Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne
2x | Windows 8: TR/ATRAPS.Gen2 entfernen

2x | Windows 8: TR/ATRAPS.Gen2 entfernen


Mülltonne: 2x | Windows 8: TR/ATRAPS.Gen2 entfernen

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 07.10.2013, 18:56   #1
Kirschkern
 
2x | Windows 8: TR/ATRAPS.Gen2 entfernen - Standard

2x | Windows 8: TR/ATRAPS.Gen2 entfernen


Hallo,

ich habe ein Problem mit einem Trojaner, Avira findet bei mir alle 5-10 Minuten "TR/ATRAPS.Gen2",

Ausschnitt aus dem Avira-Bericht:

Code:
ATTFilter
Typ:	Datei
Quelle:	C:\Program Files (x86)\Google\Desktop\Install\{c03df24d-7e5-bfa4-44b4-6518b7da4930}\   \...\*ﯹ๛\{c03df24d-47e5-bfa4-44b4-6518b7da4930}\U\800000cb.@
Status:	Infiziert
Quarantäne-Objekt:	54287a39.qua
Wiederhergestellt:	NEIN
Zu Avira hochgeladen:	NEIN
Betriebssystem:	Windows XP/VISTA Workstation/Windows 7
Suchengine:	8.02.12.126
Virendefinitionsdatei:	7.11.106.50
Gefunden:	TR/ATRAPS.Gen2
Datum/Uhrzeit:	07.10.2013, 19:23
ich habe schon versucht die Datei in dem angezeigten Ordner zu entfernen, das ist aber nicht möglich.

Könnt ihr mir bitte helfen den Trojaner zu entfernen, ohne dass ich mein Laptop neu aufspielen muss?

Der Systemscan mit FRST ergab:

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Internet (administrator) on NADINENOTEBOOK on 07-10-2013 19:33:05
Running from C:\Users\Internet\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: F - "F:\AutoRun.exe" 
MountPoints2: {2de0a7f9-adb3-11e2-bea0-2016d8397b96} - "F:\AutoRun.exe" 
MountPoints2: {2de0a88b-adb3-11e2-bea0-2016d8397b96} - "F:\AutoRun.exe" 
MountPoints2: {2de0a8c5-adb3-11e2-bea0-2016d8397b96} - "F:\AutoRun.exe" 
MountPoints2: {2de0ac81-adb3-11e2-bea0-2016d8397b96} - "F:\AutoRun.exe" 
MountPoints2: {2de0b86b-adb3-11e2-bea0-2016d8397b96} - "F:\AutoRun.exe" 
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648264 2013-04-30] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IR_SERVER] - C:\Program Files (x86)\Realtek\REALTEK DTV USB DEVICE\IR_SERVER.exe
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll [245872 2013-01-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll [201576 2013-01-11] (NVIDIA Corporation)
Startup: C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
URLSearchHook: (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} -  No File
SearchScopes: HKLM - DefaultScope {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {50952DBE-9475-4D32-B175-B9D835C33E99} URL = 
SearchScopes: HKCU - {50952DBE-9475-4D32-B175-B9D835C33E99} URL = 
SearchScopes: HKCU - {B9A4C3AA-4B74-437D-8AB7-9EFC2F61BB90} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=20f3da65-3de2-452b-a440-b86636596be9&apn_sauid=F3E91511-EA56-4A9A-AF19-605D0E205F6E
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKCU -  No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\o958rb37.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\o958rb37.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"]},"first_run_tabs":["hxxp://www.google.com/","hxxp://welcome_page"

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2912304 2013-03-14] (Samsung Electronics CO., LTD.)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [x]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [x]
S3 gusvc; "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" [x]
U2 *etadpug; "C:\Program Files (x86)\Google\Desktop\Install\{c03df24d-47e5-bfa4-44b4-6518b7da4930}\   \...\???\{c03df24d-47e5-bfa4-44b4-6518b7da4930}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132088 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-04-01] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [132608 2009-06-22] (Huawei Technologies Co., Ltd.)
R3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [113792 2009-06-22] (Huawei Technologies Co., Ltd.)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-11-28] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-11-28] (Windows (R) 2003 DDK 3790 provider)
S3 SBIOSIO; \??\C:\Windows\Temp\SBIOSIO64.SYS [x]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-07 19:26 - 2013-10-07 19:26 - 01954124 _____ (Farbar) C:\Users\Internet\Downloads\FRST64.exe
2013-10-07 19:26 - 2013-10-07 19:26 - 00000000 ____D C:\FRST
2013-10-07 19:13 - 2013-10-07 19:13 - 99717279 _____ C:\windows\SysWOW64\᯾短忠ˆ߿
2013-10-06 23:44 - 2013-10-06 23:56 - 00015065 _____ C:\windows\WindowsUpdate.log
2013-10-06 22:27 - 2013-09-19 01:26 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-10-06 22:27 - 2013-09-19 01:26 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-06 22:22 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\tssdisai.dll
2013-09-29 19:50 - 2013-09-29 21:52 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-09-29 19:49 - 2013-09-29 19:49 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-29 19:48 - 2013-09-29 19:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-28 09:37 - 2013-09-28 09:37 - 00000000 ____D C:\Users\Internet\AppData\Local\Macromedia
2013-09-27 20:05 - 2013-09-27 20:10 - 23280480 _____ C:\Users\Internet\Downloads\vlc-2.1.0-win64.exe
2013-09-27 20:03 - 2013-09-27 20:03 - 00000000 ____D C:\Users\Internet\AppData\Roaming\WinRAR
2013-09-27 20:03 - 2011-11-09 23:18 - 00000291 _____ C:\Users\Internet\Downloads\Charts.to - Die ultimative Seite fuer Charts als Direkt-Download.url
2013-09-27 20:02 - 2013-09-27 20:02 - 02074056 _____ C:\Users\Internet\Downloads\winrar-x64-500d.exe
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\Program Files\WinRAR
2013-09-27 19:39 - 2013-09-27 19:39 - 00000000 ____D C:\Users\Internet\AppData\Local\Mozilla
2013-09-27 19:38 - 2013-09-27 19:38 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-27 19:38 - 2013-09-27 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-22 20:10 - 2013-09-22 20:11 - 00356616 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-18 19:53 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys
2013-09-18 19:53 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\windows\system32\WSService.dll
2013-09-18 19:53 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-09-18 19:53 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2013-09-18 19:53 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
2013-09-18 19:53 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-09-18 19:53 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\windows\system32\WSClient.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\WSSync.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\setupcln.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2013-09-18 19:53 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2013-09-18 19:53 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSClient.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSSync.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00083968 _____ C:\windows\SysWOW64\OEMLicense.dll
2013-09-18 19:53 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-09-18 19:53 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2013-09-18 19:53 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
2013-09-18 19:53 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
2013-09-18 19:52 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-09-18 19:52 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-09-18 19:52 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-09-18 19:52 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-09-18 19:52 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-09-18 19:52 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-09-18 19:52 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-09-18 19:52 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-09-18 19:52 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-09-18 19:52 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-09-18 19:52 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2013-09-18 19:50 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-09-08 21:20 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2013-09-08 21:20 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
2013-09-08 21:20 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2013-09-08 21:20 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2013-09-08 21:20 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
2013-09-08 21:20 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-09-08 21:20 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2013-09-08 21:20 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
2013-09-08 21:20 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2013-09-08 21:20 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\winmmbase.dll
2013-09-08 21:20 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\winmm.dll
2013-09-08 21:20 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
2013-09-08 21:20 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-09-08 21:20 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-09-08 21:20 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-09-08 21:19 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msgpioclx.sys
2013-09-08 21:19 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2013-09-08 21:19 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationApi.dll
2013-09-08 21:19 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\windows\system32\wwanmm.dll
2013-09-08 21:19 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\Wwanadvui.dll
2013-09-08 21:19 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\LocationApi.dll
2013-09-08 21:19 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-08 21:19 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-08 21:19 - 2013-07-02 00:08 - 00387583 _____ C:\windows\system32\ApnDatabase.xml
2013-09-08 21:19 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\windows\SysWOW64\openfiles.exe
2013-09-08 21:19 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\openfiles.exe
2013-09-08 21:19 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2013-09-08 21:19 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2013-09-08 21:19 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-09-08 21:19 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2013-09-08 21:19 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2013-09-08 21:19 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2013-09-08 21:19 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\windows\system32\wcmsvc.dll
2013-09-08 21:19 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\wcmcsp.dll
2013-09-08 21:19 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmmbase.dll
2013-09-08 21:19 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2013-09-08 21:19 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2013-09-08 21:19 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-09-08 21:19 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-09-08 21:19 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2013-09-08 21:19 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2013-09-08 21:19 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBSTOR.SYS

==================== One Month Modified Files and Folders =======

2013-10-07 19:26 - 2013-10-07 19:26 - 01954124 _____ (Farbar) C:\Users\Internet\Downloads\FRST64.exe
2013-10-07 19:26 - 2013-10-07 19:26 - 00000000 ____D C:\FRST
2013-10-07 19:13 - 2013-10-07 19:13 - 99717279 _____ C:\windows\SysWOW64\᯾短忠ˆ߿
2013-10-07 19:11 - 2012-10-20 22:21 - 00753134 _____ C:\windows\system32\perfh007.dat
2013-10-07 19:11 - 2012-10-20 22:21 - 00155826 _____ C:\windows\system32\perfc007.dat
2013-10-07 19:11 - 2012-07-26 09:28 - 01745226 _____ C:\windows\system32\PerfStringBackup.INI
2013-10-07 19:09 - 2012-10-20 07:47 - 00000000 ____D C:\ProgramData\WinClon
2013-10-07 19:06 - 2013-03-12 22:39 - 00001140 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-07 19:05 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-10-07 08:20 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2013-10-07 08:02 - 2013-03-12 22:39 - 00001144 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-07 08:02 - 2013-03-12 22:39 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-07 08:02 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\sru
2013-10-07 00:07 - 2013-02-28 13:32 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Zumea
2013-10-06 23:56 - 2013-10-06 23:44 - 00015065 _____ C:\windows\WindowsUpdate.log
2013-10-06 22:32 - 2013-02-26 22:33 - 00000000 ____D C:\Users\Internet\AppData\Local\CrashDumps
2013-10-06 21:59 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-10-06 21:57 - 2013-03-02 12:38 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Xoizg
2013-10-01 18:13 - 2013-04-26 15:28 - 00000000 ____D C:\Users\Internet\Documents\Verträge
2013-09-29 21:52 - 2013-09-29 19:50 - 00000000 ____D C:\Users\Internet\AppData\Roaming\vlc
2013-09-29 19:49 - 2013-09-29 19:49 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-29 19:48 - 2013-09-29 19:48 - 00000000 ____D C:\Program Files\VideoLAN
2013-09-28 09:37 - 2013-09-28 09:37 - 00000000 ____D C:\Users\Internet\AppData\Local\Macromedia
2013-09-28 09:36 - 2013-03-02 15:37 - 00000000 ____D C:\Users\Internet\AppData\Local\Adobe
2013-09-28 09:08 - 2013-05-07 20:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-27 20:10 - 2013-09-27 20:05 - 23280480 _____ C:\Users\Internet\Downloads\vlc-2.1.0-win64.exe
2013-09-27 20:03 - 2013-09-27 20:03 - 00000000 ____D C:\Users\Internet\AppData\Roaming\WinRAR
2013-09-27 20:02 - 2013-09-27 20:02 - 02074056 _____ C:\Users\Internet\Downloads\winrar-x64-500d.exe
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\Program Files\WinRAR
2013-09-27 19:39 - 2013-09-27 19:39 - 00000000 ____D C:\Users\Internet\AppData\Local\Mozilla
2013-09-27 19:39 - 2013-05-07 20:31 - 00000000 ____D C:\Users\Internet\AppData\Roaming\Mozilla
2013-09-27 19:38 - 2013-09-27 19:38 - 00001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-27 19:38 - 2013-09-27 19:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-27 18:48 - 2013-03-12 22:39 - 00000000 ____D C:\Users\Internet\AppData\Local\Google
2013-09-27 18:44 - 2013-03-03 19:12 - 00000000 ____D C:\Users\Internet\AppData\Local\DoNotTrackPlus
2013-09-23 20:52 - 2012-07-26 10:12 - 00000000 ____D C:\windows\rescache
2013-09-23 18:33 - 2013-04-26 15:31 - 00000000 ____D C:\Users\Internet\Documents\Zeugnisse & Bescheinigungen
2013-09-23 07:54 - 2013-07-28 19:51 - 00000000 ____D C:\windows\system32\MRT
2013-09-23 07:52 - 2013-03-09 13:45 - 79143768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-09-22 20:11 - 2013-09-22 20:10 - 00356616 _____ C:\windows\system32\FNTCACHE.DAT
2013-09-19 01:26 - 2013-10-06 22:27 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 01:26 - 2013-10-06 22:27 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-18 22:01 - 2012-07-26 10:12 - 00000000 ____D C:\windows\WinStore
2013-09-18 22:01 - 2012-07-26 10:12 - 00000000 ____D C:\windows\PolicyDefinitions
2013-09-17 21:01 - 2013-05-05 23:13 - 00000000 ____D C:\Users\Internet\Documents\OneNote-Notizbücher
2013-09-11 20:49 - 2011-10-09 16:06 - 00000000 ____D C:\Users\Public\Documents\Wohnung
2013-09-08 22:28 - 2012-07-26 07:38 - 00000000 ____D C:\windows\system32\oobe
2013-09-07 11:55 - 2013-05-09 16:30 - 00082136 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-09-07 11:55 - 2013-04-01 22:40 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-09-07 11:55 - 2013-04-01 22:40 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys

Files to move or delete:
====================
ZeroAccess:
C:\Users\Internet\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\DbgHelp.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-09-29 16:25

==================== End Of Log ============================

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Internet at 2013-10-07 19:34:50
Running from C:\Users\Internet\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
ArcSoft TotalMedia 3.5 (x32 Version: 3.5.7.307)
Ask Toolbar (x32 Version: 1.15.26.0)
Ask Toolbar Updater (HKCU Version: 1.2.6.45268)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.7)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Easy File Share (x32 Version: 1.3.4)
EndNote X7 (x32 Version: 17.0.1.7212)
E-POP (x32 Version: 1.0.1)
ETDWare PS/2-X64 11.7.2.1_WHQL (Version: 11.7.2.1)
Fotogalerie (x32 Version: 16.4.3503.0728)
Galerie de photos (x32 Version: 16.4.3503.0728)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4413.1752)
Google Update Helper (x32 Version: 1.3.21.153)
GraphPad Prism 4 (x32)
Help Desk (Version: 1.0.9)
Intel AppUp(SM) center (x32 Version: 3.6.1.33070.11)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.2.1001)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 21 (x32 Version: 7.0.210)
Java Auto Updater (x32 Version: 2.1.9.5)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobile Partner (x32 Version: 11.302.06.03.545)
Movie Maker (x32 Version: 16.4.3503.0728)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1108.0727)
NVIDIA Grafiktreiber 311.00 (Version: 311.00)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Optimus 1.11.3 (Version: 1.11.3)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 311.00 (Version: 311.00)
NVIDIA Update Components (Version: 1.11.3)
Photo Common (x32 Version: 16.4.3503.0728)
Photo Gallery (x32 Version: 16.4.3503.0728)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.210)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0)
Raccolta foto (x32 Version: 16.4.3503.0728)
REALTEK DTV USB DEVICE (x32 Version: 1.00.0000)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699)
Recovery (x32 Version: 6.0.9.2)
ResearchSoft Direct Export Helper (x32)
S Agent (Version: 1.1.40)
Settings (x32 Version: 2.0.0)
SigmaPlot 12.1 (x32 Version: 12.1)
Support Center (Version: 2.1.80)
Support Center FAQ (x32 Version: 1.0.8)
SW Update (x32 Version: 2.1.11)
TotalMedia Setup (x32 Version: 1.00.0000)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector (KB2583935) (x32)
User Guide (x32 Version: 1.2.00)
VLC media player 2.1.0 (Version: 2.1.0)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (07/27/2012 20.57.1.735) (Version: 07/27/2012 20.57.1.735)
Windows Live (x32 Version: 16.4.3503.0728)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728)
Windows Live Essentials (x32 Version: 16.4.3503.0728)
Windows Live Installer (x32 Version: 16.4.3503.0728)
Windows Live Photo Common (x32 Version: 16.4.3503.0728)
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728)
Windows Live SOXE (x32 Version: 16.4.3503.0728)
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728)
Windows Live UX Platform (x32 Version: 16.4.3503.0728)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728)
WinRAR 5.00 (64-Bit) (Version: 5.00.0)

==================== Restore Points  =========================

06-10-2013 20:22:30 Windows Update

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05DFB97D-D085-45CA-8620-EA8479BC828A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {2E9D9AEF-10BB-48FE-BC5A-AD65E6C00AF5} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {3BEEAE1B-1135-48D1-A59E-14ED75FA9430} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {3C8C2F45-695E-4C0F-B19D-627D6FFC41A8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4285C36F-B071-4297-995C-B210F405BA86} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {452DC6A1-CEF3-4A55-893B-A99AD6FD74EE} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {7280DA05-D9A4-486D-8431-E491354E0841} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {78124365-6EAB-4097-A619-70470E14026F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {848E76AD-5BD5-413B-A40F-433173C5837D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-30] ()
Task: {97EC930E-BAE5-462B-912D-DF2E77D48530} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-02-26] (Samsung Electronics CO., LTD.)
Task: {A654CDB9-9CE8-4D2D-BEDC-888CA43A2896} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {F4B63E58-E682-4816-AC2A-E699768AF68E} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-12-16] (SEC)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 09:55 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-16 04:26 - 2012-08-16 04:26 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-26 17:56 - 2013-02-26 17:56 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-02-26 22:32 - 2013-02-26 22:30 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-10-20 07:53 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-10-20 07:55 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-09-27 19:38 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-10-20 07:35 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-07 21:00 - 2013-08-07 21:00 - 02244504 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-08-07 21:00 - 2013-08-07 21:00 - 00158104 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-08-07 21:00 - 2013-08-07 21:00 - 00022424 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Description: Qualcomm Atheros AR3012 Bluetooth 4.0 + HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/06/2013 10:31:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.2.9200.16384, Zeitstempel: 0x50108850
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x00000000000012cc
ID des fehlerhaften Prozesses: 0x11f8
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Vollständiger Name des fehlerhaften Pakets: DllHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DllHost.exe5

Error: (10/06/2013 10:29:27 PM) (Source: Application Hang) (User: )
Description: Programm GuaranaAgent.exe, Version 2.1.8.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 814

Startzeit: 01cec2cd685db79f

Endzeit: 0

Anwendungspfad: C:\Program Files\Samsung\Support Center\GuaranaAgent.exe

Berichts-ID: e7710db5-2ec5-11e3-beee-d13233d0ce23

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (10/06/2013 10:26:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.2.9200.16628, Zeitstempel: 0x51a94434
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16579, Zeitstempel: 0x51637f77
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0000000000005798
ID des fehlerhaften Prozesses: 0x870
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (10/06/2013 10:09:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x4c4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (10/01/2013 09:28:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x1580
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (10/01/2013 09:21:55 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x4f4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (10/01/2013 08:49:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x1144
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (10/01/2013 08:26:25 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x180
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (10/01/2013 08:19:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x19b4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (10/01/2013 08:13:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: kmddsp.tsp, Version: 6.2.9200.16420, Zeitstempel: 0x523f154e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003c1f
ID des fehlerhaften Prozesses: 0x1948
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5


System errors:
=============
Error: (10/07/2013 07:10:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2147942405

Error: (10/07/2013 07:10:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%2147942405

Error: (10/07/2013 07:10:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2147942405

Error: (10/07/2013 07:10:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%2147942405

Error: (10/07/2013 07:10:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2147942405

Error: (10/07/2013 07:10:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%2147942405

Error: (10/07/2013 07:08:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2147942405

Error: (10/07/2013 07:08:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%2147942405

Error: (10/07/2013 07:08:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2147942405

Error: (10/07/2013 07:08:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet: 
%%2147942405


Microsoft Office Sessions:
=========================
Error: (10/06/2013 10:31:15 PM) (Source: Application Error)(User: )
Description: DllHost.exe6.2.9200.1638450108850KERNELBASE.dll6.2.9200.1645150988aa6c00000fd00000000000012cc11f801cec2d2fc2356a2C:\windows\system32\DllHost.exeC:\windows\system32\KERNELBASE.dll3eaee0d7-2ec6-11e3-beee-d13233d0ce23

Error: (10/06/2013 10:29:27 PM) (Source: Application Hang)(User: )
Description: GuaranaAgent.exe2.1.8.081401cec2cd685db79f0C:\Program Files\Samsung\Support Center\GuaranaAgent.exee7710db5-2ec5-11e3-beee-d13233d0ce23

Error: (10/06/2013 10:26:08 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.2.9200.1662851a94434ntdll.dll6.2.9200.1657951637f77c00000fd000000000000579887001cec2cc930b304dC:\windows\Explorer.EXEC:\windows\SYSTEM32\ntdll.dll87f51ea1-2ec5-11e3-beee-d13233d0ce23

Error: (10/06/2013 10:09:26 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f4c401cec2cd4fbb38a2C:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tsp32eed22e-2ec3-11e3-beee-d13233d0ce23

Error: (10/01/2013 09:28:21 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f158001cebedba1bfd6efC:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tspa142a697-2acf-11e3-beed-906fde4f152b

Error: (10/01/2013 09:21:55 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f4f401cebed723854ba3C:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tspbb4ddabc-2ace-11e3-beed-906fde4f152b

Error: (10/01/2013 08:49:44 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f114401cebed3e1cdd8a7C:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tsp3c9c4838-2aca-11e3-beed-906fde4f152b

Error: (10/01/2013 08:26:25 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f18001cebed2dfb33701C:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tspfa9889b7-2ac6-11e3-beed-906fde4f152b

Error: (10/01/2013 08:19:13 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f19b401cebed21737895fC:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tspf91af9d3-2ac5-11e3-beed-906fde4f152b

Error: (10/01/2013 08:13:34 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4ekmddsp.tsp6.2.9200.16420523f154ec00000050000000000003c1f194801cebecc78c8180eC:\windows\system32\svchost.exeC:\windows\system32\kmddsp.tsp2f00fba6-2ac5-11e3-beed-906fde4f152b


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 3795.53 MB
Available physical RAM: 2288.39 MB
Total Pagefile: 7225.54 MB
Available Pagefile: 5396.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:220.14 GB) (Free:173.97 GB) NTFS
Drive d: (Volume) (Fixed) (Total:219.04 GB) (Free:201.77 GB) NTFS
Drive f: (o2) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 7A80D030)

Partition: GPT Partition Type
==================== End Of Log ============================

Alt 07.10.2013, 19:02   #2
aharonov
/// TB-Ausbilder
 
2x | Windows 8: TR/ATRAPS.Gen2 entfernen - Standard

2x | Windows 8: TR/ATRAPS.Gen2 entfernen


doppelt: http://www.trojaner-board.de/142675-...entfernen.html
__________________

__________________
 

Themen zu 2x | Windows 8: TR/ATRAPS.Gen2 entfernen
4d36e972-e325-11ce-bfc1-08002be10318, antivir, antivirus, avira, browser, desktop, dllhost.exe, entfernen, error, excel, farbar, farbar recovery scan tool, firefox, flash player, google, homepage, installation, internet, mozilla, ntdll.dll, plug-in, problem, realtek, registry, rootkit, security, software, svchost.exe, trojaner, usb, windows, windowsapps


« 2x | .exe Dateine können nicht starten | Maus und Tastatur spielen verrückt. »


Ähnliche Themen: 2x | Windows 8: TR/ATRAPS.Gen2 entfernen


  1. Windows 8 x64 mit tr/atraps.gen - tr/atraps.gen2 befallen
    Log-Analyse und Auswertung - 17.01.2014 (50)
  2. Windows Vista Befall mit TR/ATRAPS.Gen und TR/ATRAPS.Gen2
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (13)
  3. Windows 8: TR/ATRAPS.Gen2 entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (11)
  4. TR/ATRAPS.Gen2 wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (4)
  5. Trojaner: tr/atraps.gen2, tr/atraps.gen, tr/atraps.gen3, tr/atraps.gen4, tr/atraps.gen5, tr/atraps.gen7 und services.exe virus
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (29)
  6. TR/ATRAPS.GEN und TR/ATRAPS.GEN2 entfernen
    Log-Analyse und Auswertung - 15.11.2012 (35)
  7. Avira findet TR/Sirefef.16896 und TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in Windows\Installer und W32/Patched.UA in Windows\System32\service.exe
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (23)
  8. Avira: TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\Windows\Installer...
    Plagegeister aller Art und deren Bekämpfung - 26.10.2012 (9)
  9. TR/ATRAPS.Gen und TR/ATRAPS.Gen2 von Avira gemeldet und dort nicht zu entfernen
    Log-Analyse und Auswertung - 10.10.2012 (13)
  10. TR/ATRAPS.GEN - TR/ATRAPS.Gen2 lassen sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (31)
  11. Avira: 800000cb.@ TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\Windows\Installer\.. und weitere Pfaden
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (25)
  12. Trojaner TR/ATRAPS.gen und TR/ATRAPS.Gen2 lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 14.07.2012 (30)
  13. TR/ATRAPS.GEN/GEN2 entfernen
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (5)
  14. TR/ATRAPS.GEN, TR/ATRAPS.GEN2 in C:\Windows\Installer\{...}
    Plagegeister aller Art und deren Bekämpfung - 13.07.2012 (5)
  15. TR/ATRAPS.Gen und TR/ATRAPS.Gen2 in C:\WINDOWS\Installer\...
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (1)
  16. TR/ATRAPS.GEN, TR/ATRAPS.GEN2 in C:\Windows\Installer\{...} und JAVA/Dldr.Lamar.CI
    Mülltonne - 09.07.2012 (2)
  17. TR/ATRAPS.Gen2 entfernen
    Mülltonne - 26.12.2011 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 2x | Windows 8: TR/ATRAPS.Gen2 entfernen - Hallo, ich habe ein Problem mit einem Trojaner, Avira findet bei mir alle 5-10 Minuten "TR/ATRAPS.Gen2", Ausschnitt aus dem Avira-Bericht: Code: Alles auswählen Aufklappen ATTFilter Typ: Datei Quelle: C:\Program Files - 2x | Windows 8: TR/ATRAPS.Gen2 entfernen...
Archiv
Du betrachtest: 2x | Windows 8: TR/ATRAPS.Gen2 entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131