Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   paypal phising (https://www.trojaner-board.de/153876-paypal-phising.html)

Puenktchen 14.05.2014 18:21
paypal phising
 
hallo ich brauche hilfe....bitte
ich bin soooo blöd....hatte vorhin eine Meldung von paypal ich solle mein Konto nachschauen und bin auf den link....bei der weiterleitung wurde mir von firefox
gesagt seite wäre gesperrt. dann hab ich mich mit einem neuen tab bei paypal
eingeloggt.konto war ok ......da bin ich erst dahintergekommen das es ne falsch mail war.
:-( hab sofort kontodaten und das gesamte paypal konto gelöscht da schon länger
keine aktion mit paypal gemacht wurde.....einen virenscan hab ich 2 x durchlaufen lassen
.so und nu sitz ich hier und hab angst.
kann mir jemand sagen ob ich noch etwas machen muss ..

schrauber 14.05.2014 18:56
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Puenktchen 14.05.2014 20:58
:-( so bin drin nach schwierigkeiten.


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-05-2014
Ran by Gabi (administrator) on GABI-PC on 14-05-2014 20:05:11
Running from C:\Users\Gabi\Downloads
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(Sony Corporation) C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
() C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Renesas Electronics Corporation) C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Atheros Communications) C:\Program Files\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe
(Nico Mak Computing) C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Users\Gabi\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [OpwareSE4] => C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe [73728 2007-06-13] (Nuance Communications, Inc.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\w32x86\3\WrtMon.exe [20480 2006-09-20] ()
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)
HKLM\...\Run: [Reader Application Helper] => C:\Program Files\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [892928 2012-01-31] (Sony Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9874024 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM\...\Run: [NUSB3MON] => C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Bluetooth Suite\BtvStack.exe [490656 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Bluetooth Suite\AthBtTray.exe [302240 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [652624 2007-10-25] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1603152 2007-09-13] (CANON INC.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1425208 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [55824 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1801168 2014-04-11] (APN)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-25571864-3664550885-1491978389-1000\...\Run: [TBPanel] => C:\Program Files\EXPERTool\TBPanel.exe [2048368 2012-07-13] (Gainward Co. Ltd.)
HKU\S-1-5-21-25571864-3664550885-1491978389-1000\...\Run: [Google Update] => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-30] (Google Inc.)
HKU\S-1-5-21-25571864-3664550885-1491978389-1000\...\Run: [BackgroundContainer] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Gabi\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [201576 2013-02-26] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.0 HD Lite Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 6.0 HD Lite Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_73b63ecbf57d4edbb49f84ee9930e02d_39_1006_20130716_DE_ie_sp_
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6B2CC4378D2BCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
URLSearchHook: HKLM - IncrediMail MediaBar Deutsch 2 Toolbar - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbInc0.dll (Conduit Ltd.)
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
URLSearchHook: HKCU - (No Name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} -  No File
URLSearchHook: HKCU - IncrediMail MediaBar Deutsch 2 Toolbar - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbInc0.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {8072BE93-8063-4BDD-8F80-15BA9CD30B35} URL =
SearchScopes: HKCU - DefaultScope {8072BE93-8063-4BDD-8F80-15BA9CD30B35} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN14675813125475269&UM=2
SearchScopes: HKCU - {59DCDB13-BFAE-446C-9E41-30A6F302F370} URL = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000
SearchScopes: HKCU - {6E15C1FE-A92F-48CB-AD7D-679AA4AD43E1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2724407
SearchScopes: HKCU - {8072BE93-8063-4BDD-8F80-15BA9CD30B35} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3311336&CUI=UN14675813125475269&UM=2
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box&a=1eynMonFFue
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: IB Updater - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO: IncrediMail MediaBar Deutsch 2 Toolbar - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbInc0.dll (Conduit Ltd.)
BHO: Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll (APN LLC.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM - IncrediMail MediaBar Deutsch 2 Toolbar - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbInc0.dll (Conduit Ltd.)
Toolbar: HKLM - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll (APN LLC.)
Toolbar: HKLM - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKCU - No Name - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} -  No File
Toolbar: HKCU - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\AskPartnerNetwork\Toolbar\ORJ\Passport.dll (APN LLC.)
Toolbar: HKCU - IncrediMail MediaBar Deutsch 2 Toolbar - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} - C:\Program Files\IncrediMail_MediaBar_Deutsch_2\prxtbInc0.dll (Conduit Ltd.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default
FF DefaultSearchEngine: Freemium DE Customized Web Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Freemium DE Customized Web Search
FF Homepage: https://www.google.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @sony.com/ReaderDesktop - C:\Program Files\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Gabi\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\searchplugins\askcomsearch.xml
FF SearchPlugin: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon Browser Bar - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\abb@amazon.com [2013-07-16]
FF Extension: Yahoo! Toolbar - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-03-28]
FF Extension: IncrediMail MediaBar Deutsch 2  - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\{990af1c2-5a27-4460-8149-ecc6bc122af3} [2014-05-05]
FF Extension: IncrediMail MediaBar 2  - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} [2014-05-04]
FF Extension: Freemium DE  - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\{e66f4171-0f28-4599-a595-58b840522f7e} [2014-05-04]
FF Extension: Add to Amazon Wish List Button - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\amznUWL2@amazon.com.xpi [2012-02-23]
FF Extension: Ciuvo - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\extension@ciuvo.com.xpi [2011-05-07]
FF Extension: preisspion.de - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\finder@meingutscheincode.de.xpi [2011-05-07]
FF Extension: Ask Toolbar - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\toolbar@ask.com.xpi [2014-04-11]
FF Extension: eBay Sidebar for Firefox - C:\Users\Gabi\AppData\Roaming\Mozilla\Firefox\Profiles\fvr2jyeg.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2011-05-26]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-05-10]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-05-10]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: IB Updater - C:\Program Files\Web Assistant\Firefox [2012-08-15]

Chrome:
=======
CHR Extension: (IncrediMail MediaBar Deutsch 2) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajeaeekpfakbiidigngcnelnclhnaibo [2013-08-16]
CHR Extension: (Google Docs) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-28]
CHR Extension: (Google Drive) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-28]
CHR Extension: (YouTube) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-28]
CHR Extension: (Google-Suche) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-28]
CHR Extension: (IB Updater) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2013-08-16]
CHR Extension: (New Tab for Chrome) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2013-08-16]
CHR Extension: (Freemium DE) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jopemfhojpebdeollanchfjhpbkcijoi [2014-01-08]
CHR Extension: (Google Wallet) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2014-02-22]
CHR Extension: (Google Mail) - C:\Users\Gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-28]
CHR HKLM\...\Chrome\Extension: [ajeaeekpfakbiidigngcnelnclhnaibo] - C:\Users\Gabi\AppData\Local\CRE\ajeaeekpfakbiidigngcnelnclhnaibo.crx [2012-08-08]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-15]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\NewTab.crx [2012-12-11]
CHR HKLM\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Gabi\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27]
CHR HKCU\...\Chrome\Extension: [ajeaeekpfakbiidigngcnelnclhnaibo] - C:\Users\Gabi\AppData\Local\CRE\ajeaeekpfakbiidigngcnelnclhnaibo.crx [2012-08-08]
CHR HKCU\...\Chrome\Extension: [jopemfhojpebdeollanchfjhpbkcijoi] - C:\Users\Gabi\AppData\Local\CRE\jopemfhojpebdeollanchfjhpbkcijoi.crx [2013-12-27]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-03-21]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-04-11] (APN LLC.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2012-03-19] (Intel Corporation)
R2 IB Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2012-11-20] ()
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] ()
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [109728 2011-01-17] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 Updater Service for AMZN; C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()

==================== Drivers (Whitelisted) ====================

R3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [34976 2011-03-13] (Atheros)
S3 ATHDFU; C:\Windows\System32\Drivers\AthDfu.sys [43680 2011-03-13] (Windows (R) Win 7 DDK provider)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [259232 2011-03-13] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [24736 2011-03-13] (Atheros)
R3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [175776 2011-03-13] (Atheros)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [49312 2011-03-13] (Atheros)
R3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [141088 2011-03-13] (Atheros)
R3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [242336 2011-03-13] (Atheros)
S1 CXAVSAUD; C:\Windows\System32\DRIVERS\pvavsaud.sys [11008 2005-10-25] (Conexant Systems, Inc.)
R3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [262824 2011-02-08] (Intel Corporation)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [103000 2010-11-25] (JMicron Technology Corp.)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [40720 2009-06-17] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10384 2009-06-17] (Logitech, Inc.)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R0 mv91cons; C:\Windows\System32\DRIVERS\mv91cons.sys [21808 2011-03-14] (Marvell Semiconductor Inc.)
R0 mvs91xx; C:\Windows\System32\DRIVERS\mvs91xx.sys [274736 2011-03-14] (Marvell Semiconductor, Inc.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [62336 2010-12-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [141440 2010-12-10] (Renesas Electronics Corporation)
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [57856 2010-01-07] (SCM Microsystems Inc.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-23] (Avira GmbH)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-14 20:05 - 2014-05-14 20:05 - 00025536 _____ () C:\Users\Gabi\Downloads\FRST.txt
2014-05-14 20:05 - 2014-05-14 20:05 - 00000000 ____D () C:\FRST
2014-05-14 20:04 - 2014-05-14 20:04 - 01056256 _____ (Farbar) C:\Users\Gabi\Downloads\FRST.exe
2014-05-14 18:25 - 2014-05-14 18:25 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\Nico Mak Computing
2014-05-14 18:08 - 2014-05-14 18:08 - 04892480 _____ (WinZip International LLC ) C:\Users\Gabi\Downloads\wzmp_8.exe
2014-05-14 17:24 - 2014-05-14 17:24 - 00000000 ___RD () C:\Users\Gabi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-14 16:36 - 2014-05-14 18:25 - 00001147 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-14 16:36 - 2014-05-14 18:25 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-14 16:36 - 2014-05-14 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-14 16:36 - 2014-05-14 18:25 - 00000000 ____D () C:\Program Files\WinZip Malware Protector
2014-05-14 16:36 - 2013-03-15 17:01 - 00016384 _____ () C:\Windows\system32\wsusnative32.exe
2014-05-10 15:20 - 2014-05-10 15:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-06 22:31 - 2014-05-06 22:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 13:30 - 2014-04-14 04:11 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 13:30 - 2014-04-14 04:07 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-03 00:32 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 00:32 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 05:38 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-29 05:38 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-29 05:38 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-29 05:38 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-29 05:38 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-29 05:38 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-29 05:38 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-29 05:38 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-29 05:38 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-29 05:38 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-29 05:38 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-29 05:38 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-29 05:38 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-29 05:38 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-29 05:38 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-29 05:38 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-29 05:38 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-29 05:38 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-29 05:38 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-29 05:38 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-29 05:38 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-29 05:38 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-29 05:38 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-29 05:38 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-16 16:43 - 2014-04-16 16:43 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b13.log
2014-04-16 16:43 - 2014-04-16 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

==================== One Month Modified Files and Folders =======

2014-05-14 20:05 - 2014-05-14 20:05 - 00025536 _____ () C:\Users\Gabi\Downloads\FRST.txt
2014-05-14 20:05 - 2014-05-14 20:05 - 00000000 ____D () C:\FRST
2014-05-14 20:04 - 2014-05-14 20:04 - 01056256 _____ (Farbar) C:\Users\Gabi\Downloads\FRST.exe
2014-05-14 19:29 - 2012-11-30 18:36 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-25571864-3664550885-1491978389-1000UA.job
2014-05-14 19:13 - 2012-03-29 21:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-14 18:25 - 2014-05-14 18:25 - 00000000 ____D () C:\Users\Gabi\AppData\Roaming\Nico Mak Computing
2014-05-14 18:25 - 2014-05-14 16:36 - 00001147 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-14 18:25 - 2014-05-14 16:36 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-14 18:25 - 2014-05-14 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-14 18:25 - 2014-05-14 16:36 - 00000000 ____D () C:\Program Files\WinZip Malware Protector
2014-05-14 18:08 - 2014-05-14 18:08 - 04892480 _____ (WinZip International LLC ) C:\Users\Gabi\Downloads\wzmp_8.exe
2014-05-14 17:32 - 2009-07-14 06:34 - 00013568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-14 17:32 - 2009-07-14 06:34 - 00013568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-14 17:30 - 2010-11-23 11:54 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-14 17:28 - 2010-11-23 11:45 - 01503747 _____ () C:\Windows\WindowsUpdate.log
2014-05-14 17:24 - 2014-05-14 17:24 - 00000000 ___RD () C:\Users\Gabi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-05-14 17:24 - 2012-08-06 21:40 - 00090315 _____ () C:\Windows\setupact.log
2014-05-14 17:24 - 2010-11-23 14:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-14 17:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 17:13 - 2012-03-29 21:39 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 17:13 - 2011-06-23 08:21 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-14 16:36 - 2012-09-30 21:33 - 00000000 ____D () C:\Users\Gabi\Desktop\l.stifalle
2014-05-14 15:15 - 2011-06-16 14:30 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-13 16:33 - 2014-02-10 10:55 - 00000074 _____ () C:\Users\Gabi\Desktop\config.cfg
2014-05-13 16:33 - 2014-02-10 10:54 - 00000102 _____ () C:\Users\Gabi\Desktop\results.dat
2014-05-13 14:29 - 2012-11-30 18:36 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-25571864-3664550885-1491978389-1000Core.job
2014-05-11 15:19 - 2012-04-25 06:51 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 15:20 - 2014-05-10 15:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-06 22:31 - 2014-05-06 22:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 22:33 - 2011-04-11 21:06 - 00000000 ____D () C:\Users\Gabi\Documents\Lotto 2011
2014-05-05 19:48 - 2012-09-11 18:23 - 00000000 ____D () C:\Users\Gabi\AppData\Local\CrashDumps
2014-05-02 15:13 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-01 08:44 - 2013-01-14 09:05 - 00019456 _____ () C:\Users\Gabi\Desktop\siedler buff.xls
2014-04-29 19:14 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-29 14:48 - 2014-05-03 00:32 - 17384448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:34 - 2014-05-03 00:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 05:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-27 23:02 - 2011-05-25 18:18 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-04-16 16:43 - 2014-04-16 16:43 - 00004241 _____ () C:\Windows\system32\jupdate-1.7.0_55-b13.log
2014-04-16 16:43 - 2014-04-16 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-16 16:43 - 2013-10-24 14:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 16:43 - 2012-04-11 14:14 - 00000000 ____D () C:\Program Files\Java
2014-04-14 04:11 - 2014-05-06 13:30 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:07 - 2014-05-06 13:30 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.8172.dll


Some content of TEMP:
====================
C:\Users\Gabi\AppData\Local\Temp\APNSetup.exe
C:\Users\Gabi\AppData\Local\Temp\ApnStub.exe
C:\Users\Gabi\AppData\Local\Temp\AskSLib.dll
C:\Users\Gabi\AppData\Local\Temp\avgnt.exe
C:\Users\Gabi\AppData\Local\Temp\DLG_shopping-toolbar_softonic_de-DE.exe
C:\Users\Gabi\AppData\Local\Temp\installerdll.dll
C:\Users\Gabi\AppData\Local\Temp\installerdll31065727.dll
C:\Users\Gabi\AppData\Local\Temp\installerdll5146363.dll
C:\Users\Gabi\AppData\Local\Temp\installerdll5150700.dll
C:\Users\Gabi\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Gabi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Gabi\AppData\Local\Temp\NEW63E9.tmp.exe
C:\Users\Gabi\AppData\Local\Temp\nseD01D.exe
C:\Users\Gabi\AppData\Local\Temp\nsi9743.exe
C:\Users\Gabi\AppData\Local\Temp\nsi9C74.exe
C:\Users\Gabi\AppData\Local\Temp\nsn7716.exe
C:\Users\Gabi\AppData\Local\Temp\nss147D.exe
C:\Users\Gabi\AppData\Local\Temp\nss47FE.exe
C:\Users\Gabi\AppData\Local\Temp\nsx7C37.exe
C:\Users\Gabi\AppData\Local\Temp\nvStInst.exe
C:\Users\Gabi\AppData\Local\Temp\rootsupd.exe
C:\Users\Gabi\AppData\Local\Temp\Setup.exe
C:\Users\Gabi\AppData\Local\Temp\SPStub.exe
C:\Users\Gabi\AppData\Local\Temp\tbFree.dll
C:\Users\Gabi\AppData\Local\Temp\tbInc2.dll
C:\Users\Gabi\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Gabi\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Gabi\AppData\Local\Temp\VIS_DE-2013-12-13.exe
C:\Users\Gabi\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Gabi\AppData\Local\Temp\_is44DC.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 20:26

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:14-05-2014
Ran by Gabi at 2014-05-14 21:55:03
Running from C:\Users\Gabi\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.3.0.3650 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.3.0.3650 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Amazon Browser Bar (HKLM\...\Amazon Browser Bar) (Version: 3.0.2012.0802 - Amazon)
Amazon Browser Settings (HKLM\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Shopping Toolbar (HKLM\...\{4F524A00-6A76-A76A-76A7-A758B70C0A06}) (Version: 12.10.6.60 - APN, LLC) <==== ATTENTION
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Blue Byte Game Channel (HKLM\...\Blue Byte Game Channel) (Version:  - UbiSoft)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM\...\{1039EFA8-AE26-4D18-BDBA-B1E4B2138123}) (Version: 0.8.27 - Kovid Goyal)
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 1.1 (HKLM\...\MP Navigator EX 1.1) (Version:  - )
Canon MX850 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series) (Version:  - )
Canon MX850 series Benutzerregistrierung (HKLM\...\Canon MX850 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
ClicKalender 1.30.1 (HKLM\...\ClicKalender_is1) (Version:  - XLM Software Axel Meierhöfer)
Designer 2.0 (HKLM\...\Designer 2.0_is1) (Version: 7.8.4 - Fomanu AG)
Die Siedler IV (HKLM\...\S4Uninst) (Version:  - )
Die Siedler Online (HKLM\...\{951E81D0-78C6-405F-9D3E-D226FFED1199}) (Version: 1.00.0000 - Ubisoft)
Die Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
ElsterFormular für Privatanwender und Unternehmer (HKLM\...\ElsterFormular für Privatanwender und Unternehmer 12.1.1.6214k) (Version: 12.1.1.6214k - Landesfinanzdirektion Thüringen)
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
EXPERTool v8.4 (HKLM\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.4.0.0 - Gainward Co. Ltd.)
Falk Navi-Manager (HKLM\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.10.0 - United Navigation GmbH)
Falk Navi-Manager (Version: 2.3.0 - Falk Navigation GmbH) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
IB Updater 2.0.0.550 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.550 - IncrediBar) <==== ATTENTION
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IncrediMail (Version: 6.3.9.5254 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5254 - IncrediMail Ltd.)
IncrediMail MediaBar Deutsch 2 Toolbar (HKLM\...\IncrediMail_MediaBar_Deutsch_2 Toolbar) (Version: 6.8.9.0 - IncrediMail MediaBar Deutsch 2) <==== ATTENTION
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 16.1.53.0 (HKLM\...\PROSetDX) (Version: 16.1.53.0 - Intel)
Intel(R) Network Connections 16.1.53.0 (Version: 16.1.53.0 - Intel) Hidden
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JMicron JMB36X Driver (HKLM\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.62.0 - JMicron Technology Corp.)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Logitech SetPoint (HKLM\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
marvell 91xx driver (HKLM\...\MagniDriver) (Version: 1.1.0.6 - Marvell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Medisana BPA 3.0 German (HKLM\...\InstallShield_{F4FEB66B-A7D7-42FC-8479-16C1E5C7DB73}) (Version: 3.0.10 - Medisana)
Medisana BPA 3.0 German (Version: 3.0.10 - Medisana) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 304.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 304.87 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Origin (HKLM\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (Version: 1.0.0.1009 - Ihr Firmenname) Hidden
PHOTOfunSTUDIO 6.0 HD Lite Edition (HKLM\...\{D52A5702-4335-4E09-8F7F-D5703A754538}) (Version: 6.00.042 - Panasonic Corporation)
PIXMA Extended Survey Program (HKLM\...\CANONIJPLM100) (Version:  - )
Presto! PageManager 7.15.20 (HKLM\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.20 - NewSoft Technology Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Reader for PC (HKLM\...\{91605026-DBBF-48FF-B703-F7719CE3F703}) (Version: 1.1.05.13310 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.43.321.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
ScanSoft OmniPage SE 4 (HKLM\...\{66B4C110-8BEB-49B5-824E-C70AEEB20ECD}) (Version: 15.2.0020 - Nuance Communications, Inc.)
SCHLECKER Foto Digital Service (HKLM\...\SCHLECKER Foto Digital Service) (Version:  - )
Sigel Enjoy Your Photo (HKLM\...\Sigel Enjoy Your Photo) (Version:  - )
Softwarenetz Adressen2 (HKLM\...\Adressen2) (Version:  - )
Softwarenetz Terminkalender2 (HKLM\...\Terminkalender2) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Weihnachten 2013 Druckshop (HKLM\...\{C7FAE2CD-A0D9-4DF8-A839-DD34FA6E089F}_is1) (Version:  - )
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip Malware Protector (HKLM\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)

==================== Restore Points  =========================

22-04-2014 13:17:15 Windows Update
25-04-2014 13:23:08 Windows Update
29-04-2014 03:38:42 Windows Update
02-05-2014 13:16:56 Windows Update
02-05-2014 22:32:05 Windows Update
06-05-2014 11:30:38 Windows Update
06-05-2014 20:31:03 Windows Update
13-05-2014 11:56:44 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0BB5DF90-01F2-44D0-A4F1-FE66E7AFDB45} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {16E92088-E583-4741-BA64-627734B7EE1E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Gabi\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {1EFC6124-62BF-4B3A-876C-394708F99584} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {73CEB2B1-AC8E-4209-BB5D-21FFCBE49C8B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {87A8CF9D-CF8B-41AE-8715-81E96AAD8BB4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-25571864-3664550885-1491978389-1000Core => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {B967D0C5-4450-4E51-B006-75D45F3320B0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-25571864-3664550885-1491978389-1000UA => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-30] (Google Inc.)
Task: {E72CF936-123C-45BA-ADE7-F473DDB807CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-25571864-3664550885-1491978389-1000Core.job => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-25571864-3664550885-1491978389-1000UA.job => C:\Users\Gabi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-11 18:20 - 2013-01-18 16:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-02-23 16:57 - 2013-02-23 16:52 - 00397704 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-15 14:35 - 2012-11-20 16:09 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2011-05-25 18:18 - 2007-04-13 08:49 - 00101528 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2013-03-21 20:24 - 2013-03-21 20:24 - 00222368 _____ () C:\Program Files\Amazon Browser Bar\ToolbarUpdaterService.exe
2011-05-24 20:25 - 2006-09-20 08:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe
2012-01-31 19:36 - 2012-01-31 19:36 - 00884736 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\fsk.dll
2012-01-31 19:31 - 2012-01-31 19:31 - 00033792 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2012-01-31 19:31 - 2012-01-31 19:31 - 00233472 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\Fskin.dll
2012-01-31 19:33 - 2012-01-31 19:33 - 00020480 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2011-11-17 22:06 - 2011-11-17 22:06 - 00798720 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2012-01-31 19:31 - 2012-01-31 19:31 - 00118784 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2012-01-31 19:33 - 2012-01-31 19:33 - 00009728 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskPower.dll
2012-01-31 19:33 - 2012-01-31 19:33 - 00018432 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2012-01-31 19:31 - 2012-01-31 19:31 - 00010752 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2012-01-31 19:33 - 2012-01-31 19:33 - 00008704 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2012-01-31 19:33 - 2012-01-31 19:33 - 00028160 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\ticket.dll
2012-01-31 19:33 - 2012-01-31 19:33 - 00012288 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2011-11-17 20:47 - 2011-11-17 20:47 - 00086016 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2012-01-31 19:35 - 2012-01-31 19:35 - 00143360 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2012-01-31 19:34 - 2012-01-31 19:34 - 00172032 _____ () C:\Program Files\Sony\ReaderDesktop\appHelper\USBDetector.dll
2011-05-24 20:25 - 2006-10-30 16:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe
2012-03-19 22:09 - 2012-03-19 22:09 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2013-01-09 20:32 - 2009-07-20 13:27 - 00017936 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2014-05-10 15:20 - 2014-05-10 15:20 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-01-24 23:48 - 2013-01-24 23:48 - 00033272 _____ () C:\Program Files\IncrediMail\Bin\IMHttpComm.dll
2013-01-24 23:48 - 2013-01-24 23:48 - 00072256 _____ () C:\Program Files\IncrediMail\Bin\wlessfp1.dll
2013-01-24 23:48 - 2013-01-24 23:48 - 00268864 _____ () C:\Program Files\IncrediMail\Bin\ImLookExU.dll
2012-11-18 18:29 - 2012-11-18 18:29 - 00108448 _____ () C:\Program Files\IncrediMail\Bin\pmc.dll
2013-01-24 23:48 - 2013-01-24 23:48 - 00133696 _____ () C:\Program Files\IncrediMail\Bin\ImComUtlU.dll
2013-01-24 23:48 - 2013-01-24 23:48 - 00080448 _____ () C:\Program Files\IncrediMail\bin\ImAppRU.dll
2014-05-14 17:13 - 2014-05-14 17:13 - 16361136 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-04-25 07:25 - 2014-04-24 02:33 - 00065352 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-25 07:25 - 2014-04-24 02:33 - 00674632 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 07:25 - 2014-04-24 02:33 - 00093000 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-05-14 16:36 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files\WinZip Malware Protector\System.Data.SQLite.dll
2014-05-14 16:36 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files\WinZip Malware Protector\aspsys.dll
2014-05-14 16:36 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files\WinZip Malware Protector\UNRAR.DLL
2014-04-25 07:25 - 2014-04-24 02:33 - 04081480 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 07:25 - 2014-04-24 02:33 - 00390472 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 07:25 - 2014-04-24 02:33 - 01647432 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-25 07:25 - 2014-04-24 02:33 - 13692232 _____ () C:\Users\Gabi\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2010-05-04 16:36 - 2010-05-04 16:36 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2010-03-24 22:51 - 2011-01-06 23:27 - 00166400 _____ () C:\Program Files\OpenOffice.org 3\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Gabi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Terminkalender2.lnk => C:\Windows\pss\Terminkalender2.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: IATSKY => C:\Program Files\i@Sky WIC\iatsky.exe
MSCONFIG\startupreg: IncrediMail => C:\Program Files\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

==================== Faulty Device Manager Devices =============

Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2014 07:48:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 29.0.0.5224, Zeitstempel: 0x535631b0
Name des fehlerhaften Moduls: mozalloc.dll, Version: 29.0.0.5224, Zeitstempel: 0x535605a7
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000119c
ID des fehlerhaften Prozesses: 0x1e44
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (04/19/2014 05:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xul.dll, Version: 28.0.0.5186, Zeitstempel: 0x53240e04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00184729
ID des fehlerhaften Prozesses: 0x548
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (03/16/2014 09:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: PriceGongIE.dll, Version: 3.6.12.0, Zeitstempel: 0x516e945c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00034c29
ID des fehlerhaften Prozesses: 0x14a4
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (03/08/2014 03:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IncMail.exe, Version: 6.3.9.5254, Zeitstempel: 0x50dc5120
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052ca9
ID des fehlerhaften Prozesses: 0x544
Startzeit der fehlerhaften Anwendung: 0xIncMail.exe0
Pfad der fehlerhaften Anwendung: IncMail.exe1
Pfad des fehlerhaften Moduls: IncMail.exe2
Berichtskennung: IncMail.exe3

Error: (02/08/2014 10:12:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iTunes.exe, Version: 11.1.4.62, Zeitstempel: 0x52ddbf7a
Name des fehlerhaften Moduls: WebKit.dll, Version: 7537.60.11.25, Zeitstempel: 0x52dd8d83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0026e1b7
ID des fehlerhaften Prozesses: 0x1590
Startzeit der fehlerhaften Anwendung: 0xiTunes.exe0
Pfad der fehlerhaften Anwendung: iTunes.exe1
Pfad des fehlerhaften Moduls: iTunes.exe2
Berichtskennung: iTunes.exe3

Error: (01/13/2014 02:21:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x1550
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (01/08/2014 07:04:39 AM) (Source: CltMngSvc) (EventID: 1000) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)

Error: (01/08/2014 07:04:31 AM) (Source: CltMngSvc) (EventID: 1000) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)

Error: (12/26/2013 07:36:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (12/17/2013 06:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0x1504
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3


System errors:
=============
Error: (05/14/2014 05:27:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/14/2014 05:27:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/14/2014 03:16:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/14/2014 03:16:25 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/14/2014 06:32:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/14/2014 06:32:35 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/13/2014 01:55:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/13/2014 01:55:07 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/13/2014 05:51:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (05/13/2014 05:51:00 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (05/05/2014 07:48:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe29.0.0.5224535631b0mozalloc.dll29.0.0.5224535605a7800000030000119c1e4401cf6885b0cad787C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll795fc380-d47d-11e3-9e59-0026832fcc7c

Error: (04/19/2014 05:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c00000050018472954801cf5bb6ecb99ab7C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dllaeedbe25-c7d6-11e3-b7cc-0026832fcc7c

Error: (03/16/2014 09:09:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1652153114399PriceGongIE.dll3.6.12.0516e945cc000000500034c2914a401cf414b2488aeb2C:\Program Files\Internet Explorer\iexplore.exeC:\Users\Gabi\AppData\LocalLow\IncrediMail_MediaBar_Deutsch_2\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll7fa7dd3d-ad3e-11e3-98da-0026832fcc7c

Error: (03/08/2014 03:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IncMail.exe6.3.9.525450dc5120unknown0.0.0.000000000c000000500052ca954401cf3acd00a0688cC:\Program Files\IncrediMail\Bin\IncMail.exeunknown14b7d26b-a6c2-11e3-9fc5-0026832fcc7c

Error: (02/08/2014 10:12:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iTunes.exe11.1.4.6252ddbf7aWebKit.dll7537.60.11.2552dd8d83c00000050026e1b7159001cf24a334da83e7C:\Program Files\iTunes\iTunes.exeC:\Program Files\Common Files\Apple\Apple Application Support\WebKit.dllc015bd1c-9098-11e3-9864-0026832fcc7c

Error: (01/13/2014 02:21:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8155001cf101cca6ea11cC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll4779caa7-7c4d-11e3-83f0-14dae92229b7

Error: (01/08/2014 07:04:39 AM) (Source: CltMngSvc) (EventID: 1000) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)

Error: (01/08/2014 07:04:31 AM) (Source: CltMngSvc) (EventID: 1000) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)

Error: (12/26/2013 07:36:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8e1401cf01f8d3cbf071C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dlla286a1db-6def-11e3-9d60-0026832fcc7c

Error: (12/17/2013 06:04:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8150401cefb31bd29c19cC:\program files\mozilla firefox\firefox.exeC:\program files\mozilla firefox\xul.dlle53262cf-6734-11e3-86b8-0026832fcc7c


==================== Memory info ===========================

Percentage of memory in use: 96%
Total physical RAM: 3237.14 MB
Available physical RAM: 114.9 MB
Total Pagefile: 6472.56 MB
Available Pagefile: 1690.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.33 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.28 GB) (Free:105.59 GB) NTFS
Drive f: (Externe) (Fixed) (Total:465.76 GB) (Free:338.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 0BBC99ED)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 224 GB) (Disk ID: 4872814A)
Partition 1: (Active) - (Size=299 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)

==================== End Of Log ============================
so ich hab alles geschickt ich hoffe ist so ok

ich würde mich über ein antwort freuen.

lg Puenktchen

schrauber 15.05.2014 19:30
Adware & Co. deinstallieren

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alle Zeitangaben in WEZ +1. Es ist jetzt 04:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131