Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: AVG hat einen "VBS/Heur"-Virus entdeckt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.01.2014, 00:06   #1
Tiled
 
AVG hat einen "VBS/Heur"-Virus entdeckt - Standard

AVG hat einen "VBS/Heur"-Virus entdeckt



Guten Abend,
ich habe mich so eben hier registriert, weil ich mir einen Virus eingefangen habe.
Nach dem Download eines Online-Spiels entpackte ich jene Datei und erhielt daraufhin ein Dutzend Meldungen von meinem Anti-Viren-Programm AVG. Bei allen Dateien handelte es sich um den VBS/Heur-Virus, der sich bei mir in Programmen wie Safari oder Winrar eingenistet hat. Das erste, was ich getan habe, war natürlich die Bestätigung für das Entfernen sämtlicher Dateien abzugeben. Daraufhin habe ich gleich die Online-Spiel-Datei, sowohl entpackt als auch verpackt, gelöscht, was mir jedoch erst nach einem Neustart gelang. Vorher bekam ich die Meldung, das Programm sei in einem anderen Fenster geöffnet. Dies war nicht der Fall; im Task-Manager fiel mir auch nichts außergewöhnliches auf. Im weiteren Verlauf des Tages erhielt ich zwischendurch immer wieder Meldungen/Funde von AVG, habe diese immer entfernen lassen und irgendwann hat es aufgehört. Nun ja, jetzt scheint es, als sei mein Computer langsamer als zuvor. Ich hoffe, jemand kann mir bei meinem Problemchen helfen.
Liebe Grüße

Alt 12.01.2014, 00:15   #2
aharonov
/// TB-Ausbilder
 
AVG hat einen "VBS/Heur"-Virus entdeckt - Standard

AVG hat einen "VBS/Heur"-Virus entdeckt



Hallo,

poste bitte die Inhalte der Meldungen (Logs) von AVG.
Zusätzlich:


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 12.01.2014, 00:54   #3
Tiled
 
AVG hat einen "VBS/Heur"-Virus entdeckt - Standard

AVG hat einen "VBS/Heur"-Virus entdeckt



Oh, das ging aber schnell.

Zu den Log Files von AVG: Bevor ich mich hier registriert habe, ließ ich meinen PC mittels AVG scannen, nun ist der schon seit einigen Minuten - wenn nicht schon seit einer Stunde - bereits bei den 100% angekommen und nun ... geschieht nichts.

Und wenn ich auf Historie->Scan-Ergebnisse klicke, öffnet sich mir eben ein leeres Fenster...
Zu den anderen beiden Punkten:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-01-2014 05
Ran by Brahim (administrator) on BRAHIMNAIMA on 12-01-2014 00:37:42
Running from C:\Users\Brahim\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZillaServer.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
() C:\xampp\mysql\bin\mysqld.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(Spotify Ltd) C:\Users\Brahim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-09] (Easybits)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Brahim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-11] (Spotify Ltd)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Brahim\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=72f7b627617a47d3bef63909b4ea9fc7-5d528058a917914257ba93f911d919c0b094725e /CMPID=1213b
Startup: C:\Users\Brahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Brahim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP51555ED6-C06E-47EA-A05B-9A3A6530F619&SSPV=
URLSearchHook: HKCU - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {5D38CE04-3D49-428E-B752-3035FF18092C} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=505523127&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=505523127&q={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {5D38CE04-3D49-428E-B752-3035FF18092C} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3317742&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP51555ED6-C06E-47EA-A05B-9A3A6530F619&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=241C00E04C126270&affID=120008&tsp=5028
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {48B61675-22C2-4455-9DC9-4FAF99019974} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10399&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABX&apn_dtid=^YYYYYY^YY^NL&apn_uid=87456d0b-80b4-40cf-b0e2-75363a5cc914&apn_sauid=02F6976B-7459-4E1A-9905-747F104AFBFD
SearchScopes: HKCU - {5D38CE04-3D49-428E-B752-3035FF18092C} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {609462AF-0468-4126-B4F8-9B0A73AC0F8E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-03-05] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default
FF user.js: detected! => C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\user.js
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.mystart.com/results.php?pr=manycam&id=manycamtb&v=5_2&ent=bs____campaignID___&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Users\Brahim\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: German Dictionary - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2012-10-13]
FF Extension: FoxyProxy Standard - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\foxyproxy@eric.h.jung [2013-10-27]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: No Name - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\trash [2014-01-07]
FF Extension: YouTube Unblocker - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-10]
FF Extension: Blue Fox - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\{241aae70-0022-11de-87af-0800200c9a66} [2013-12-30]
FF Extension: DownloadHelper - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-07]
FF Extension: anonymoX - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\client@anonymox.net.xpi [2014-01-07]
FF Extension: Find and Replace for FireFox - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\findandreplace@notreal.org.xpi [2013-04-07]
FF Extension: Scriptish - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\scriptish@erikvold.com.xpi [2012-06-03]
FF Extension: Shine Bright Skin Aero - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\{c7b3cf78-9cbc-47b9-ba47-bb84a56069dd}.xpi [2012-09-21]
FF Extension: Adblock Plus - C:\Users\Brahim\AppData\Roaming\Mozilla\Firefox\Profiles\5lkxcau8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-07]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-01-07]
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Nation toolbar\FireFoxExt\17.0.1.12
FF Extension: No Name - C:\ProgramData\AVG Nation toolbar\FireFoxExt\17.0.1.12 [2013-10-09]
FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 FileZilla Server; c:\xampp\filezillaftp\filezillaserver.exe [630272 2011-06-07] (FileZilla Project)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [906024 2013-11-27] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-11-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-11-27] ()
R2 mysql; c:\xampp\mysql\bin\mysqld.exe [8158720 2011-09-09] ()
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [x]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-07] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-16] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-16] (RapidSolution Software AG)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1038440 2011-05-09] (Realtek Semiconductor Corporation                           )
R3 rtlss; C:\Windows\System32\Drivers\rtlss.sys [27240 2010-06-21] (Realtek Semiconductor Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 clwvd; system32\DRIVERS\clwvd.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-12 00:37 - 2014-01-12 00:38 - 00022202 _____ C:\Users\Brahim\Desktop\FRST.txt
2014-01-12 00:37 - 2014-01-12 00:37 - 00000000 ____D C:\FRST
2014-01-12 00:30 - 2014-01-12 00:30 - 00299616 _____ C:\Users\Brahim\Downloads\runner_en.exe
2014-01-12 00:22 - 2014-01-12 00:22 - 02076672 _____ (Farbar) C:\Users\Brahim\Desktop\FRST64.exe
2014-01-11 23:16 - 2014-01-11 23:16 - 00000000 ____D C:\Users\Brahim\AppData\Local\Paint.NET
2014-01-11 19:03 - 2014-01-11 19:04 - 78353832 _____ (AVG) C:\Users\Brahim\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-01-11 14:08 - 2014-01-11 14:13 - 00000129 _____ C:\Users\Brahim\Desktop\Nicknames.txt
2014-01-07 21:29 - 2014-01-11 15:48 - 00000000 ____D C:\Program Files\iPod
2014-01-07 21:29 - 2014-01-11 15:47 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-07 21:29 - 2014-01-11 15:47 - 00000000 ____D C:\Program Files\iTunes
2014-01-07 21:24 - 2014-01-07 21:25 - 100400976 _____ (Apple Inc.) C:\Users\Brahim\Downloads\iTunes64Setup.exe
2014-01-07 21:21 - 2014-01-07 21:21 - 00001675 _____ C:\Users\Brahim\Desktop\Continue iTunes 64 bit.lnk
2014-01-07 00:17 - 2013-11-13 11:49 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-01-06 21:35 - 2014-01-06 21:35 - 12280857 _____ C:\Users\Brahim\Downloads\Desktop.rar
2014-01-06 18:59 - 2014-01-07 00:17 - 00001050 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-01-06 18:58 - 2014-01-07 00:17 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2014-01-06 18:58 - 2014-01-06 18:58 - 00000000 ____D C:\ProgramData\Hotspot Shield
2014-01-06 16:47 - 2014-01-06 16:47 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Eusing
2014-01-06 00:51 - 2014-01-06 00:51 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Hotspot Shield
2014-01-06 00:46 - 2014-01-06 00:47 - 07750928 _____ C:\Users\Brahim\Downloads\HSS-3.19-install-hss-600-conduit.exe
2014-01-04 17:17 - 2014-01-04 17:17 - 00000000 ____D C:\Users\Brahim\Downloads\Baumok
2014-01-04 16:57 - 2014-01-04 16:58 - 04488133 _____ C:\Users\Brahim\Downloads\Baumok.rar
2014-01-01 15:26 - 2014-01-01 15:41 - 1043363850 _____ C:\Users\Brahim\Downloads\Metin2.rar
2013-12-27 19:32 - 2013-12-27 18:31 - 00091034 _____ C:\Users\Brahim\Desktop\00005.vcf
2013-12-27 19:20 - 2013-12-27 19:36 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\WindSolutions
2013-12-27 19:20 - 2013-12-27 19:34 - 00000000 ____D C:\ProgramData\WindSolutions
2013-12-27 19:19 - 2013-12-27 18:07 - 00073164 _____ C:\Users\Brahim\Desktop\00004.vcf
2013-12-27 18:43 - 2013-12-27 18:43 - 00000000 ____D C:\Users\Brahim\AppData\Local\Apple
2013-12-24 17:31 - 2014-01-11 15:47 - 00000000 ____D C:\Users\Brahim\Downloads\LOL XD
2013-12-24 17:29 - 2013-12-24 17:31 - 04250579 _____ (Igor Pavlov) C:\Users\Brahim\Downloads\Tools by Unpublished (Preview).exe
2013-12-24 17:11 - 2014-01-11 15:47 - 00000000 ____D C:\Users\Brahim\Downloads\Tools by Unpublished
2013-12-24 17:11 - 2013-12-22 15:14 - 04369468 _____ (Igor Pavlov) C:\Users\Brahim\Downloads\Tools by Unpublished.exe
2013-12-24 00:39 - 2013-12-24 00:39 - 00205127 _____ C:\Users\Brahim\Downloads\PerX.rar
2013-12-22 13:56 - 2013-12-22 13:56 - 00005938 _____ C:\Users\Brahim\AppData\Local\recently-used.xbel
2013-12-21 13:29 - 2013-12-21 13:30 - 91412976 _____ (AVAST Software) C:\Users\Brahim\Downloads\avast_free_antivirus_setup.exe
2013-12-20 14:48 - 2013-12-20 20:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 19:41 - 2013-12-19 19:41 - 00000000 ____D C:\Users\Brahim\AppData\Local\SoftGrid Client
2013-12-19 19:40 - 2013-12-19 19:41 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Brahim\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-15 15:31 - 2013-12-15 15:31 - 00000000 ____D C:\Users\Brahim\AppData\Local\gegl-0.1
2013-12-13 19:21 - 2013-12-27 18:43 - 00000000 ____D C:\Users\Brahim\AppData\Local\Apple Computer
2013-12-13 18:14 - 2013-12-13 18:18 - 00000000 ____D C:\Program Files (x86)\Last.fm

==================== One Month Modified Files and Folders =======

2014-01-12 00:38 - 2014-01-12 00:37 - 00022202 _____ C:\Users\Brahim\Desktop\FRST.txt
2014-01-12 00:37 - 2014-01-12 00:37 - 00000000 ____D C:\FRST
2014-01-12 00:33 - 2012-06-03 12:49 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-01-12 00:33 - 2012-06-03 12:45 - 00000000 ____D C:\Perfect World Entertainment
2014-01-12 00:32 - 2012-06-03 01:48 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Skype
2014-01-12 00:30 - 2014-01-12 00:30 - 00299616 _____ C:\Users\Brahim\Downloads\runner_en.exe
2014-01-12 00:27 - 2012-07-13 19:47 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2014-01-12 00:22 - 2014-01-12 00:22 - 02076672 _____ (Farbar) C:\Users\Brahim\Desktop\FRST64.exe
2014-01-12 00:06 - 2012-10-11 10:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-11 23:52 - 2012-07-19 17:42 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Spotify
2014-01-11 23:52 - 2012-06-03 01:11 - 01784339 _____ C:\Windows\WindowsUpdate.log
2014-01-11 23:33 - 2013-10-07 16:50 - 00000000 ____D C:\Users\Brahim\AppData\Local\Avg2014
2014-01-11 23:16 - 2014-01-11 23:16 - 00000000 ____D C:\Users\Brahim\AppData\Local\Paint.NET
2014-01-11 22:50 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-11 22:50 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-11 22:44 - 2013-06-03 16:21 - 00000000 ___RD C:\Users\Brahim\Dropbox
2014-01-11 22:43 - 2013-06-03 16:19 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Dropbox
2014-01-11 22:43 - 2012-03-05 23:50 - 00000000 ____D C:\ProgramData\PDFC
2014-01-11 22:43 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-11 22:43 - 2009-07-14 05:51 - 00113704 _____ C:\Windows\setupact.log
2014-01-11 20:30 - 2013-10-04 13:54 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\vlc
2014-01-11 19:04 - 2014-01-11 19:03 - 78353832 _____ (AVG) C:\Users\Brahim\Downloads\avg_tuh_stf_all_2014_295_24c28.exe
2014-01-11 18:33 - 2012-07-02 17:06 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForBrahim
2014-01-11 18:33 - 2012-07-02 17:06 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForBrahim.job
2014-01-11 17:36 - 2013-10-05 18:12 - 00000612 _____ C:\Users\Brahim\Desktop\OST 1.txt
2014-01-11 17:34 - 2013-10-07 16:50 - 00000000 ____D C:\ProgramData\MFAData
2014-01-11 15:49 - 2012-06-03 01:12 - 00000000 ____D C:\Users\Brahim
2014-01-11 15:48 - 2014-01-07 21:29 - 00000000 ____D C:\Program Files\iPod
2014-01-11 15:47 - 2014-01-07 21:29 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-11 15:47 - 2014-01-07 21:29 - 00000000 ____D C:\Program Files\iTunes
2014-01-11 15:47 - 2013-12-24 17:31 - 00000000 ____D C:\Users\Brahim\Downloads\LOL XD
2014-01-11 15:47 - 2013-12-24 17:11 - 00000000 ____D C:\Users\Brahim\Downloads\Tools by Unpublished
2014-01-11 15:47 - 2013-11-11 18:33 - 00000000 ____D C:\Users\Brahim\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-11 15:47 - 2013-10-09 18:57 - 00000000 ____D C:\Program Files (x86)\Bruteforce Save Data
2014-01-11 15:47 - 2013-07-31 21:29 - 00000000 ____D C:\Program Files (x86)\Xvid
2014-01-11 15:47 - 2013-06-03 16:19 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-11 15:47 - 2013-05-11 17:42 - 00000000 ____D C:\Program Files (x86)\7-Zip
2014-01-11 15:47 - 2013-01-08 14:37 - 00000000 ____D C:\Program Files (x86)\Adobe DNG Converter
2014-01-11 15:47 - 2013-01-01 22:53 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2014-01-11 15:47 - 2012-10-29 14:41 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2014-01-11 15:47 - 2012-10-20 16:04 - 00000000 ____D C:\Program Files (x86)\HyperCam 3
2014-01-11 15:47 - 2012-09-07 19:48 - 00000000 ____D C:\Program Files (x86)\WinRAR
2014-01-11 15:47 - 2012-07-23 02:37 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2014-01-11 15:47 - 2012-07-13 18:29 - 00000000 ____D C:\xampp
2014-01-11 15:47 - 2012-06-03 01:15 - 00000000 ___RD C:\Users\Brahim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-11 15:47 - 2012-03-05 23:49 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4
2014-01-11 15:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2014-01-11 15:46 - 2013-10-02 14:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-11 15:31 - 2013-12-11 06:45 - 00000000 ____D C:\Users\Brahim\AppData\Local\CrashDumps
2014-01-11 14:13 - 2014-01-11 14:08 - 00000129 _____ C:\Users\Brahim\Desktop\Nicknames.txt
2014-01-07 21:25 - 2014-01-07 21:24 - 100400976 _____ (Apple Inc.) C:\Users\Brahim\Downloads\iTunes64Setup.exe
2014-01-07 21:21 - 2014-01-07 21:21 - 00001675 _____ C:\Users\Brahim\Desktop\Continue iTunes 64 bit.lnk
2014-01-07 21:07 - 2012-03-05 23:12 - 00697072 _____ C:\Windows\system32\perfh007.dat
2014-01-07 21:07 - 2012-03-05 23:12 - 00148110 _____ C:\Windows\system32\perfc007.dat
2014-01-07 21:07 - 2009-07-14 06:13 - 01614100 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 13:31 - 2010-11-21 04:47 - 00944594 _____ C:\Windows\PFRO.log
2014-01-07 00:17 - 2014-01-06 18:59 - 00001050 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2014-01-07 00:17 - 2014-01-06 18:58 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2014-01-06 21:35 - 2014-01-06 21:35 - 12280857 _____ C:\Users\Brahim\Downloads\Desktop.rar
2014-01-06 20:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 18:58 - 2014-01-06 18:58 - 00000000 ____D C:\ProgramData\Hotspot Shield
2014-01-06 18:32 - 2012-06-11 17:36 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-06 18:32 - 2012-06-04 17:35 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2014-01-06 18:31 - 2012-06-04 17:33 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\HP Support Assistant
2014-01-06 18:31 - 2012-06-04 06:37 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\HpUpdate
2014-01-06 16:47 - 2014-01-06 16:47 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Eusing
2014-01-06 00:51 - 2014-01-06 00:51 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\Hotspot Shield
2014-01-06 00:47 - 2014-01-06 00:46 - 07750928 _____ C:\Users\Brahim\Downloads\HSS-3.19-install-hss-600-conduit.exe
2014-01-05 18:43 - 2012-09-01 14:17 - 00000000 ___RD C:\Users\Brahim\Desktop\Theme
2014-01-05 18:07 - 2013-10-04 09:20 - 00000000 ____D C:\Users\Brahim\Downloads\TVD
2014-01-04 19:15 - 2013-10-29 01:22 - 00000000 ____D C:\Users\Brahim\Desktop\Neuer Ordner
2014-01-04 17:17 - 2014-01-04 17:17 - 00000000 ____D C:\Users\Brahim\Downloads\Baumok
2014-01-04 16:58 - 2014-01-04 16:57 - 04488133 _____ C:\Users\Brahim\Downloads\Baumok.rar
2014-01-02 00:31 - 2012-09-16 12:27 - 01824256 ___SH C:\Users\Brahim\Desktop\Thumbs.db
2014-01-01 19:42 - 2012-10-16 21:57 - 00020480 ____H C:\Users\Brahim\Desktop\photothumb.db
2014-01-01 15:41 - 2014-01-01 15:26 - 1043363850 _____ C:\Users\Brahim\Downloads\Metin2.rar
2013-12-31 13:22 - 2012-07-19 17:42 - 00000000 ____D C:\Users\Brahim\AppData\Local\Spotify
2013-12-27 19:36 - 2013-12-27 19:20 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\WindSolutions
2013-12-27 19:34 - 2013-12-27 19:20 - 00000000 ____D C:\ProgramData\WindSolutions
2013-12-27 18:43 - 2013-12-27 18:43 - 00000000 ____D C:\Users\Brahim\AppData\Local\Apple
2013-12-27 18:43 - 2013-12-13 19:21 - 00000000 ____D C:\Users\Brahim\AppData\Local\Apple Computer
2013-12-27 18:31 - 2013-12-27 19:32 - 00091034 _____ C:\Users\Brahim\Desktop\00005.vcf
2013-12-27 18:07 - 2013-12-27 19:19 - 00073164 _____ C:\Users\Brahim\Desktop\00004.vcf
2013-12-24 17:31 - 2013-12-24 17:29 - 04250579 _____ (Igor Pavlov) C:\Users\Brahim\Downloads\Tools by Unpublished (Preview).exe
2013-12-24 00:39 - 2013-12-24 00:39 - 00205127 _____ C:\Users\Brahim\Downloads\PerX.rar
2013-12-23 12:11 - 2013-06-03 16:21 - 00001027 _____ C:\Users\Brahim\Desktop\Dropbox.lnk
2013-12-22 15:14 - 2013-12-24 17:11 - 04369468 _____ (Igor Pavlov) C:\Users\Brahim\Downloads\Tools by Unpublished.exe
2013-12-22 13:56 - 2013-12-22 13:56 - 00005938 _____ C:\Users\Brahim\AppData\Local\recently-used.xbel
2013-12-22 13:56 - 2012-07-13 18:30 - 00000000 ____D C:\Users\Brahim\.gimp-2.6
2013-12-21 13:30 - 2013-12-21 13:29 - 91412976 _____ (AVAST Software) C:\Users\Brahim\Downloads\avast_free_antivirus_setup.exe
2013-12-21 13:21 - 2012-06-18 18:37 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-12-20 20:10 - 2013-12-20 14:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-20 14:03 - 2013-12-09 21:11 - 00000000 ____D C:\Users\Brahim\AppData\Local\Mozilla
2013-12-20 00:51 - 2012-06-03 01:20 - 00000000 ____D C:\Users\Brahim\AppData\Roaming\SoftGrid Client
2013-12-19 19:48 - 2013-01-01 22:53 - 00001081 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-19 19:41 - 2013-12-19 19:41 - 00000000 ____D C:\Users\Brahim\AppData\Local\SoftGrid Client
2013-12-19 19:41 - 2013-12-19 19:40 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Brahim\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-17 20:20 - 2012-12-03 17:47 - 00000000 ____D C:\Users\Brahim\AppData\Local\Microsoft Games
2013-12-16 18:43 - 2012-06-03 01:12 - 00000000 ____D C:\Users\Brahim\AppData\Local\Hewlett-Packard
2013-12-15 15:31 - 2013-12-15 15:31 - 00000000 ____D C:\Users\Brahim\AppData\Local\gegl-0.1
2013-12-15 03:02 - 2013-07-30 02:03 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 03:00 - 2012-06-06 12:59 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 01:05 - 2013-12-12 14:09 - 00000000 ____D C:\Users\Brahim\AppData\Local\Dreambelievers
2013-12-13 18:18 - 2013-12-13 18:14 - 00000000 ____D C:\Program Files (x86)\Last.fm

Some content of TEMP:
====================
C:\Users\Brahim\AppData\Local\Temp\5000nua.exe
C:\Users\Brahim\AppData\Local\Temp\54425-667390-photoscape.exe
C:\Users\Brahim\AppData\Local\Temp\ApnStub.exe
C:\Users\Brahim\AppData\Local\Temp\AskSLib.dll
C:\Users\Brahim\AppData\Local\Temp\BackupSetup.exe
C:\Users\Brahim\AppData\Local\Temp\chatzum_softonic_yahoo_61.exe
C:\Users\Brahim\AppData\Local\Temp\DownloadManager.exe
C:\Users\Brahim\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Brahim\AppData\Local\Temp\DSETUP.dll
C:\Users\Brahim\AppData\Local\Temp\dsetup32.dll
C:\Users\Brahim\AppData\Local\Temp\DXSETUP.exe
C:\Users\Brahim\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Users\Brahim\AppData\Local\Temp\htmlayout.dll
C:\Users\Brahim\AppData\Local\Temp\ICReinstall_forsaken_world_zen_hack.TS.wmv_downloader.exe
C:\Users\Brahim\AppData\Local\Temp\instloffer.exe
C:\Users\Brahim\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Brahim\AppData\Local\Temp\msxml6-KB927977-enu-amd64.exe
C:\Users\Brahim\AppData\Local\Temp\msxml6-KB927977-enu-x86.exe
C:\Users\Brahim\AppData\Local\Temp\nse28C1.exe
C:\Users\Brahim\AppData\Local\Temp\nseE1C1.exe
C:\Users\Brahim\AppData\Local\Temp\nseF5B0.exe
C:\Users\Brahim\AppData\Local\Temp\nsj83A0.exe
C:\Users\Brahim\AppData\Local\Temp\nslA241.exe
C:\Users\Brahim\AppData\Local\Temp\nso80B2.exe
C:\Users\Brahim\AppData\Local\Temp\nst67D3.exe
C:\Users\Brahim\AppData\Local\Temp\nst6A92.exe
C:\Users\Brahim\AppData\Local\Temp\nsu2B42.exe
C:\Users\Brahim\AppData\Local\Temp\nsuE442.exe
C:\Users\Brahim\AppData\Local\Temp\oi_{4DFBA477-6848-4024-9AC5-E5C1736E8ACB}.exe
C:\Users\Brahim\AppData\Local\Temp\RegClean2.exe
C:\Users\Brahim\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Brahim\AppData\Local\Temp\setup.exe
C:\Users\Brahim\AppData\Local\Temp\Shortcut_SweetIMSetup.exe
C:\Users\Brahim\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Brahim\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Brahim\AppData\Local\Temp\sp58915.exe
C:\Users\Brahim\AppData\Local\Temp\sp62291.exe
C:\Users\Brahim\AppData\Local\Temp\SQLite.dll
C:\Users\Brahim\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Brahim\AppData\Local\Temp\tbbabylonv2.exe
C:\Users\Brahim\AppData\Local\Temp\tbDVDV.dll
C:\Users\Brahim\AppData\Local\Temp\toolbar4923984.exe
C:\Users\Brahim\AppData\Local\Temp\toolbar4924717.exe
C:\Users\Brahim\AppData\Local\Temp\toolbar4930988.exe
C:\Users\Brahim\AppData\Local\Temp\uninst1.exe
C:\Users\Brahim\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Brahim\AppData\Local\Temp\uninstall28930.exe
C:\Users\Brahim\AppData\Local\Temp\uninstall5053839.exe
C:\Users\Brahim\AppData\Local\Temp\uninstall5053855.exe
C:\Users\Brahim\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Brahim\AppData\Local\Temp\wajam_download.exe
C:\Users\Brahim\AppData\Local\Temp\wajam_install.exe
C:\Users\Brahim\AppData\Local\Temp\WmpPluginSetup_2.1.0.6.exe
C:\Users\Brahim\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 19:20

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-01-2014 05
Ran by Brahim at 2014-01-12 00:38:38
Running from C:\Users\Brahim\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

¡Adelante! Nivel elemental (x32 Version: 1.0.0.0 - Ernst Klett Verlag GmbH)
7-Zip 9.20 (x32 Version:  - )
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.732.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.842.0 - Advanced Micro Devices, Inc.)
AMD Steady Video Plug-In  (Version: 1.00.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Audials (x32 Version: 10.2.18602.200 - Audials AG)
AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
AVG Nation toolbar (x32 Version: 17.0.1.12 - InfoSpace)
Avira Free Antivirus (x32 Version: 14.0.0.383 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (x32 Version: 7.0.826.0 - Microsoft Corporation)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bruteforce Save Data (x32 Version:  - )
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1024.0116.375 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1024.117.375 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Claro LTD toolbar   (x32 Version:  - Claro LTD)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dropbox (HKCU Version: 2.4.10 - Dropbox, Inc.)
Facebook (x32 Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileZilla Client 3.5.3 (HKCU Version: 3.5.3 - FileZilla Project)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
GIMP 2.6.12 (Version: 2.6.12 - The GIMP Team)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.00.0000 - Rockstar Games)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotspot Shield 3.20 (x32 Version: 3.20 - AnchorFree Inc.)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Calendar (x32 Version: 5.1.4245.23508 - Hewlett-Packard)
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Clock (x32 Version: 5.1.4244.16367 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (x32 Version: 1.0.2.5 - WildTangent)
HP LinkUp (x32 Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (x32 Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (x32 Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (x32 Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (x32 Version: 2.10.0000 - Hewlett-Packard)
HP RSS (x32 Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (x32 Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (x32 Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (x32 Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (x32 Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (x32 Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (Version: 2.12.1.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.212.0 - Advanced Micro Devices, Inc.) Hidden
HyperCam 3 (x32 Version: 3.3.1111.16 - Solveig Multimedia)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
Java 7 Update 9 (x32 Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Macro Recorder 5.6.5 (x32 Version: 5.6.5 - Jitbit Software)
Magic Desktop (x32 Version: 3.0 - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
ManyCam 3.1.62 (x32 Version: 3.1.62 - ManyCam LLC)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 1.2.0241 - Microsoft Corporation)
Microsoft Mathematics (x32 Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mp3tag v2.55a (x32 Version: v2.55a - Florian Heidenreich)
MPC-HC 1.7.0.7670 (86917fa) Beta (x32 Version: 1.7.0.7670 - MPC-HC Team)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (x32 Version: 2.6.0.8 - Pando Networks Inc.)
PDF Complete Special Edition (x32 Version: 4.0.65 - PDF Complete, Inc)
PhotoScape (x32 Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (Version: 1.3.0 - Microsoft Corporation)
Pokemon Online 2.3.2 (x32 Version:  - Dreambelievers)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power2Go (x32 Version: 6.1.5705 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5705 - CyberLink Corp.) Hidden
PremiumSoft Navicat Lite 10.0 (x32 Version:  - PremiumSoft CyberTech Ltd.)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6387 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (x32 Version: 1.00.0180 - )
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (x32 Version: 5.4.5 - Hewlett-Packard)
Safari (x32 Version: 5.34.57.2 - Apple Inc.)
Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
TeamSpeak 3 Client (Version: 3.0.10 - TeamSpeak Systems GmbH)
Tiled - Tiled Map Editor (x32 Version:  - )
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TP-LINK Drahtlos Tool (x32 Version: 7.0 - TP-LINK)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (x32 Version: 2.1.0 - VideoLAN)
VobSub v2.23 (Remove Only) (x32 Version:  - )
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.10.25 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0 - win.rar GmbH)
XAMPP 1.7.7 (x32 Version:  - )
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

29-12-2013 20:02:19 Windows-Sicherung
05-01-2014 18:00:07 Windows-Sicherung
05-01-2014 23:51:43 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
05-01-2014 23:52:15 Gerätetreiber-Paketinstallation: Anchorfree HSS VPN Adapter Netzwerkadapter
07-01-2014 20:16:46 Removed iTunes
07-01-2014 20:29:29 Installed iTunes
11-01-2014 14:44:40 Wiederherstellungsvorgang

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {010847BF-491C-4342-BC7B-5DDA6F5A5DA0} - System32\Tasks\{7DF2E766-A079-448E-9796-235A0FEFE2AB} => C:\Users\Brahim\Downloads\setup(1).exe
Task: {35CEB98D-C236-4BCA-AFD5-228EABC11854} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {430AE35D-E8DE-4A46-9CD6-02ACDA0E3C58} - System32\Tasks\HPCeeScheduleForBrahim => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5CFB2739-1C55-46CA-9950-B507EF9F4A31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {721A8DF2-3711-4839-8199-4F1AC7F67EBC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {88F2A467-B859-49BD-8610-B2802CFCA98A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {890C64A7-06D1-422E-A3E3-9EDB14B6802F} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {A67E8D97-4171-4CE1-8547-0D0F6BCCBED5} - System32\Tasks\{E1CB6BA5-0549-4130-AEBD-BC66EB6750AA} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {B87E600C-0FCA-43F6-BB1A-06DDB2CBE81E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D03161B7-81AE-4114-A92D-15D306767C0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForBrahim.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 21:33 - 2012-08-27 21:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-27 01:35 - 2013-11-27 01:35 - 00903464 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2013-07-01 13:05 - 2009-12-09 20:20 - 00126976 _____ () C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\EnumDevLib.dll
2013-12-20 14:48 - 2013-12-20 14:48 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/11/2014 11:04:40 PM) (Source: MsiInstaller) (User: BrahimNaima)
Description: Produkt: Safari -- Bei der Installation dieses Pakets ist ein unerwarteter Fehler aufgetreten. Es liegt eventuell ein das Paket betreffendes Problem vor. Der Fehlercode ist 2318. Argumente: C:\Program Files (x86)\Safari\Safari.resources\Help\nl.lproj\Plug-ins.html, ,

Error: (01/11/2014 10:45:27 PM) (Source: HPTouchSmartCalendar) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 03:51:26 PM) (Source: HPTouchSmartCalendar) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 03:50:23 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/11/2014 03:42:24 PM) (Source: HPTouchSmartCalendar) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 03:31:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DesktopLayermgr.exe, Version: 0.3.6000.0, Zeitstempel: 0x4d6ff3f5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c4e2
ID des fehlerhaften Prozesses: 0x1a0c
Startzeit der fehlerhaften Anwendung: 0xDesktopLayermgr.exe0
Pfad der fehlerhaften Anwendung: DesktopLayermgr.exe1
Pfad des fehlerhaften Moduls: DesktopLayermgr.exe2
Berichtskennung: DesktopLayermgr.exe3

Error: (01/11/2014 03:31:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DropboxSrvmgr.exe, Version: 0.3.6000.0, Zeitstempel: 0x4d6ff3f5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c4e2
ID des fehlerhaften Prozesses: 0x18b8
Startzeit der fehlerhaften Anwendung: 0xDropboxSrvmgr.exe0
Pfad der fehlerhaften Anwendung: DropboxSrvmgr.exe1
Pfad des fehlerhaften Moduls: DropboxSrvmgr.exe2
Berichtskennung: DropboxSrvmgr.exe3

Error: (01/11/2014 03:31:31 PM) (Source: HPTouchSmartCalendar) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 02:35:23 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: EureliaSrvmgr.exe, Version: 0.3.6000.0, Zeitstempel: 0x4d6ff3f5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c4e2
ID des fehlerhaften Prozesses: 0x274
Startzeit der fehlerhaften Anwendung: 0xEureliaSrvmgr.exe0
Pfad der fehlerhaften Anwendung: EureliaSrvmgr.exe1
Pfad des fehlerhaften Moduls: EureliaSrvmgr.exe2
Berichtskennung: EureliaSrvmgr.exe3

Error: (01/11/2014 02:33:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: DesktopLayermgr.exe, Version: 0.3.6000.0, Zeitstempel: 0x4d6ff3f5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003c4e2
ID des fehlerhaften Prozesses: 0x240
Startzeit der fehlerhaften Anwendung: 0xDesktopLayermgr.exe0
Pfad der fehlerhaften Anwendung: DesktopLayermgr.exe1
Pfad des fehlerhaften Moduls: DesktopLayermgr.exe2
Berichtskennung: DesktopLayermgr.exe3


System errors:
=============
Error: (01/11/2014 10:43:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (01/11/2014 10:43:11 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/11/2014 10:43:11 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.

Error: (01/11/2014 10:43:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (01/11/2014 10:43:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/11/2014 10:43:09 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.

Error: (01/11/2014 05:34:42 PM) (Source: DCOM) (User: )
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

Error: (01/11/2014 03:49:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (01/11/2014 03:49:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/11/2014 03:49:00 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.


Microsoft Office Sessions:
=========================
Error: (01/11/2014 11:04:40 PM) (Source: MsiInstaller)(User: BrahimNaima)
Description: Produkt: Safari -- Bei der Installation dieses Pakets ist ein unerwarteter Fehler aufgetreten. Es liegt eventuell ein das Paket betreffendes Problem vor. Der Fehlercode ist 2318. Argumente: C:\Program Files (x86)\Safari\Safari.resources\Help\nl.lproj\Plug-ins.html, , (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/11/2014 10:45:27 PM) (Source: HPTouchSmartCalendar)(User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 03:51:26 PM) (Source: HPTouchSmartCalendar)(User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 03:50:23 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (01/11/2014 03:42:24 PM) (Source: HPTouchSmartCalendar)(User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 03:31:36 PM) (Source: Application Error)(User: )
Description: DesktopLayermgr.exe0.3.6000.04d6ff3f5ntdll.dll6.1.7601.18247521ea8e7c00000050003c4e21a0c01cf0ed9d48695a2C:\Program Files (x86)\Microsoft\DesktopLayermgr.exeC:\Windows\SysWOW64\ntdll.dll12d18374-7acd-11e3-8524-e840f20e7634

Error: (01/11/2014 03:31:36 PM) (Source: Application Error)(User: )
Description: DropboxSrvmgr.exe0.3.6000.04d6ff3f5ntdll.dll6.1.7601.18247521ea8e7c00000050003c4e218b801cf0ed9d47f7182C:\Users\Brahim\AppData\Roaming\Dropbox\bin\DropboxSrvmgr.exeC:\Windows\SysWOW64\ntdll.dll12c7fdf3-7acd-11e3-8524-e840f20e7634

Error: (01/11/2014 03:31:31 PM) (Source: HPTouchSmartCalendar)(User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.ArgumentException
   at System.IO.FileSystemWatcher..ctor(String path, String filter)
   at System.IO.FileSystemWatcher..ctor(String path)
   at HPTouchSmartSyncCalReminderApp.Program.StartExecution()

Error: (01/11/2014 02:35:23 PM) (Source: Application Error)(User: )
Description: EureliaSrvmgr.exe0.3.6000.04d6ff3f5ntdll.dll6.1.7601.18247521ea8e7c00000050003c4e227401cf0ed1fad2f2e9C:\Users\Brahim\Downloads\Eurelia_new\Eurelia\EureliaSrvmgr.exeC:\Windows\SysWOW64\ntdll.dll38918f15-7ac5-11e3-8524-e840f20e7634

Error: (01/11/2014 02:33:59 PM) (Source: Application Error)(User: )
Description: DesktopLayermgr.exe0.3.6000.04d6ff3f5ntdll.dll6.1.7601.18247521ea8e7c00000050003c4e224001cf0ed1c791c6a9C:\Program Files (x86)\Microsoft\DesktopLayermgr.exeC:\Windows\SysWOW64\ntdll.dll0653a5d1-7ac5-11e3-8524-e840f20e7634


CodeIntegrity Errors:
===================================
  Date: 2013-02-18 18:15:46.268
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Brahim\Downloads\Rest\Hacks\32Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-18 18:15:46.221
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Brahim\Downloads\Rest\Hacks\32Bit Injector\Injector.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 48%
Total physical RAM: 7665.77 MB
Available physical RAM: 3926.29 MB
Total Pagefile: 15329.73 MB
Available Pagefile: 11934.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1845.57 GB) (Free:1683.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.34 GB) (Free:2.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F34F1DAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-217355124736) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Danke für die schnelle Hilfe.
__________________

Alt 12.01.2014, 00:56   #4
aharonov
/// TB-Ausbilder
 
AVG hat einen "VBS/Heur"-Virus entdeckt - Standard

AVG hat einen "VBS/Heur"-Virus entdeckt



Zitat:
erhielt daraufhin ein Dutzend Meldungen von meinem Anti-Viren-Programm AVG.
Hast du noch die Logs von diesen Meldungen des Echtzeitschutzes?
__________________
cheers,
Leo

Alt 12.01.2014, 01:19   #5
Tiled
 
AVG hat einen "VBS/Heur"-Virus entdeckt - Standard

AVG hat einen "VBS/Heur"-Virus entdeckt



Ich habe noch nichts gelöscht. Somit müssten sie noch vorhanden sein. - ach ja, der Scan von AVG ist nun - zu meiner Überraschung - abgeschlossen und ich kann den Log auch in der Zwischenablage abspeichern. Nur gibt es hier eine Zeichenbegrenzung von 120000 Zeichen, weshalb ich darauf hingewiesen wurde, den Log als Archiv an den Beitrag anzuhängen, jedoch unter der Vorraussetzung, dass dies vom Helfer gefordert wird. Falls du dem zustimmst, müsste ich den Log doch in eine txt-Datei einfügen, verpacken und hochladen, richtig?

Den Log vom Echtzeitschutz kann ich nicht finden; da ist nur einer vom 9.12.2013 ...


Alt 12.01.2014, 01:46   #6
aharonov
/// TB-Ausbilder
 
AVG hat einen "VBS/Heur"-Virus entdeckt - Standard

AVG hat einen "VBS/Heur"-Virus entdeckt



Wenn das Log zu viele Zeichen hat, dann verteile es auf 2 (oder mehr, falls nötig) Posts.
__________________
--> AVG hat einen "VBS/Heur"-Virus entdeckt

Antwort

Themen zu AVG hat einen "VBS/Heur"-Virus entdeckt
anderen, avg, computer, datei, dateien, download, eingefangen, entdeck, entdeckt, entfernen, fenster, gelöscht, gen, guten, langsamer, meldungen, natürlich, neustart, nichts, problemchen, programme, task-manager, verlauf, virus, winrar




Ähnliche Themen: AVG hat einen "VBS/Heur"-Virus entdeckt


  1. Email link auf dem Handy angeglichen "alleinerziehende Mutter"... nun einen Virus eingefangen?
    Smartphone, Tablet & Handy Security - 11.06.2015 (6)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. Trojaner "Xtreme Rat" von der Software "DETEKT" entdeckt! Was kann ich tun?
    Log-Analyse und Auswertung - 20.11.2014 (1)
  4. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  5. Diverse "Buren" "Lamar" sowie ein Exploit Virus entdeckt
    Plagegeister aller Art und deren Bekämpfung - 04.09.2013 (13)
  6. Virustotal erkennt jeden Tag einen anderen "virus" - brauche Hilfe ob Prog. sicher ist oder nicht
    Plagegeister aller Art und deren Bekämpfung - 24.04.2013 (2)
  7. Gibt es einen Schutz vor "Malware Defense", "Antivirus 2010pro" und Co?
    Antiviren-, Firewall- und andere Schutzprogramme - 30.12.2012 (25)
  8. "Zeus"-Trojaner durch Web.de Nachricht "entdeckt
    Plagegeister aller Art und deren Bekämpfung - 01.07.2012 (15)
  9. Avira hat einen Virus gemeldet - Was tun ? "UPDATE" (LOG)
    Plagegeister aller Art und deren Bekämpfung - 27.02.2012 (1)
  10. Habe mir einen "virus" o.ä. eingefangen, Linker Mausklick geht nicht mehr
    Log-Analyse und Auswertung - 17.09.2011 (1)
  11. Ich habe einen virus auf dem Computer der mich leicht "eingeschränkt"
    Log-Analyse und Auswertung - 03.08.2011 (1)
  12. Trojaner "Gen:Trojan.Heur.Vundo.cy4@diPE2Jd" & "Gen:Trojan.Heur.Vundo.by4@dCgCSGe"
    Plagegeister aller Art und deren Bekämpfung - 28.12.2009 (28)
  13. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  14. Kann den Virus "HEUR/Damaged" nicht löschen!?
    Plagegeister aller Art und deren Bekämpfung - 17.07.2008 (16)
  15. Wie entferne ich einen "BOO/Sinowal.A-Virus" der im MBR ist?
    Plagegeister aller Art und deren Bekämpfung - 01.07.2008 (13)
  16. "whenu.savnow" & "cydoor.topicks.a" von escan entdeckt
    Plagegeister aller Art und deren Bekämpfung - 14.02.2006 (3)
  17. eTrust fand "einen" Trojaner, danach AntiVir noch "vier"..!!??
    Plagegeister aller Art und deren Bekämpfung - 26.12.2005 (5)

Zum Thema AVG hat einen "VBS/Heur"-Virus entdeckt - Guten Abend, ich habe mich so eben hier registriert, weil ich mir einen Virus eingefangen habe. Nach dem Download eines Online-Spiels entpackte ich jene Datei und erhielt daraufhin ein Dutzend - AVG hat einen "VBS/Heur"-Virus entdeckt...
Archiv
Du betrachtest: AVG hat einen "VBS/Heur"-Virus entdeckt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.