| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: rvzr-a.akamaihd.net virus auf dem rechnerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.11.2013, 17:44
| #5 |
| |  rvzr-a.akamaihd.net virus auf dem rechner hi leo noch mal besten dank weiss das sehr zu schaetzen FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013
Ran by Frank (administrator) on BODEGA_MARUCCIA on 24-11-2013 17:12:36
Running from C:\Users\Frank\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(AppEx Networks Corporation) C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearch.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mirko Böer) C:\Program Files\SuperMailer\sm.exe
(Sonos, Inc.) C:\Program Files (x86)\Sonos\Sonos.exe
(Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2872176 2012-10-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-09-29] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-29] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [com.apple.dav.bookmarks.daemon] - C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKCU\...\Run: [Copernic Desktop Search - Home] - C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1692200 2013-01-28] (Copernic Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKCU\...\Run: [AppEx Accelerator UI] - C:\Program Files\AMD Quick Stream\AppexAcceleratorUI.exe [1000288 2012-05-22] (AppEx Networks Corporation)
HKCU\...\Run: [AppleIEDAV] - C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1315144 2013-09-04] (Apple Inc.)
HKCU\...\Runonce: [Application Restart #5] - C:\Users\Frank\AppData\Local\Pokki\Engine\pokki.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Frank\AppData\Local\Pokki\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --flag-switches-begin --flag-switches-end --restore-last-session
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-01-19] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-10-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [606024 2013-09-19] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\ [0 ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKCU - DefaultScope {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {41E3EBB7-1E81-4672-8597-63F4ED4807EE} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3317892&CUI=UN24908529903248031&UM=2
SearchScopes: HKCU - {8A45B80F-B0E1-432F-90AB-1A7FA99091FF} URL = hxxp://search.certified-toolbar.com?si=42820&st=bs&tid=3347&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {CE5A0938-A9F2-4A8B-B1A8-3A688B23C7DF} URL =
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: visualbee Helper Object - {66F57190-01EB-45A6-8260-7895267209F7} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\bh\visualbee.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\Frank\AppData\Roaming\HomeTab\HomeTab.dll No File
Toolbar: HKLM-x32 - visualbee Toolbar - {610AF794-9293-4129-9FAF-A81BBDFBFA14} - C:\Program Files (x86)\visualbee\visualbee\1.8.9.1\visualbeeTlbr.dll No File
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default
FF Homepage: about:home
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3317892&SearchSource=2&CUI=UN24468670721935620&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: vis - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: HomeTab - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\{9c72a7f0-9ced-4876-80b8-2cebdc068f07}
FF Extension: No Name - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\xh8uu50j.default\Extensions\WTB_GLOBAL.sqlite
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKCU\...\Firefox\Extensions: [{57319509-7821-41B0-9FDF-3B58F146AE33}] - c:\program files (x86)\copernic desktop search - home\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic desktop search - home\firefoxconnector
Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.de/", "hxxp://www.maruccia.com/", "about:newtab?source=home"
CHR DefaultSearchURL: (google.de) - hxxp://www.google.de/search?hl=de&tbo=d&output=search&sclient=psy-ab&q={searchTerms}&btnG=
CHR DefaultSuggestURL: (google.de) - "suggest_url": "",
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [cfigonhgidedenkkhlilmefgodjpefna] - C:\Users\Frank\AppData\Local\CRE\cfigonhgidedenkkhlilmefgodjpefna.crx
CHR HKLM-x32\...\Chrome\Extension: [npgpgjiajblpbldjkelafjjhfjcddlba] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-29] (Qualcomm Atheros Commnucations)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-09-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-09-19] (BlueStack Systems, Inc.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [90992 2012-10-09] (ELAN Microelectronics Corp.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
S4 SQLAgent$SERVEREXP2008; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SERVEREXP2008\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 StarMoney Business 6.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 6.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2013-10-11] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-29] (Atheros)
==================== Drivers (Whitelisted) ====================
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-11-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-09-19] (BlueStack Systems)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-29] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [610136 2012-11-15] (Kaspersky Lab)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-08] (Windows (R) 2003 DDK 3790 provider)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [89944 2012-11-15] (Kaspersky Lab)
S3 SBIOSIO; \??\C:\Users\Frank\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [x]
S3 UCORESYS; \??\C:\windiag\ReadDMI8\UCORESYS.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-24 17:12 - 2013-11-24 17:12 - 00021988 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 17:10 - 2013-11-24 17:10 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-24 17:09 - 2013-11-24 17:09 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
2013-11-24 09:01 - 2013-11-24 09:01 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities (1).zip
2013-11-24 08:52 - 2013-11-24 08:52 - 00033055 _____ C:\Users\Frank\Desktop\Addition.txt
2013-11-24 08:48 - 2013-11-24 08:51 - 00033055 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-24 08:29 - 2013-11-24 08:30 - 00056443 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-19 16:23 - 2013-11-19 16:24 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:48 - 2013-11-19 13:49 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 13:28 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 10:55 - 2013-11-05 23:58 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-16 10:55 - 2013-11-05 23:58 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:11 - 2013-11-15 12:12 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-19 13:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:45 - 2013-11-15 10:48 - 15211760 _____ (Gougelet Pierre-e ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-13 09:53 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2013-11-13 09:53 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-11-13 09:53 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2013-11-13 09:53 - 2013-09-14 02:15 - 00059416 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2013-11-13 09:53 - 2013-09-13 23:36 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2013-11-13 09:53 - 2013-09-13 23:36 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:34 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2013-11-13 09:53 - 2013-09-13 23:33 - 03279360 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 01622016 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00773120 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00252928 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2013-11-13 09:53 - 2013-09-13 23:33 - 00099328 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2013-11-13 09:53 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\crashdmp.sys
2013-11-13 09:53 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\windows\system32\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAutomationCore.dll
2013-11-13 09:53 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2013-11-13 09:53 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2013-11-13 09:53 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2013-11-13 09:53 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2013-11-13 09:53 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2013-11-13 09:53 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2013-11-13 09:53 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2013-11-13 09:52 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-11-13 09:52 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-11-13 09:52 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-11-13 09:52 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-11-13 09:52 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2013-11-13 09:52 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-11-13 09:52 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2013-11-13 09:52 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-11-13 09:51 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-11-13 09:51 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-11-13 09:51 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-11-13 09:51 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-11-13 09:51 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-11-13 09:50 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2013-11-13 09:50 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:03 - 2013-11-12 10:04 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-05 12:01 - 2013-11-05 12:02 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:17 - 2013-11-04 14:23 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:42 - 2013-11-03 13:47 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:39 - 2013-11-11 13:50 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Windows Net Data
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:09 - 2013-11-03 13:09 - 00003370 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-03 13:08 - 2013-11-24 16:58 - 00000000 ____D C:\Users\Frank\AppData\Local\Conduit
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Conduit
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 13:07 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-03 12:59 - 2013-11-03 13:09 - 00000009 _____ C:\END
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:58 - 2013-11-03 13:40 - 00000000 ____D C:\Users\Frank\AppData\Local\DownloadGuide
2013-11-03 12:56 - 2013-11-03 12:57 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:42 - 2013-11-01 13:43 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-10-31 14:52 - 2013-10-30 11:33 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-31 11:12 - 2013-10-31 11:21 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 12:41 - 2013-08-13 08:38 - 00032328 _____ C:\windows\Launcher.exe
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ
==================== One Month Modified Files and Folders =======
2013-11-24 17:13 - 2013-11-24 17:12 - 00021988 _____ C:\Users\Frank\Downloads\FRST.txt
2013-11-24 17:13 - 2013-01-20 13:29 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Skype
2013-11-24 17:10 - 2013-11-24 17:10 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64 (1).exe
2013-11-24 17:09 - 2013-11-24 17:09 - 01958440 _____ (Farbar) C:\Users\Frank\Downloads\FRST64(1).exe
2013-11-24 17:07 - 2012-12-24 17:23 - 00003592 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-484924946-752710417-643280108-1001
2013-11-24 17:02 - 2013-09-28 16:13 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2013-11-24 17:00 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\sru
2013-11-24 16:58 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\Conduit
2013-11-24 16:44 - 2012-08-29 03:55 - 01568628 _____ C:\windows\WindowsUpdate.log
2013-11-24 16:29 - 2012-12-28 12:56 - 00001140 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-24 15:48 - 2013-05-17 20:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-11-24 13:34 - 2013-01-22 19:55 - 00000000 ____D C:\Users\Frank\AppData\Roaming\SuperMailer
2013-11-24 09:01 - 2013-11-24 09:01 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities (1).zip
2013-11-24 08:52 - 2013-11-24 08:52 - 00033055 _____ C:\Users\Frank\Desktop\Addition.txt
2013-11-24 08:51 - 2013-11-24 08:48 - 00033055 _____ C:\Users\Frank\Downloads\Addition.txt
2013-11-24 08:30 - 2013-11-24 08:29 - 00056443 _____ C:\Users\Frank\Desktop\FRST.txt
2013-11-24 08:26 - 2012-12-24 17:30 - 00000000 ____D C:\Users\Frank\AppData\Local\Adobe
2013-11-23 20:25 - 2013-11-23 20:25 - 00000000 ____D C:\FRST
2013-11-23 20:23 - 2013-11-23 20:23 - 01958396 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2013-11-22 15:41 - 2012-12-31 16:41 - 00000000 ____D C:\Users\Frank\AppData\Local\CrashDumps
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller.zip
2013-11-22 15:38 - 2013-11-22 15:38 - 04101441 _____ C:\Users\Frank\Downloads\tdsskiller (1).zip
2013-11-22 15:36 - 2013-11-22 15:36 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Frank\Downloads\tdsskiller.exe
2013-11-22 14:29 - 2012-12-28 12:56 - 00001136 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-22 08:41 - 2013-06-23 17:38 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 6.0
2013-11-22 06:19 - 2013-01-23 12:51 - 00000000 ____D C:\Program Files (x86)\StarMoney 8.0
2013-11-21 23:08 - 2013-03-01 08:53 - 00089600 ___SH C:\Users\Frank\Documents\Thumbs.db
2013-11-21 23:00 - 2013-04-24 16:37 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0
2013-11-21 10:36 - 2013-10-16 09:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-21 10:36 - 2012-12-27 10:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 08:36 - 2012-08-29 20:12 - 02684562 _____ C:\windows\system32\perfh007.dat
2013-11-21 08:36 - 2012-08-29 20:12 - 00739004 _____ C:\windows\system32\perfc007.dat
2013-11-21 08:36 - 2012-07-26 08:28 - 00006048 _____ C:\windows\system32\PerfStringBackup.INI
2013-11-21 08:35 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2013-11-20 12:34 - 2012-12-30 11:31 - 518587392 _____ C:\Users\Frank\Documents\archive1.pst
2013-11-20 12:34 - 2012-12-27 17:05 - 00000000 ____D C:\Users\Frank\Documents\Outlook-Dateien
2013-11-19 16:33 - 2012-08-29 04:43 - 00000000 ____D C:\ProgramData\WinClon
2013-11-19 16:24 - 2013-11-19 16:23 - 04979632 _____ C:\windows\system32\FNTCACHE.DAT
2013-11-19 16:24 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-11-19 16:23 - 2012-08-05 22:07 - 00835702 _____ C:\windows\PFRO.log
2013-11-19 16:22 - 2012-07-26 06:26 - 00524288 ___SH C:\windows\system32\config\BBI
2013-11-19 16:19 - 2013-05-10 21:20 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2013-11-19 16:19 - 2013-05-10 15:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2013-11-19 13:53 - 2013-11-19 13:53 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-19 13:53 - 2013-11-19 13:53 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-19 13:50 - 2013-11-19 13:50 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT (1).exe
2013-11-19 13:50 - 2013-11-15 10:50 - 00000000 ____D C:\Users\Frank\AppData\Roaming\XnView
2013-11-19 13:49 - 2013-11-19 13:49 - 00000000 ____D C:\windows\ERUNT
2013-11-19 13:49 - 2013-11-19 13:48 - 01034531 _____ (Thisisu) C:\Users\Frank\Downloads\JRT.exe
2013-11-18 13:28 - 2013-11-18 12:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-18 13:28 - 2013-11-18 12:12 - 00000000 ____D C:\Users\Frank\Desktop\mbar
2013-11-18 12:20 - 2013-05-06 12:26 - 00001793 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
2013-11-18 12:14 - 2013-11-18 12:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-11-18 12:13 - 2013-11-18 12:13 - 00116440 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-18 12:12 - 2013-11-18 12:12 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Frank\Downloads\mbar-1.07.0.1007.exe
2013-11-18 12:12 - 2013-11-18 12:12 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2013-11-16 16:45 - 2012-07-26 09:12 - 00000000 ____D C:\windows\rescache
2013-11-16 11:14 - 2013-11-16 11:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-16 11:14 - 2013-05-17 20:11 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ___RD C:\windows\ToastData
2013-11-16 10:49 - 2012-07-26 09:12 - 00000000 ____D C:\windows\WinStore
2013-11-16 10:17 - 2013-11-16 10:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 15:14 - 2013-11-15 15:14 - 00018117 _____ C:\Users\Frank\Documents\versandliste-porsche.odt
2013-11-15 14:51 - 2013-03-17 18:40 - 00000000 ____D C:\Users\Frank\.gimp-2.8
2013-11-15 12:12 - 2013-11-15 12:12 - 00001793 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iTunes
2013-11-15 12:12 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-15 12:11 - 2013-11-15 12:11 - 00000000 ____D C:\Program Files\iPod
2013-11-15 10:50 - 2013-11-15 10:50 - 00000925 _____ C:\Users\Frank\Desktop\XnView.lnk
2013-11-15 10:49 - 2013-11-15 10:49 - 00000000 ____D C:\Program Files (x86)\XnView
2013-11-15 10:48 - 2013-11-15 10:45 - 15211760 _____ (Gougelet Pierre-e ) C:\Users\Frank\Downloads\XnView-win-full_2.05.exe
2013-11-15 10:42 - 2013-11-15 10:42 - 00002656 _____ C:\Users\Frank\AppData\Local\recently-used.xbel
2013-11-14 08:55 - 2013-11-14 08:55 - 00001957 _____ C:\Users\Public\Desktop\Sonos.lnk
2013-11-14 08:55 - 2013-09-28 16:13 - 00000000 ____D C:\Program Files (x86)\Sonos
2013-11-14 08:55 - 2012-12-28 10:06 - 00000000 ____D C:\Users\Frank\AppData\Local\Downloaded Installations
2013-11-13 10:42 - 2012-12-27 16:04 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 10:35 - 2013-08-14 07:37 - 00000000 ____D C:\windows\system32\MRT
2013-11-13 10:30 - 2012-12-28 09:34 - 82896128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-11-12 10:04 - 2013-11-05 12:03 - 00002184 _____ C:\Users\Frank\Documents\signatur-club-3.html
2013-11-11 17:18 - 2013-11-11 17:18 - 00001091 _____ C:\Users\Frank\Downloads\Bilder - Verknüpfung.lnk
2013-11-11 14:04 - 2013-11-11 14:04 - 01116492 _____ C:\Users\Frank\Downloads\codestyling-localization.1.99.30.zip
2013-11-11 14:01 - 2013-11-11 14:01 - 00023749 _____ C:\Users\Frank\Documents\sdfks.html
2013-11-11 13:50 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\NewsletterDesigner
2013-11-07 17:14 - 2013-11-07 17:14 - 00000200 _____ C:\Users\Frank\Documents\wordpress.txt
2013-11-07 16:15 - 2013-11-07 16:15 - 00010451 _____ C:\Users\Frank\Downloads\woocommerce-min-max-quantities.zip
2013-11-06 16:38 - 2013-11-06 16:38 - 00466494 _____ C:\Users\Frank\Documents\maruccia_stempel.eps
2013-11-05 23:58 - 2013-11-16 10:55 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-11-05 23:58 - 2013-11-16 10:55 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-05 16:21 - 2012-07-26 09:12 - 00000000 ____D C:\windows\system32\NDF
2013-11-05 16:04 - 2013-01-09 09:42 - 00386048 ___SH C:\Users\Frank\Desktop\Thumbs.db
2013-11-05 12:07 - 2013-11-05 12:07 - 00001490 _____ C:\Users\Frank\Documents\signatur-club-4.html
2013-11-05 12:04 - 2013-06-30 17:27 - 00000000 ____D C:\Users\Frank\AppData\Local\Windows Live
2013-11-05 12:02 - 2013-11-05 12:01 - 00002232 _____ C:\Users\Frank\Documents\signatur-club-2.html
2013-11-05 11:56 - 2013-07-08 09:18 - 00001490 _____ C:\Users\Frank\Documents\signatur-club.html
2013-11-05 11:15 - 2013-11-05 11:15 - 00024576 _____ C:\Users\Frank\Documents\analiticas BISK BALEARIC.xls
2013-11-04 14:23 - 2013-11-05 11:17 - 00028508 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_1.ods
2013-11-04 14:05 - 2013-11-04 14:05 - 104867914 _____ C:\windows\SysWOW64\┾ꅛLŔ
2013-11-03 13:47 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\Documents\NewsletterDesigner
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\mresreg
2013-11-03 13:42 - 2013-11-03 13:42 - 00000000 ____D C:\Users\Frank\AppData\Roaming\IN-MEDIAKG
2013-11-03 13:42 - 2013-06-04 11:17 - 00006050 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-11-03 13:40 - 2013-11-03 12:58 - 00000000 ____D C:\Users\Frank\AppData\Local\DownloadGuide
2013-11-03 13:39 - 2013-11-03 13:39 - 00001153 _____ C:\Users\Frank\Desktop\NewsletterDesigner.lnk
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Windows Net Data
2013-11-03 13:39 - 2013-11-03 13:39 - 00000000 ____D C:\Program Files (x86)\mresreg
2013-11-03 13:09 - 2013-11-03 13:09 - 00003370 _____ C:\windows\System32\Tasks\BackgroundContainer Startup Task
2013-11-03 13:09 - 2013-11-03 12:59 - 00000009 _____ C:\END
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\Users\Frank\AppData\Local\NativeMessaging
2013-11-03 13:08 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Conduit
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Users\Frank\AppData\Local\CRE
2013-11-03 13:08 - 2013-11-03 13:07 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-11-03 12:59 - 2013-11-03 12:59 - 00000140 _____ C:\Users\Frank\Desktop\Amazon.url
2013-11-03 12:57 - 2013-11-03 12:56 - 00567144 _____ C:\Users\Frank\Downloads\nldsetup-Downloader.exe
2013-11-02 10:13 - 2013-11-02 10:13 - 00021434 _____ C:\Users\Frank\Documents\newsletter-test.html
2013-11-01 13:43 - 2013-11-01 13:43 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Nvu
2013-11-01 13:43 - 2013-11-01 13:42 - 00000000 ____D C:\Program Files (x86)\Nvu
2013-11-01 13:43 - 2012-12-24 17:15 - 00000000 ____D C:\Users\Frank\AppData\Local\VirtualStore
2013-11-01 13:42 - 2013-11-01 13:42 - 06297003 _____ (Thorsten Fritz ) C:\Users\Frank\Downloads\nvu-1.0-win32-installer-de-DE.exe
2013-11-01 13:37 - 2013-11-01 13:37 - 00000000 ____D C:\Users\Frank\Documents\mystical
2013-11-01 13:36 - 2013-11-01 13:36 - 00000000 ____D C:\Users\Frank\Documents\html-vorlage-mail
2013-11-01 12:35 - 2013-11-01 12:35 - 00001456 _____ C:\Users\Frank\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-11-01 12:34 - 2012-12-24 17:16 - 00000000 ____D C:\Users\Frank\AppData\Roaming\Adobe
2013-11-01 08:57 - 2013-01-22 19:55 - 00000000 ____D C:\Program Files\SuperMailer
2013-10-31 11:21 - 2013-10-31 11:12 - 00000000 ____D C:\AdwCleaner
2013-10-31 11:21 - 2013-08-25 11:40 - 00000000 ____D C:\windows\System32\Tasks\Browser Updater
2013-10-31 11:21 - 2013-04-21 19:13 - 00000000 ____D C:\windows\System32\Tasks\ProtectedSearch
2013-10-31 11:21 - 2013-03-10 17:30 - 00000000 ____D C:\Users\Frank\AppData\Roaming\CheckPoint
2013-10-31 11:12 - 2013-10-31 11:12 - 01060070 _____ C:\Users\Frank\Downloads\adwcleaner-3.010.exe
2013-10-31 10:58 - 2013-10-31 10:58 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Frank\Downloads\SpyHunter-Installer.exe
2013-10-30 11:33 - 2013-10-31 14:52 - 00028462 _____ C:\Users\Frank\Documents\versanduebersicht-mitgliederuebersicht.xls_0.ods
2013-10-30 09:32 - 2013-10-30 09:32 - 00070656 _____ C:\Users\Frank\Documents\Bodega Maruccia 28.10.13.xls
2013-10-28 14:22 - 2013-10-28 14:22 - 00064000 _____ C:\Users\Frank\Documents\Maruccia1
2013-10-28 14:19 - 2013-10-28 14:19 - 103734365 _____ C:\windows\SysWOW64\楁烬Lŝ
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
Some content of TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Frank\AppData\Local\Temp\tbRadi.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-19 10:14
==================== End Of Log ============================
|
| Themen zu rvzr-a.akamaihd.net virus auf dem rechner |
| bekannte, beste, eingeblendet, freue, kurzem, popups, probleme, problemen, rechner, rvzr-a.akamaihd.net, rvzr-a.akamaihd.net trojaner windows 8, virus, weiterhelfen, werbung, windows, windows 8 |
Baum-Darstellung