoapgakfjnmbngnljnkoapbhd\3.6.1.0_0 CHR Extension: (LyricsDroid) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmmlhjmcpkhnmfcbelohhaifhilieje\1.133_0 CHR Extension: (StumbleUpon) - C:\Users\Manuela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg\3.97.1_0 CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx CHR HKLM\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\Manuela\AppData\Local\BargainWorkbench.crx CHR HKLM\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\Manuela\AppData\Local\FastDiscountz.crx CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx CHR HKLM-x32\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\Manuela\AppData\Local\BargainWorkbench.crx CHR HKLM-x32\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx CHR HKLM-x32\...\Chrome\Extension: [ingolnlcamoheiiladeoecpgdbjjmlaf] - C:\Program Files (x86)\WinSecurity\winsecurity.crx CHR HKLM-x32\...\Chrome\Extension: [ioighjflakajniehlakelhkdfljfemcd] - C:\Users\Manuela\AppData\Local\CRE\ioighjflakajniehlakelhkdfljfemcd.crx CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Manuela\AppData\Local\Wajam\Chrome\wajam.crx CHR HKLM-x32\...\Chrome\Extension: [khialnikbocfgkohdegnebhmmaifoglp] - C:\Program Files (x86)\Lyrics_Monkey\125.crx CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Manuela\AppData\Local\Torch\Plugins\TorchPlugin.crx CHR HKLM-x32\...\Chrome\Extension: [oldchfemoapgakfjnmbngnljnkoapbhd] - C:\Users\Manuela\AppData\Local\FastDiscountz.crx CHR HKLM-x32\...\Chrome\Extension: [olmmlhjmcpkhnmfcbelohhaifhilieje] - C:\Program Files (x86)\LyricsDroid\133.crx CHR HKLM-x32\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\Manuela\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG) S4 BroadCamService; C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe [2469380 2011-12-27] (NCH Software) S4 IBUpdaterService; C:\Windows\system32\dmwu.exe [1455408 2013-04-07] () S2 ICM_UpdaterService; C:\Program Files (x86)\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [204883 2011-03-18] () R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] () R2 StumbleUponUpdater; C:\Users\Manuela\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] () S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-04-30] () R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2099512 2013-10-30] (TuneUp Software) R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] () R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-20] (Wajam) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-25] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation) S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-12-20] (Windows (R) 2003 DDK 3790 provider) S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-07-07] (Duplex Secure Ltd.) S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [411648 2011-01-21] (10Moons Technologies Co.,Ltd) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software) R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-26 10:12 - 2013-11-26 10:12 - 00377856 _____ C:\Users\Manuela\Desktop\gmer_2.1.19163.exe 2013-11-26 10:05 - 2013-11-26 10:06 - 00032119 _____ C:\Users\Manuela\Desktop\Addition.txt 2013-11-26 10:04 - 2013-11-26 20:40 - 00024322 _____ C:\Users\Manuela\Desktop\FRST.txt 2013-11-26 10:04 - 2013-11-26 10:04 - 00000000 ____D C:\FRST 2013-11-26 10:03 - 2013-11-26 10:03 - 01958474 _____ (Farbar) C:\Users\Manuela\Desktop\FRST64.exe 2013-11-26 09:55 - 2013-11-26 09:55 - 00000586 _____ C:\Windows\SysWOW64\defogger_disable.log 2013-11-26 09:55 - 2013-11-26 09:55 - 00000020 _____ C:\Users\Manuela\defogger_reenable 2013-11-24 20:10 - 2013-11-24 20:10 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-24 20:06 - 2013-11-24 20:06 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam 2013-11-24 20:06 - 2013-11-24 20:06 - 00000000 ____D C:\Users\Manuela\AppData\Local\Wajam 2013-11-24 20:06 - 2013-11-24 20:06 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-11-17 13:23 - 2013-11-17 13:23 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2013-11-17 13:20 - 2013-11-17 13:20 - 00000000 ____D C:\Users\Manuela\AppData\Local\Avg2014 2013-11-15 18:08 - 2013-10-30 10:45 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll 2013-11-15 18:08 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll 2013-11-15 18:08 - 2013-10-30 10:45 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2013-11-15 18:08 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2013-11-15 18:05 - 2013-11-15 18:05 - 00002169 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2013-11-15 18:05 - 2013-11-15 18:05 - 00002149 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2013-11-15 18:05 - 2013-10-30 10:45 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2013-11-15 18:04 - 2013-11-15 20:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014 2013-11-15 18:03 - 2013-11-15 18:16 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-15 17:53 - 2013-11-26 19:18 - 00003382 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task 2013-11-14 21:50 - 2013-11-14 21:50 - 00000082 _____ C:\Windows\SETUP.LOG 2013-11-14 21:50 - 2013-11-14 21:50 - 00000000 ____D C:\Program Files\Synaptics 2013-11-14 21:49 - 2013-11-14 21:50 - 00005486 _____ C:\Windows\DPINST.LOG 2013-11-14 21:49 - 2013-11-14 21:49 - 00000000 ____D C:\Program Files (x86)\Atheros Client Installation Program 2013-11-14 21:48 - 2013-11-14 21:49 - 00000191 _____ C:\Windows\SamsungInstaller.log 2013-11-14 21:48 - 2013-11-14 21:48 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2013-11-14 21:48 - 2013-11-14 21:47 - 03669504 _____ (Askey Computer Corporation.) C:\Windows\SysWOW64\AInst3141x.exe 2013-11-14 21:48 - 2013-11-14 21:47 - 00001202 _____ C:\Windows\SysWOW64\WLL3141.cfgx 2013-11-14 21:47 - 2013-11-14 21:47 - 01573888 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys 2013-11-14 21:47 - 2013-11-14 21:47 - 00396584 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00316464 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2013-11-14 21:47 - 2013-11-14 21:47 - 00264488 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00214312 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00210216 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00173352 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00147752 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo4.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00107816 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll 2013-11-14 20:35 - 2013-11-15 17:33 - 00000000 ____D C:\Windows\pss 2013-11-13 23:12 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-13 23:12 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-13 23:12 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-13 23:12 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-13 23:12 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-13 23:12 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-13 23:12 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-13 23:12 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-13 23:12 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-13 23:11 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-13 23:11 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-13 23:11 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-13 23:11 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-13 23:11 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-13 23:11 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-13 23:11 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-13 23:11 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-13 23:11 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-13 19:39 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 19:39 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 19:39 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 19:39 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 19:39 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 19:39 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 19:39 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 19:39 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 19:39 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 19:39 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 19:39 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 19:39 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 19:39 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 19:39 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-13 19:38 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 19:38 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 19:38 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 19:38 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 19:38 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 19:38 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 19:38 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 19:38 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 19:38 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 19:38 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 19:38 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 19:38 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 19:38 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 19:38 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 19:38 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 19:38 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-12 22:46 - 2013-11-12 22:46 - 00000000 ____D C:\Program Files (x86)\WinSecurity 2013-11-12 22:44 - 2013-11-12 22:44 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Windows Net Data 2013-11-12 22:42 - 2013-11-15 17:53 - 00000000 ____D C:\Users\Manuela\AppData\Local\Conduit 2013-11-12 22:42 - 2013-11-15 17:53 - 00000000 ____D C:\Program Files (x86)\RadioTotal 2013-11-12 22:42 - 2013-11-14 21:35 - 00000000 ____D C:\ProgramData\Conduit 2013-11-12 22:41 - 2013-11-14 21:36 - 00000000 ____D C:\Program Files (x86)\Conduit 2013-11-12 22:41 - 2013-11-12 22:41 - 00000000 ____D C:\Users\Manuela\AppData\Local\NativeMessaging 2013-11-12 22:41 - 2013-11-12 22:41 - 00000000 ____D C:\Users\Manuela\AppData\Local\CRE 2013-11-07 19:26 - 2013-11-07 19:26 - 00124416 ___SH C:\Users\Manuela\Downloads\Thumbs.db 2013-11-07 17:57 - 2013-11-07 17:57 - 00000000 ____D C:\Users\Manuela\AppData\Local\Software_Updater 2013-11-06 20:31 - 2013-11-06 20:31 - 00001932 _____ C:\Users\Manuela\Desktop\DVD Decrypter.lnk 2013-11-06 20:31 - 2013-11-06 20:31 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter 2013-11-06 20:31 - 2013-11-06 20:31 - 00000000 ____D C:\Program Files (x86)\DVD Decrypter 2013-11-06 20:28 - 2013-11-06 20:28 - 03882128 _____ C:\Users\Manuela\Downloads\installer_dvd_decrypter_3_5_4_0_Deutsch.exe 2013-11-06 20:22 - 2013-11-06 20:22 - 00000000 ____D C:\Users\Manuela\Documents\Any Video Converter 2013-10-31 23:04 - 2013-11-26 19:18 - 00002790 _____ C:\Windows\setupact.log 2013-10-31 23:04 - 2013-11-25 17:40 - 00532256 _____ C:\Windows\PFRO.log 2013-10-31 23:04 - 2013-10-31 23:04 - 00000000 _____ C:\Windows\setuperr.log 2013-10-27 20:17 - 2013-11-10 18:05 - 00001106 _____ C:\Windows\DVDXRestrictionFree.ini 2013-10-27 20:17 - 2013-10-27 20:17 - 00000014 _____ C:\Windows\SysWOW64\SysEngine2.SYS 2013-10-27 20:17 - 2013-10-27 20:17 - 00000000 ____D C:\Program Files (x86)\CloneDVD Studio ==================== One Month Modified Files and Folders ======= 2013-11-26 20:42 - 2013-11-26 10:04 - 00024322 _____ C:\Users\Manuela\Desktop\FRST.txt 2013-11-26 20:18 - 2013-06-06 17:18 - 00000294 _____ C:\Windows\Tasks\DSite.job 2013-11-26 20:04 - 2012-06-13 18:26 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-11-26 19:31 - 2010-06-14 11:51 - 01220751 _____ C:\Windows\WindowsUpdate.log 2013-11-26 19:26 - 2009-07-14 05:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-26 19:26 - 2009-07-14 05:45 - 00014144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-26 19:22 - 2012-12-12 19:08 - 00004184 _____ C:\Windows\System32\Tasks\Software Updater Ui 2013-11-26 19:22 - 2012-12-11 18:29 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater 2013-11-26 19:18 - 2013-11-15 17:53 - 00003382 _____ C:\Windows\System32\Tasks\BackgroundContainer Startup Task 2013-11-26 19:18 - 2013-10-31 23:04 - 00002790 _____ C:\Windows\setupact.log 2013-11-26 19:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-26 10:12 - 2013-11-26 10:12 - 00377856 _____ C:\Users\Manuela\Desktop\gmer_2.1.19163.exe 2013-11-26 10:06 - 2013-11-26 10:05 - 00032119 _____ C:\Users\Manuela\Desktop\Addition.txt 2013-11-26 10:04 - 2013-11-26 10:04 - 00000000 ____D C:\FRST 2013-11-26 10:03 - 2013-11-26 10:03 - 01958474 _____ (Farbar) C:\Users\Manuela\Desktop\FRST64.exe 2013-11-26 10:01 - 2012-02-05 09:51 - 00001146 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-868785299-726797094-2297327714-1001UA.job 2013-11-26 09:55 - 2013-11-26 09:55 - 00000586 _____ C:\Windows\SysWOW64\defogger_disable.log 2013-11-26 09:55 - 2013-11-26 09:55 - 00000020 _____ C:\Users\Manuela\defogger_reenable 2013-11-26 09:55 - 2011-01-15 10:03 - 00000000 ____D C:\Users\Manuela 2013-11-26 08:19 - 2013-07-27 16:42 - 00000111 _____ C:\Users\Manuela\AppData\Roaming\WB.CFG 2013-11-26 08:19 - 2013-06-17 13:33 - 00000006 _____ C:\Users\Manuela\AppData\Roaming\WBPU-TTL.DAT 2013-11-25 19:04 - 2011-01-15 10:48 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Adobe 2013-11-25 17:41 - 2011-01-15 10:11 - 00099984 _____ C:\Users\Manuela\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-25 17:41 - 2010-06-14 12:04 - 00000000 ____D C:\ProgramData\McAfee 2013-11-25 17:41 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files 2013-11-25 17:40 - 2013-10-31 23:04 - 00532256 _____ C:\Windows\PFRO.log 2013-11-25 17:40 - 2011-03-19 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-25 17:40 - 2009-07-14 05:45 - 00408320 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-25 15:03 - 2013-05-07 15:02 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-11-25 15:03 - 2013-04-04 15:29 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-25 15:03 - 2013-04-04 15:29 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-11-24 22:01 - 2012-02-05 09:51 - 00001124 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-868785299-726797094-2297327714-1001Core.job 2013-11-24 20:39 - 2011-04-26 10:10 - 00000000 ____D C:\Windows\System32\Tasks\NCH Software 2013-11-24 20:36 - 2011-04-26 10:10 - 00000000 ____D C:\Program Files (x86)\NCH Software 2013-11-24 20:34 - 2012-07-14 15:16 - 00000000 ____D C:\Users\Public\Documents\Pinnacle 2013-11-24 20:29 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2013-11-24 20:12 - 2012-12-17 21:18 - 00003084 _____ C:\Windows\System32\Tasks\Go for FilesUpdate 2013-11-24 20:10 - 2013-11-24 20:10 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk 2013-11-24 20:10 - 2011-01-15 10:05 - 00000000 ____D C:\ProgramData\Adobe 2013-11-24 20:09 - 2011-01-18 21:34 - 00000000 ____D C:\Program Files (x86)\Adobe 2013-11-24 20:06 - 2013-11-24 20:06 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam 2013-11-24 20:06 - 2013-11-24 20:06 - 00000000 ____D C:\Users\Manuela\AppData\Local\Wajam 2013-11-24 20:06 - 2013-11-24 20:06 - 00000000 ____D C:\Program Files (x86)\Wajam 2013-11-24 20:04 - 2013-08-01 18:58 - 00000133 _____ C:\Users\Manuela\Desktop\Amazon.url 2013-11-19 23:31 - 2012-12-25 22:57 - 00000000 ____D C:\Users\Manuela\Documents\Carolin schlau 2013-11-19 23:31 - 2012-09-10 14:53 - 00000000 ____D C:\Users\Manuela\Documents\Carolin´s Ha 2013-11-19 23:29 - 2010-06-15 04:23 - 00665320 _____ C:\Windows\system32\perfh007.dat 2013-11-19 23:29 - 2010-06-15 04:23 - 00135198 _____ C:\Windows\system32\perfc007.dat 2013-11-19 23:29 - 2009-07-14 06:13 - 01529102 _____ C:\Windows\system32\PerfStringBackup.INI 2013-11-19 23:18 - 2013-08-01 19:31 - 00001912 _____ C:\Windows\Tasks\Plus-HD-2.4-chromeinstaller.job 2013-11-19 23:18 - 2013-08-01 19:31 - 00001836 _____ C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job 2013-11-19 23:18 - 2013-08-01 19:31 - 00001292 _____ C:\Windows\Tasks\Plus-HD-2.4-updater.job 2013-11-19 23:18 - 2013-08-01 19:31 - 00001204 _____ C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job 2013-11-19 23:18 - 2013-08-01 19:31 - 00001102 _____ C:\Windows\Tasks\Plus-HD-2.4-enabler.job 2013-11-19 23:18 - 2011-01-15 10:52 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-19 23:18 - 2011-01-15 10:52 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-19 23:15 - 2009-07-14 03:34 - 84148224 _____ C:\Windows\system32\config\SOFTWARE_tureg_old 2013-11-19 23:15 - 2009-07-14 03:34 - 20185088 _____ C:\Windows\system32\config\SYSTEM_tureg_old 2013-11-19 23:15 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY_tureg_old 2013-11-19 22:10 - 2009-07-14 03:34 - 50069504 _____ C:\Windows\system32\config\COMPONENTS_tureg_old 2013-11-19 22:10 - 2009-07-14 03:34 - 01048576 _____ C:\Windows\system32\config\DEFAULT_tureg_old 2013-11-19 22:10 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM_tureg_old 2013-11-19 22:09 - 2013-10-22 06:59 - 00001912 _____ C:\Windows\epplauncher.mif 2013-11-19 22:09 - 2013-10-22 06:57 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-11-19 22:08 - 2013-10-22 06:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client 2013-11-19 19:05 - 2013-03-11 20:09 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Skype 2013-11-19 11:21 - 2011-04-23 07:02 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-17 13:23 - 2013-11-17 13:23 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2013-11-17 13:20 - 2013-11-17 13:20 - 00000000 ____D C:\Users\Manuela\AppData\Local\Avg2014 2013-11-15 20:03 - 2013-11-15 18:04 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014 2013-11-15 20:03 - 2011-04-26 10:09 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\NCH Software 2013-11-15 18:19 - 2013-08-01 19:31 - 00004334 _____ C:\Windows\System32\Tasks\Plus-HD-2.4-updater 2013-11-15 18:19 - 2013-08-01 19:31 - 00004246 _____ C:\Windows\System32\Tasks\Plus-HD-2.4-codedownloader 2013-11-15 18:19 - 2013-08-01 19:31 - 00004144 _____ C:\Windows\System32\Tasks\Plus-HD-2.4-enabler 2013-11-15 18:19 - 2013-06-23 21:02 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-11-15 18:19 - 2011-01-15 10:52 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-15 18:19 - 2011-01-15 10:52 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-15 18:17 - 2011-04-25 21:54 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nero (32-bit) 2013-11-15 18:16 - 2013-11-15 18:03 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2013-11-15 18:16 - 2012-09-15 21:00 - 00000000 __SHD C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2013-11-15 18:16 - 2012-07-14 15:15 - 00000000 ____D C:\Users\Manuela\AppData\Local\Downloaded Installations 2013-11-15 18:09 - 2012-09-15 21:00 - 00000000 ____D C:\ProgramData\TuneUp Software 2013-11-15 18:05 - 2013-11-15 18:05 - 00002169 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk 2013-11-15 18:05 - 2013-11-15 18:05 - 00002149 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk 2013-11-15 18:05 - 2013-10-08 14:59 - 00017408 ___SH C:\Users\Manuela\Desktop\Thumbs.db 2013-11-15 18:05 - 2012-09-15 21:00 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\TuneUp Software 2013-11-15 17:53 - 2013-11-12 22:42 - 00000000 ____D C:\Users\Manuela\AppData\Local\Conduit 2013-11-15 17:53 - 2013-11-12 22:42 - 00000000 ____D C:\Program Files (x86)\RadioTotal 2013-11-15 17:33 - 2013-11-14 20:35 - 00000000 ____D C:\Windows\pss 2013-11-15 17:33 - 2011-01-15 10:18 - 00000000 ___RD C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-11-15 16:58 - 2011-01-15 10:03 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2013-11-14 22:08 - 2009-07-14 03:34 - 00000435 _____ C:\Windows\win.ini 2013-11-14 21:50 - 2013-11-14 21:50 - 00000082 _____ C:\Windows\SETUP.LOG 2013-11-14 21:50 - 2013-11-14 21:50 - 00000000 ____D C:\Program Files\Synaptics 2013-11-14 21:50 - 2013-11-14 21:49 - 00005486 _____ C:\Windows\DPINST.LOG 2013-11-14 21:49 - 2013-11-14 21:49 - 00000000 ____D C:\Program Files (x86)\Atheros Client Installation Program 2013-11-14 21:49 - 2013-11-14 21:48 - 00000191 _____ C:\Windows\SamsungInstaller.log 2013-11-14 21:49 - 2010-06-14 11:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-14 21:48 - 2013-11-14 21:48 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2013-11-14 21:47 - 2013-11-14 21:48 - 03669504 _____ (Askey Computer Corporation.) C:\Windows\SysWOW64\AInst3141x.exe 2013-11-14 21:47 - 2013-11-14 21:48 - 00001202 _____ C:\Windows\SysWOW64\WLL3141.cfgx 2013-11-14 21:47 - 2013-11-14 21:47 - 01573888 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys 2013-11-14 21:47 - 2013-11-14 21:47 - 00396584 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00316464 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2013-11-14 21:47 - 2013-11-14 21:47 - 00264488 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00214312 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00210216 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00173352 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00147752 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo4.dll 2013-11-14 21:47 - 2013-11-14 21:47 - 00107816 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll 2013-11-14 21:36 - 2013-11-12 22:41 - 00000000 ____D C:\Program Files (x86)\Conduit 2013-11-14 21:36 - 2011-12-27 20:30 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2013-11-14 21:36 - 2011-12-27 20:29 - 00000000 ____D C:\Program Files (x86)\AVS4YOU 2013-11-14 21:36 - 2011-01-24 20:04 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2013-11-14 21:36 - 2010-06-14 12:03 - 00000000 ____D C:\ProgramData\WinClon 2013-11-14 21:36 - 2010-06-14 11:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2013-11-14 21:36 - 2010-06-14 11:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite 2013-11-14 21:36 - 2010-06-14 11:53 - 00000000 ____D C:\Program Files (x86)\CyberLink 2013-11-14 21:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF 2013-11-14 21:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-11-14 21:35 - 2013-11-12 22:42 - 00000000 ____D C:\ProgramData\Conduit 2013-11-14 20:16 - 2012-02-19 20:05 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\IrfanView 2013-11-14 20:15 - 2012-07-14 15:40 - 00000000 ____D C:\Program Files (x86)\InterVideo 2013-11-14 20:13 - 2011-04-26 10:39 - 00000000 ____D C:\Philips 2013-11-14 18:00 - 2013-08-18 11:46 - 00000000 ____D C:\Windows\rescache 2013-11-14 16:56 - 2013-07-28 12:35 - 00000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2013-11-14 16:56 - 2009-08-02 03:27 - 00000000 ____D C:\Windows\Panther 2013-11-13 23:10 - 2013-08-18 02:01 - 00000000 ____D C:\Windows\system32\MRT 2013-11-13 23:03 - 2011-03-18 07:46 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-12 22:46 - 2013-11-12 22:46 - 00000000 ____D C:\Program Files (x86)\WinSecurity 2013-11-12 22:45 - 2012-10-05 21:18 - 00002521 _____ C:\Users\Public\Desktop\Freetec TubeBox.lnk 2013-11-12 22:45 - 2012-10-05 21:18 - 00000000 ____D C:\ProgramData\Package Cache 2013-11-12 22:45 - 2012-10-05 21:18 - 00000000 ____D C:\Program Files (x86)\Freetec 2013-11-12 22:44 - 2013-11-12 22:44 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Windows Net Data 2013-11-12 22:41 - 2013-11-12 22:41 - 00000000 ____D C:\Users\Manuela\AppData\Local\NativeMessaging 2013-11-12 22:41 - 2013-11-12 22:41 - 00000000 ____D C:\Users\Manuela\AppData\Local\CRE 2013-11-12 22:41 - 2013-08-17 11:26 - 00000000 ____D C:\Users\Manuela\AppData\Local\DownloadGuide 2013-11-10 18:05 - 2013-10-27 20:17 - 00001106 _____ C:\Windows\DVDXRestrictionFree.ini 2013-11-10 18:05 - 2011-02-21 19:08 - 00000085 ___SH C:\ProgramData\.zreglib 2013-11-10 12:01 - 2013-10-22 06:46 - 00000000 ____D C:\Program Files (x86)\Amazon Browser Bar 2013-11-07 19:27 - 2011-02-05 16:35 - 00000000 ____D C:\Users\Manuela\Leder 2013-11-07 19:26 - 2013-11-07 19:26 - 00124416 ___SH C:\Users\Manuela\Downloads\Thumbs.db 2013-11-07 17:57 - 2013-11-07 17:57 - 00000000 ____D C:\Users\Manuela\AppData\Local\Software_Updater 2013-11-06 20:31 - 2013-11-06 20:31 - 00001932 _____ C:\Users\Manuela\Desktop\DVD Decrypter.lnk 2013-11-06 20:31 - 2013-11-06 20:31 - 00000000 ____D C:\Users\Manuela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVD Decrypter 2013-11-06 20:31 - 2013-11-06 20:31 - 00000000 ____D C:\Program Files (x86)\DVD Decrypter 2013-11-06 20:28 - 2013-11-06 20:28 - 03882128 _____ C:\Users\Manuela\Downloads\installer_dvd_decrypter_3_5_4_0_Deutsch.exe 2013-11-06 20:28 - 2011-08-27 12:50 - 00000000 ____D C:\Users\Manuela\Downloads\Audio (Mp3) 2013-11-06 20:22 - 2013-11-06 20:22 - 00000000 ____D C:\Users\Manuela\Documents\Any Video Converter 2013-10-31 23:04 - 2013-10-31 23:04 - 00000000 _____ C:\Windows\setuperr.log 2013-10-30 10:45 - 2013-11-15 18:08 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll 2013-10-30 10:45 - 2013-11-15 18:08 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll 2013-10-30 10:45 - 2013-11-15 18:08 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll 2013-10-30 10:45 - 2013-11-15 18:08 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll 2013-10-30 10:45 - 2013-11-15 18:05 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe 2013-10-29 19:12 - 2013-03-11 20:09 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-10-29 19:12 - 2013-03-11 20:09 - 00000000 ____D C:\ProgramData\Skype 2013-10-29 19:07 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-10-27 20:17 - 2013-10-27 20:17 - 00000014 _____ C:\Windows\SysWOW64\SysEngine2.SYS 2013-10-27 20:17 - 2013-10-27 20:17 - 00000000 ____D C:\Program Files (x86)\CloneDVD Studio Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.4852.dll Some content of TEMP: ==================== C:\Users\Manuela\AppData\Local\Temp\0068011384462893mcinst.exe C:\Users\Manuela\AppData\Local\Temp\avgnt.exe C:\Users\Manuela\AppData\Local\Temp\ConduitEngine.dll C:\Users\Manuela\AppData\Local\Temp\iv_uninstall.exe C:\Users\Manuela\AppData\Local\Temp\uninst.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-20 18:33 ==================== End Of Log ============================ |
hi,  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
|
| Alle Zeitangaben in WEZ +1. Es ist jetzt 17:39 Uhr. |
Copyright ©2000-2025, Trojaner-Board