| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Veralteter Browser erkannt /Java /FlashplayerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.01.2014, 13:44
| #1 |
| |  Veralteter Browser erkannt /Java /Flashplayer Hallo und zwar habe ich seit ein paar Tagen das Problem das in meinem Firefox nach einiger Zeit ein neuer TAB aufgeht mit einem Popup wo unterschiedliche Sachen drin stehen. Also ich hatte schon : veralteter Browser erkannt, Java veraltet oder Flashplayer veraltet. Wir haben folgendes unternommen am 3.1.14 : Antivir drüberlaufen lassen Windows Defender Malwarebytes Anti-Malware Emsisoft Anti-Malware. Es hat nichts geholfen. Heute hatte ich diese Meldungen noch nicht aber ich bin mir nicht sicher ob sie nicht wieder auftauchen. Hatte im Forum schon sowas ähnliches gelesen und auch schon FRST runtergeladen. Ich hoffe ihr könnt mir helfen . Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Cyberhexe at 2014-01-04 13:35:36
Running from C:\Users\Cyberhexe\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (x32 Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4399.36214 - Advanced Micro Devices, Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battle.net (x32 Version: - Blizzard Entertainment)
Black Mirror 2 (x32 Version: - dtp)
Brother MFL-Pro Suite DCP-150C (x32 Version: 1.0.2.0 - Brother Industries, Ltd.)
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Cool & Quiet (x32 Version: - )
Dark Mysteries - Der Seelensammler (x32 Version: - cerasus.media GmbH)
DeathMan (x32 Version: - DominiGames)
Diablo III (x32 Version: - Blizzard Entertainment)
Die Sims™ 3 (x32 Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Supernatural (x32 Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126 - Electronic Arts)
Eastville Chronicles Fluch des Opernhauses (x32 Version: - rondomedia)
Edna Bricht Aus - Sammler Edition (x32 Version: 1.2 - Daedalic Entertainment)
Emsisoft Anti-Malware (x32 Version: 8.1 - Emsisoft GmbH)
EPU-4 Engine (x32 Version: 1.02.01 - )
Fallen Shadows - Schatten der Kindheit (x32 Version: 1.0.0 - Happy Muffin Top)
Farm Mystery - Das Grauen von Orchardville (x32 Version: 1.0 - rondomedia)
Google Chrome (HKCU Version: 31.0.1650.63 - Google Inc.)
Guild Wars 2 (x32 Version: - NCsoft Corporation, Ltd.)
Harveys neue Augen Special Edition (x32 Version: 1.3 - Daedalic Entertainment)
Hearthstone (x32 Version: - Blizzard Entertainment)
Hidden Runaway (x32 Version: - rondomedia Marketing & Vertriebs GmbH)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Logitech Webcam Software (x32 Version: 1.20 - Logitech)
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Midnight Mysteries Haunted Houdini (x32 Version: 1.1.0.0 - MumboJumbo)
Missing Mona Lisa (x32 Version: - rondomedia Marketing & Vertriebs GmbH)
MobMap 4.31 (x32 Version: - Slarti on EU-Blackhand)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSI Afterburner 2.1.0 (x32 Version: 2.1.0 - MSI Co., LTD)
Mystery Stories - Das Geisterschiff (x32 Version: - Rondomedia)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Update 1.12.12 (Version: 1.12.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
OpenAL (x32 Version: - )
Origin (x32 Version: 9.1.15.109 - Electronic Arts, Inc.)
posterXXL Designer 5.2 (x32 Version: - )
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.2 - RealNetworks)
Realtek Ethernet Controller Driver (x32 Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Red Crow Mysteries - Legion (x32 Version: - )
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (x32 Version: - )
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)
The Mighty Quest For Epic Loot Version 1.213647 (x32 Version: 1.213647 - )
The Walking Dead (x32 Version: 1.0.0.15 - Telltale Games)
Torchlight II (x32 Version: - White Rabbit Interactive)
TuneUp Utilities (x32 Version: 9.0.6000.19 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6000.19 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.6000.19 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Walsingham‘s Manor - Verlies der Seelen (x32 Version: - rondomedia Marketing & Vertriebs GmbH)
Winamp (x32 Version: 5.623 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
World of Warcraft (x32 Version: - Blizzard Entertainment)
World of Warcraft Beta (x32 Version: 5.0.1.15781 - Blizzard Entertainment)
==================== Restore Points =========================
27-12-2013 17:53:55 Windows Update
31-12-2013 14:10:45 Windows Update
03-01-2014 19:22:43 Installed SpyHunter
03-01-2014 20:08:50 Removed SpyHunter
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {15DC1780-FB12-4B45-837E-B44229BD12C9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {42085168-BA67-41B0-BBC2-402E390055E9} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {580057D9-C60E-43E3-9445-61E783F4883E} - System32\Tasks\Real Networks Scheduler => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2013-07-11] (RealNetworks, Inc.)
Task: {5955968B-A03F-4042-BFBE-824DA62554E6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2893454199-3596817668-125467067-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5D112AE4-C3F6-4579-AC77-3DCD43F9F9B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {9D48FD3E-241A-4941-BC20-5C12D2DA1BF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-03] (Adobe Systems Incorporated)
Task: {A9F325BB-EC7B-4BCF-B9C2-1BDF7F47D73B} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {ACE2B3EE-3E09-4372-8052-34086BC2DFC8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {B5002373-35F9-41C8-99CE-8A9B09F78B1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C2561D23-5FDD-47E8-9465-0DAB0824DF2B} - System32\Tasks\Google Updater and Installer => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {FFB29655-1881-4B3D-8018-5E36F1224E29} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\TuneUp Utilities 2010\OneClickStarter.exe [2011-05-31] (TuneUp Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-14 12:48 - 2013-04-14 12:42 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-11-21 18:15 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-01-03 17:41 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 17:54 - 2014-01-03 16:44 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:1234ADAE
AlternateDataStreams: C:\Users\Cyberhexe\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Cookies:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2014 01:06:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 09:08:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (01/03/2014 07:27:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 03:57:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 02:35:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 00:00:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 04:41:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 03:59:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 03:17:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (01/02/2014 03:16:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (01/04/2014 01:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/04/2014 01:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/04/2014 01:05:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/03/2014 10:53:57 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (01/03/2014 07:28:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/03/2014 07:28:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (01/03/2014 07:26:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/03/2014 06:51:48 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (01/03/2014 03:58:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (01/03/2014 03:58:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (01/04/2014 01:06:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 09:08:36 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8de401cf08bf6a2ef839C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dlld37c04ad-74b2-11e3-8012-5404a653c917
Error: (01/03/2014 07:27:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 03:57:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 02:35:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/03/2014 00:00:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 04:41:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 03:59:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 03:17:51 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe
Error: (01/02/2014 03:16:18 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 8174.12 MB
Available physical RAM: 6111.7 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 13623.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.66 GB) (Free:40.06 GB) NTFS
Drive d: () (Fixed) (Total:244.14 GB) (Free:85.84 GB) NTFS
Drive e: () (Fixed) (Total:123.87 GB) (Free:86.52 GB) NTFS
Drive g: () (Fixed) (Total:74.52 GB) (Free:57.88 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 74BC26AE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=124 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 75 GB) (Disk ID: CF4FCF4F)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Cyberhexe (administrator) on FIRESTORMOMEGA on 04-01-2014 13:34:43
Running from C:\Users\Cyberhexe\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nullsoft, Inc.) E:\Winamp\winampa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1607DB3DE0D9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
FireFox:
========
FF ProfilePath: C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Bubble Island) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgmamcledfbjjcekmpppenaomjihgea\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
==================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-04 13:34 - 2014-01-04 13:35 - 00012299 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Downloads\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-04 13:30 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:16 - 2014-01-03 21:24 - 235256512 _____ (Emsisoft GmbH ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:22 - 2014-01-03 21:09 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 14:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-22 21:02 - 2014-01-02 18:27 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2013-12-21 13:11 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 19:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:39 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 19:39 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:39 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:39 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:39 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:39 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:39 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:39 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 19:39 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 19:39 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 17:56 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 17:55 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 17:55 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 17:55 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 17:55 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 17:55 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 17:55 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 17:55 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 17:55 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 17:55 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 17:55 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
==================== One Month Modified Files and Folders =======
2014-01-04 13:35 - 2014-01-04 13:34 - 00012299 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:31 - 2012-12-22 11:44 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000
2014-01-04 13:30 - 2014-01-03 21:24 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Downloads\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:25 - 2012-01-23 20:27 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-04 13:15 - 2012-04-29 10:08 - 00055771 _____ C:\Windows\setupact.log
2014-01-04 13:12 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 13:12 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 13:09 - 2012-01-23 15:54 - 01297842 _____ C:\Windows\WindowsUpdate.log
2014-01-04 13:09 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-04 13:09 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-04 13:09 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 13:05 - 2012-01-24 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-04 13:05 - 2012-01-23 15:55 - 00000000 ____D C:\Users\Cyberhexe
2014-01-04 13:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 22:53 - 2012-04-04 20:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:16 - 235256512 _____ (Emsisoft GmbH ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 21:09 - 2014-01-03 20:22 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 20:18 - 2013-08-16 16:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Battle.net
2014-01-03 19:25 - 2012-11-20 18:18 - 00016566 _____ C:\Windows\PFRO.log
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:41 - 2013-12-21 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 17:16 - 2012-02-10 18:20 - 00003808 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-03 16:45 - 2012-02-03 18:21 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Adobe
2014-01-03 16:44 - 2012-04-04 20:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-03 16:44 - 2012-04-04 20:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 16:44 - 2012-01-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:27 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 14:23 - 2012-02-03 18:20 - 00000000 ____D C:\ProgramData\Adobe
2014-01-02 10:31 - 2013-03-13 17:54 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Dies und Das
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-31 15:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 19:25 - 2012-01-23 20:27 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job
2013-12-30 16:08 - 2013-06-17 17:29 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Spiele
2013-12-30 16:06 - 2013-07-10 17:04 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Wimmelspiele
2013-12-30 16:06 - 2012-04-14 12:05 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Winamp
2013-12-29 13:12 - 2013-10-18 15:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\._LiveCode_
2013-12-23 14:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-21 13:23 - 2013-08-16 16:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-20 17:55 - 2013-05-08 19:52 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2013-08-14 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 16:51 - 2013-08-30 18:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-13 16:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
2013-12-06 15:27 - 2012-01-23 20:28 - 00002382 _____ C:\Users\Cyberhexe\Desktop\Google Chrome.lnk
Some content of TEMP:
====================
C:\Users\Cyberhexe\AppData\Local\Temp\11-12_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Cyberhexe\AppData\Local\Temp\avgnt.exe
C:\Users\Cyberhexe\AppData\Local\Temp\CheckLang.dll
C:\Users\Cyberhexe\AppData\Local\Temp\CtRunApp.dll
C:\Users\Cyberhexe\AppData\Local\Temp\devcon.exe
C:\Users\Cyberhexe\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Cyberhexe\AppData\Local\Temp\Gw2.exe
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2208147.dll
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2218739.dll
C:\Users\Cyberhexe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStInst.exe
C:\Users\Cyberhexe\AppData\Local\Temp\rootsupd.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Setup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\SHSetup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Uninstaller-828.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cyberhexe\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-02 15:16
==================== End Of Log ============================
|
|
04.01.2014, 13:50
| #2 |
| /// the machine /// TB-Ausbilder    | Veralteter Browser erkannt /Java /Flashplayer hi,
__________________Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
04.01.2014, 20:07
| #3 |
| | Veralteter Browser erkannt /Java /FlashplayerCode:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 04/01/2014 um 13:57:33
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Cyberhexe - FIRESTORMOMEGA
# Gestartet von : C:\Users\Cyberhexe\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Imesh
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2617 octets] - [04/01/2014 13:52:40]
AdwCleaner[R1].txt - [2675 octets] - [04/01/2014 13:56:39]
AdwCleaner[S0].txt - [2540 octets] - [04/01/2014 13:57:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2600 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Cyberhexe on 04.01.2014 at 14:01:59,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Cyberhexe\AppData\Roaming\getrighttogo"
~~~ FireFox
Emptied folder: C:\Users\Cyberhexe\AppData\Roaming\mozilla\firefox\profiles\oiaiudte.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.01.2014 at 14:14:52,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Cyberhexe (administrator) on FIRESTORMOMEGA on 04-01-2014 14:16:22
Running from C:\Users\Cyberhexe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1607DB3DE0D9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
FireFox:
========
FF ProfilePath: C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Bubble Island) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgmamcledfbjjcekmpppenaomjihgea\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
==================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-04 14:16 - 2014-01-04 14:16 - 00011997 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-04 14:14 - 2014-01-04 14:14 - 00000848 _____ C:\Users\Cyberhexe\Desktop\JRT.txt
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:01 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Desktop\JRT.exe
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:59 - 2014-01-04 13:59 - 00002688 _____ C:\Users\Cyberhexe\Desktop\AdwCleaner[S0].txt
2014-01-04 13:52 - 2014-01-04 13:57 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:52 - 2014-01-04 13:52 - 01233962 _____ C:\Users\Cyberhexe\Desktop\adwcleaner.exe
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:34 - 2014-01-04 13:35 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-04 14:12 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:16 - 2014-01-03 21:24 - 235256512 _____ (Emsisoft GmbH ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:22 - 2014-01-03 21:09 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 14:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-22 21:02 - 2014-01-02 18:27 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2013-12-21 13:11 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 19:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:39 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 19:39 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:39 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:39 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:39 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:39 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:39 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:39 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 19:39 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 19:39 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 17:56 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 17:55 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 17:55 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 17:55 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 17:55 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 17:55 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 17:55 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 17:55 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 17:55 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 17:55 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 17:55 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
==================== One Month Modified Files and Folders =======
2014-01-04 14:16 - 2014-01-04 14:16 - 00011997 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-04 14:14 - 2014-01-04 14:14 - 00000848 _____ C:\Users\Cyberhexe\Desktop\JRT.txt
2014-01-04 14:12 - 2014-01-03 21:24 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-04 14:06 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 14:06 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 14:05 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-04 14:05 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-04 14:05 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:00 - 2014-01-04 14:01 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Desktop\JRT.exe
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:59 - 2014-01-04 13:59 - 00002688 _____ C:\Users\Cyberhexe\Desktop\AdwCleaner[S0].txt
2014-01-04 13:59 - 2012-04-29 10:08 - 00055827 _____ C:\Windows\setupact.log
2014-01-04 13:59 - 2012-01-24 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-04 13:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 13:57 - 2014-01-04 13:52 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:57 - 2012-01-23 15:55 - 00000000 ____D C:\Users\Cyberhexe
2014-01-04 13:57 - 2012-01-23 15:54 - 01309699 _____ C:\Windows\WindowsUpdate.log
2014-01-04 13:53 - 2012-04-04 20:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 13:52 - 2014-01-04 13:52 - 01233962 _____ C:\Users\Cyberhexe\Desktop\adwcleaner.exe
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:35 - 2014-01-04 13:34 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:31 - 2012-12-22 11:44 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:25 - 2012-01-23 20:27 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:16 - 235256512 _____ (Emsisoft GmbH ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 21:09 - 2014-01-03 20:22 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 20:18 - 2013-08-16 16:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Battle.net
2014-01-03 19:25 - 2012-11-20 18:18 - 00016566 _____ C:\Windows\PFRO.log
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:41 - 2013-12-21 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 17:16 - 2012-02-10 18:20 - 00003808 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-03 16:45 - 2012-02-03 18:21 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Adobe
2014-01-03 16:44 - 2012-04-04 20:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-03 16:44 - 2012-04-04 20:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 16:44 - 2012-01-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:27 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 14:23 - 2012-02-03 18:20 - 00000000 ____D C:\ProgramData\Adobe
2014-01-02 10:31 - 2013-03-13 17:54 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Dies und Das
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-31 15:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 19:25 - 2012-01-23 20:27 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job
2013-12-30 16:08 - 2013-06-17 17:29 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Spiele
2013-12-30 16:06 - 2013-07-10 17:04 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Wimmelspiele
2013-12-30 16:06 - 2012-04-14 12:05 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Winamp
2013-12-29 13:12 - 2013-10-18 15:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\._LiveCode_
2013-12-23 14:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-21 13:23 - 2013-08-16 16:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-20 17:55 - 2013-05-08 19:52 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2013-08-14 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 16:51 - 2013-08-30 18:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-13 16:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
2013-12-06 15:27 - 2012-01-23 20:28 - 00002382 _____ C:\Users\Cyberhexe\Desktop\Google Chrome.lnk
Some content of TEMP:
====================
C:\Users\Cyberhexe\AppData\Local\Temp\11-12_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Cyberhexe\AppData\Local\Temp\avgnt.exe
C:\Users\Cyberhexe\AppData\Local\Temp\CheckLang.dll
C:\Users\Cyberhexe\AppData\Local\Temp\CtRunApp.dll
C:\Users\Cyberhexe\AppData\Local\Temp\devcon.exe
C:\Users\Cyberhexe\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Cyberhexe\AppData\Local\Temp\Gw2.exe
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2208147.dll
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2218739.dll
C:\Users\Cyberhexe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStInst.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Quarantine.exe
C:\Users\Cyberhexe\AppData\Local\Temp\rootsupd.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Setup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\SHSetup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Uninstaller-828.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cyberhexe\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-02 15:16
==================== End Of Log ============================
--- --- --- Wollte Danke sagen also bis jetzt habe ich keine weiteren Tabs/Popups bekommen  |
|
05.01.2014, 16:22
| #4 |
| /// the machine /// TB-Ausbilder | Veralteter Browser erkannt /Java /FlashplayerESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.01.2014, 14:33
| #5 |
| | Veralteter Browser erkannt /Java /Flashplayer Hier die Logs: Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f1904efb8fc91c41b6b10d5b29f0c31c
# engine=16544
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-07 01:26:00
# local_time=2014-01-07 02:26:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 8477 159772465 1247 0
# compatibility_mode=5893 16776573 100 94 257455 140731010 0 0
# scanned=215249
# found=0
# cleaned=0
# scan_time=4615
Code:
ATTFilter Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 TuneUp Utilities TuneUp Utilities Language Pack (de-DE) TuneUp Utilities Java 7 Update 45 Adobe Flash Player 11.9.900.170 Adobe Reader XI Mozilla Firefox (26.0) Google Chrome 31.0.1650.57 Google Chrome 31.0.1650.63 ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe windows defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Cyberhexe (administrator) on FIRESTORMOMEGA on 07-01-2014 14:32:06
Running from C:\Users\Cyberhexe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1607DB3DE0D9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
FireFox:
========
FF ProfilePath: C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Bubble Island) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgmamcledfbjjcekmpppenaomjihgea\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-07 14:32 - 2014-01-07 14:32 - 00011212 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-07 14:32 - 2014-01-07 14:32 - 00000000 ____D C:\Users\Cyberhexe\Desktop\FRST-OlderVersion
2014-01-07 14:29 - 2014-01-07 14:29 - 00000958 _____ C:\Users\Cyberhexe\Desktop\checkup.txt
2014-01-07 14:28 - 2014-01-07 14:28 - 00987410 _____ C:\Users\Cyberhexe\Desktop\SecurityCheck.exe
2014-01-07 13:06 - 2014-01-07 13:06 - 02347384 _____ (ESET) C:\Users\Cyberhexe\Downloads\esetsmartinstaller_enu.exe
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:52 - 2014-01-04 13:57 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:34 - 2014-01-07 14:32 - 00000000 ____D C:\FRST
2014-01-04 13:34 - 2014-01-04 13:35 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:27 - 2014-01-07 14:32 - 01931762 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:24 - 2014-01-07 14:27 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:24 - 2014-01-07 14:27 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-03 21:16 - 2014-01-03 21:24 - 235256512 _____ (Emsisoft GmbH ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:22 - 2014-01-03 21:09 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 14:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-22 21:02 - 2014-01-02 18:27 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2013-12-21 13:11 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 19:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:39 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 19:39 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:39 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:39 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:39 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:39 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:39 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:39 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 19:39 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 19:39 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 17:56 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 17:55 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 17:55 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 17:55 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 17:55 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 17:55 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 17:55 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 17:55 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 17:55 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 17:55 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 17:55 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
==================== One Month Modified Files and Folders =======
2014-01-07 14:32 - 2014-01-07 14:32 - 00011212 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-07 14:32 - 2014-01-07 14:32 - 00000000 ____D C:\Users\Cyberhexe\Desktop\FRST-OlderVersion
2014-01-07 14:32 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-07 14:32 - 2014-01-04 13:27 - 01931762 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-07 14:29 - 2014-01-07 14:29 - 00000958 _____ C:\Users\Cyberhexe\Desktop\checkup.txt
2014-01-07 14:28 - 2014-01-07 14:28 - 00987410 _____ C:\Users\Cyberhexe\Desktop\SecurityCheck.exe
2014-01-07 14:27 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-07 14:27 - 2014-01-03 21:24 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-07 14:25 - 2012-01-23 20:27 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job
2014-01-07 14:16 - 2012-01-23 15:54 - 01417488 _____ C:\Windows\WindowsUpdate.log
2014-01-07 13:53 - 2012-04-04 20:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 13:12 - 2012-04-29 10:08 - 00056499 _____ C:\Windows\setupact.log
2014-01-07 13:11 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-07 13:11 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-07 13:09 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-07 13:09 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-07 13:09 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 13:06 - 2014-01-07 13:06 - 02347384 _____ (ESET) C:\Users\Cyberhexe\Downloads\esetsmartinstaller_enu.exe
2014-01-07 13:03 - 2012-01-24 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-07 13:03 - 2012-01-23 15:55 - 00000000 ____D C:\Users\Cyberhexe
2014-01-07 13:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 20:13 - 2013-08-16 16:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Battle.net
2014-01-06 19:25 - 2012-01-23 20:27 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job
2014-01-05 11:55 - 2013-10-18 15:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\._LiveCode_
2014-01-04 14:20 - 2013-03-13 17:54 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Dies und Das
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:57 - 2014-01-04 13:52 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:35 - 2014-01-04 13:34 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:31 - 2012-12-22 11:44 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:24 - 2014-01-03 21:16 - 235256512 _____ (Emsisoft GmbH ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 21:09 - 2014-01-03 20:22 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 19:25 - 2012-11-20 18:18 - 00016566 _____ C:\Windows\PFRO.log
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:41 - 2013-12-21 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 17:16 - 2012-02-10 18:20 - 00003808 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-03 16:45 - 2012-02-03 18:21 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Adobe
2014-01-03 16:44 - 2012-04-04 20:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-03 16:44 - 2012-04-04 20:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 16:44 - 2012-01-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:27 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 14:23 - 2012-02-03 18:20 - 00000000 ____D C:\ProgramData\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-31 15:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 16:08 - 2013-06-17 17:29 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Spiele
2013-12-30 16:06 - 2013-07-10 17:04 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Wimmelspiele
2013-12-30 16:06 - 2012-04-14 12:05 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Winamp
2013-12-23 14:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-21 13:23 - 2013-08-16 16:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-20 17:55 - 2013-05-08 19:52 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2013-08-14 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 16:51 - 2013-08-30 18:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-13 16:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
Some content of TEMP:
====================
C:\Users\Cyberhexe\AppData\Local\Temp\11-12_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Cyberhexe\AppData\Local\Temp\avgnt.exe
C:\Users\Cyberhexe\AppData\Local\Temp\CheckLang.dll
C:\Users\Cyberhexe\AppData\Local\Temp\CtRunApp.dll
C:\Users\Cyberhexe\AppData\Local\Temp\devcon.exe
C:\Users\Cyberhexe\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Cyberhexe\AppData\Local\Temp\Gw2.exe
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2208147.dll
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2218739.dll
C:\Users\Cyberhexe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStInst.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Quarantine.exe
C:\Users\Cyberhexe\AppData\Local\Temp\rootsupd.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Setup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\SHSetup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Uninstaller-828.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cyberhexe\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-02 15:16
==================== End Of Log ============================
Bis jetzt scheint alles ruhig zu sein Die komischen Meldungen erscheinen auf jeden fall net mehr Danke nochmal für deine Hilfe! |
|
08.01.2014, 08:34
| #6 |
| /// the machine /// TB-Ausbilder | Veralteter Browser erkannt /Java /Flashplayer Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Veralteter Browser erkannt /Java /Flashplayer |
|
08.01.2014, 14:23
| #7 |
| | Veralteter Browser erkannt /Java /Flashplayer Nochmal ein riesen Dankeschön an Dich! Bisher hab ich keine Probleme mehr mit dem/den Browser/n! Die Log-Datei hat das Programm gelöscht *g* aber dazu gesagt, hab ich das Anti-Maleware Programm vorher schon deinstalliert gehabt. Also nochmal ein riesen Dankeschön |
|
09.01.2014, 11:00
| #8 |
| /// the machine /// TB-Ausbilder | Veralteter Browser erkannt /Java /Flashplayer Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Veralteter Browser erkannt /Java /Flashplayer |
| antivirus, avira, browser, computer, desktop, einstellungen, error, firefox, flash player, help, helper, home, homepage, popup, problem, programm, registry, rundll, scan, security, services.exe, software, super, svchost.exe, usb, vcredist, veralteter browser, vista, white |
Linear-Darstellung
