![]() |
|
Log-Analyse und Auswertung: Werbung trotz Addblocker Plus. Funktioniert nicht.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Werbung trotz Addblocker Plus. Funktioniert nicht. Hallo, ich habe seid wenigen Tagen Werbung bei GMX und Google, sprich diese sickert trotz Addblocker Plus durch. Andere Addblocker habe ich versucht hinzuzufügen in CHrome. Jedoch kommt die Meldung. "Es ist ein Fehler aufgetreten" Habe mich auch an und abgemeldet. Nun habe ich hier bei ähnlichem Thema gelesen, dass man mit Farbar's Recovery Scan Tool scannen sollte. Die habe ich getan und das ist rausgekommen: (vl. kann mir jemand helfen, wie ich das system generell verbessern kann): FRST Logfile: FRST Logfile: [CODE]Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03 Ran by artpc (administrator) on ARTPC-PC on 16-01-2014 14:59:24 Running from C:\Documents Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard Internet Explorer Version 7 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (AudioVkontakte.ru) C:\ProgramData\VKSaver\VKSaver.exe (ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe () C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe (pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (GGS) C:\Users\artpc.artpc-PC\AppData\Local\THORN\Thorn.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (IObit) C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe () C:\ProgramData\OptimizerPro\OptimizerPro.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (AudioVkontakte.ru) C:\ProgramData\VKSaver\VKSaver.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\ehome\ehtray.exe (IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) C:\Windows\System32\sdclt.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\conime.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-08] (Realtek Semiconductor) HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [BullGuard] - C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2074424 2013-04-01] (BullGuard Ltd.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [VKSaver] - C:\ProgramData\VKSaver\VKSaver.exe [224768 2012-12-25] (AudioVkontakte.ru) HKLM\...\Run: [PowerManager] - c:\program files\power manager\pm.exe [1716224 2008-09-25] () HKLM\...\Run: [Google EULA Launcher] - c:\program files\google\google eula\googleeulalauncher.exe [20480 2008-05-28] ( ) HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.) HKCU\...\Run: [Google Update] - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-27] (Google Inc.) HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation) HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKCU\...\Run: [Spotify Web Helper] - C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-19] (Spotify Ltd) HKCU\...\Run: [Advanced SystemCare 5] - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [574296 2012-03-06] (IObit) HKCU\...\Policies\Explorer: [NoInstrumentation] 1 MountPoints2: {0fba91ea-9ead-11e2-bf22-c8529e82fa0a} - H:\LGAutoRun.exe MountPoints2: {71232dde-fcf2-11e2-b800-b11a8659bce7} - H:\LGAutoRun.exe MountPoints2: {a932f1d6-b261-11e2-b29c-e784838dda10} - H:\LGAutoRun.exe HKU\Art\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) HKU\Art\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-21] (Microsoft Corporation) HKU\Art\...\Run: [Advanced SystemCare 5] - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [ 2012-03-06] (IObit) HKU\Art\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation) HKU\Art\...\Run: [Spotify Web Helper] - C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-10-19] (Spotify Ltd) HKU\Art\...\Run: [Driver Detective] - C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false HKU\Art\...\Run: [Google Update] - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-03-27] (Google Inc.) HKU\Art\...\Run: [PCSpeedUp] - C:\Program Files\PC Speed Up\PCSUNotifier.exe HKU\artpc\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) HKU\artpc\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe HKU\artpc\...\Run: [fsc-reg] - c:\fsc-reg\fscreg.exe HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation) AppInit_DLLs: c:\progra~2\vksaver\vksaver3.dll bggamingmonitor.dll bggamingmonitor.dll BgGamingMonitor.dll [ ] () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.ru/?win=98&clid=1992445 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - URL hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms} SearchScopes: HKLM - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms} SearchScopes: HKLM - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms} SearchScopes: HKCU - DefaultScope 3F6F3209E124BA4C26377C509D8F5EEA URL = hxxp://yandex.ru/yandsearch?win=98&clid=1992446&text={searchTerms} SearchScopes: HKCU - 3F6F3209E124BA4C26377C509D8F5EEA URL = hxxp://yandex.ru/yandsearch?win=98&clid=1992446&text={searchTerms} SearchScopes: HKCU - Moikrug URL = hxxp://moikrug.ru/persons/?clid=931354&charset=utf-8&keywords={searchTerms}&submitted=1 SearchScopes: HKCU - yandex.ru-091235 URL = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms} SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKCU - {79813DF5-0052-4742-997A-7D5E469E055A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms} SearchScopes: HKCU - {B46BD4CA-CE7D-494D-89F3-026154A7E58A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10399&src=kw&q={searchTerms}&locale=de_NL&apn_ptnrs=^ABX&apn_dtid=^YYYYYY^YY^NL&apn_uid=bbfa1368-ff22-41d4-82c9-13664f8e93d3&apn_sauid=9A32AB0A-AF58-4F1F-B0DE-3390EAEAD2BF SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: No Name - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - No File BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: BGAntiphishingBHO Class - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.) BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} - No File Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Winsock: Catalog9 01 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 02 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 03 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 04 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 05 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 06 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 07 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 08 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 09 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 10 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Winsock: Catalog9 21 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.) Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62 FireFox: ======== FF ProfilePath: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default FF user.js: detected! => C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js FF Homepage: hxxp://www.yandex.ru/?win=98&clid=1992445 FF DefaultSearchEngine: Yandex FF SelectedSearchEngine: Yandex FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpjplug;version=12.0.1.633 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\askcomsearch.xml FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\iminent.xml FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\SearchTheWeb.xml FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-193631.xml FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicde.xml FF Extension: Download and Sa - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\50b8e6d5b3b61@50b8e6d5b3b9a.com [2012-11-30] FF Extension: Savings Sidekick - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\crossriderapp5060@crossrider.com [2012-08-03] FF Extension: Babylon - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\ffxtlbr@babylon.com [2012-08-03] FF Extension: incredibar.com - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\ffxtlbr@incredibar.com [2012-08-03] FF Extension: OneClickDownloader - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\OneClickDownload@OneClickDownload.com [2012-08-03] FF Extension: No Name - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\staged [2012-03-21] FF Extension: Яндекс.Бар - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\yasearch@yandex.ru [2011-06-21] FF Extension: Спутник @Mail.Ru - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2012-03-21] FF Extension: No Name - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-09-10] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-08] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-12] FF HKLM\...\Firefox\Extensions: [50b8e6d5b3b61@50b8e6d5b3b9a.com] - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\50b8e6d5b3b61@50b8e6d5b3b9a.com FF Extension: Download and Sa - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\50b8e6d5b3b61@50b8e6d5b3b9a.com [2012-11-30] FF HKLM\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ FF Extension: BullGuard Antiphishing Toolbar - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ [] FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-04-26] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2013-04-01] FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter FF Extension: BullGuard Spamfilter - C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter [2013-04-01] Chrome: ======= CHR Plugin: (Shockwave Flash) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) CHR Plugin: (Google Update) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll No File CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) CHR Extension: (Adblock Plus) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2013-12-20] CHR Extension: (RealDownloader) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0 [2013-09-28] CHR Extension: (Stealthy) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0 [2013-09-28] CHR Extension: (Google Wallet) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-08] CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [2013-12-10] CHR HKLM\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2013-12-10] CHR HKLM\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2013-12-10] CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx [2013-12-10] CHR HKLM\...\Chrome\Extension: [hoadhbnmkdpkhaacbeegdnjoannbhdkd] - C:\ProgramData\Download and Sa\hoadhbnmkdpkhaacbeegdnjoannbhdkd.crx [2013-12-10] CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-12-10] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-11-28] CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2012-11-28] CHR HKLM\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2012-11-28] CHR HKLM\...\Chrome\Extension: [nkcpopggjcjkiicpenikeogioednjeac] - C:\Users\artpc.artpc-PC\AppData\Local\Temp\nkcpopggjcjkiicpenikeogioednjeac.crx [2012-11-28] CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-28] CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-11-28] CHR HKCU\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2012-11-28] CHR HKCU\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-11-28] CHR HKCU\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2012-11-28] CHR StartMenuInternet: Google Chrome - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AdvancedSystemCareService5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG) S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-10] (APN LLC.) S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [122760 2013-04-01] (BullGuard Ltd.) R2 BsBrowser; C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll [58248 2013-04-01] (BullGuard Ltd.) R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [272216 2013-04-01] (BullGuard Ltd.) R2 BsFire; C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll [384344 2013-04-01] (BullGuard Ltd.) R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll [175496 2013-04-01] (BullGuard Ltd.) R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [171136 2013-04-01] (BullGuard Ltd.) R3 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [305032 2013-04-01] (BullGuard Ltd.) R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [357504 2013-04-01] (BullGuard Ltd.) R2 FSCLBaseUpdaterService; C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe [65536 2007-06-04] () R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 Thorn; C:\Users\artpc.artpc-PC\AppData\Local\THORN\Thorn.exe [36664 2013-10-17] (GGS) ==================== Drivers (Whitelisted) ==================== R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) R1 afw; C:\Windows\System32\DRIVERS\afw.sys [29208 2013-03-28] (Agnitum Ltd.) R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [318488 2013-03-28] (Agnitum Ltd.) S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2013-04-18] (Google Inc) S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG) R1 BdSpy; C:\Windows\System32\DRIVERS\BdSpy.sys [58592 2013-04-01] (BullGuard Ltd.) S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.) R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.) R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.) R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.) S3 Profos; C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [14720 2010-07-08] (BitDefender S.R.L.) R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] () R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH) S3 Thetta; C:\Windows\System32\DRIVERS\Thetta32.sys [205656 2013-12-17] (Windows (R) Win 7 DDK provider) S3 Trufos; C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\trufos.sys [39808 2010-07-08] (BitDefender S.R.L.) R1 WINIO; C:\Windows\system32\WinIo.sys [9336 2007-01-04] (hxxp://www.internals.com) S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] S3 usbbus; system32\DRIVERS\lgusbbus.sys [x] S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x] S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-16 14:58 - 2014-01-16 14:58 - 00000000 ____D C:\FRST 2014-01-15 13:49 - 2014-01-15 13:49 - 00000000 ____D C:\ProgramData\boost_interprocess 2014-01-15 02:59 - 2014-01-16 13:41 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\THORN 2014-01-15 02:58 - 2014-01-15 02:58 - 00001605 _____ C:\Users\artpc.artpc-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BS.lnk 2014-01-15 02:58 - 2014-01-15 02:58 - 00001581 _____ C:\Users\artpc.artpc-PC\Desktop\BS.lnk 2014-01-14 16:40 - 2014-01-14 16:40 - 00000754 _____ C:\Users\artpc.artpc-PC\Desktop\GameNet.lnk 2014-01-14 16:40 - 2014-01-14 16:40 - 00000000 ____D C:\Program Files\GameNet 2014-01-14 16:39 - 2014-01-16 13:52 - 00000000 ____D C:\Program Files\QGNA 2014-01-14 16:39 - 2013-12-17 15:06 - 00205656 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Thetta32.sys 2014-01-10 12:24 - 2014-01-10 12:24 - 00000368 _____ C:\Windows\PFRO.log 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr ==================== One Month Modified Files and Folders ======= 2014-01-16 14:58 - 2014-01-16 14:58 - 00000000 ____D C:\FRST 2014-01-16 14:58 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2014-01-16 14:58 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2014-01-16 14:51 - 2013-09-21 18:42 - 00000392 ____H C:\Windows\Tasks\User_Feed_Synchronization-{F28FB0E6-C1A5-46AB-97DA-C5159556C201}.job 2014-01-16 14:46 - 2012-05-27 15:23 - 00000996 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA.job 2014-01-16 14:44 - 2013-03-28 21:52 - 00057688 _____ C:\Windows\system32\config\afw_hm.conf 2014-01-16 14:44 - 2013-03-28 21:52 - 00000004 _____ C:\Windows\system32\config\afw_db.conf 2014-01-16 14:17 - 2012-04-23 14:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-01-16 13:55 - 2010-03-15 15:56 - 01136564 _____ C:\Windows\WindowsUpdate.log 2014-01-16 13:53 - 2013-03-28 20:56 - 00000000 ____D C:\ProgramData\BullGuard 2014-01-16 13:52 - 2014-01-14 16:39 - 00000000 ____D C:\Program Files\QGNA 2014-01-16 13:48 - 2012-08-03 00:07 - 00000374 ____H C:\Windows\Tasks\OptimizerProUpdaterTask{9B360689-EE64-4AB1-941E-48EE2C16979C}.job 2014-01-16 13:41 - 2014-01-15 02:59 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\THORN 2014-01-16 13:40 - 2011-05-31 00:04 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2014-01-16 13:40 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2014-01-16 03:46 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2014-01-16 03:15 - 2008-08-14 03:01 - 00000000 ____D C:\ProgramData\Microsoft Help 2014-01-16 03:12 - 2013-08-15 14:26 - 00000000 ____D C:\Windows\system32\MRT 2014-01-16 03:04 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2014-01-16 01:19 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing 2014-01-15 19:46 - 2012-05-27 15:23 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core.job 2014-01-15 13:49 - 2014-01-15 13:49 - 00000000 ____D C:\ProgramData\boost_interprocess 2014-01-15 02:58 - 2014-01-15 02:58 - 00001605 _____ C:\Users\artpc.artpc-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BS.lnk 2014-01-15 02:58 - 2014-01-15 02:58 - 00001581 _____ C:\Users\artpc.artpc-PC\Desktop\BS.lnk 2014-01-14 18:00 - 2013-03-19 14:55 - 00000440 _____ C:\Windows\Tasks\SpeedMaxPc Registration3.job 2014-01-14 16:40 - 2014-01-14 16:40 - 00000754 _____ C:\Users\artpc.artpc-PC\Desktop\GameNet.lnk 2014-01-14 16:40 - 2014-01-14 16:40 - 00000000 ____D C:\Program Files\GameNet 2014-01-13 21:39 - 2008-01-21 08:16 - 01445546 _____ C:\Windows\system32\PerfStringBackup.INI 2014-01-12 12:57 - 2013-05-01 20:11 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\LG Electronics 2014-01-10 12:24 - 2014-01-10 12:24 - 00000368 _____ C:\Windows\PFRO.log 2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr 2013-12-24 02:30 - 2013-03-19 14:55 - 00000398 _____ C:\Windows\Tasks\SpeedMaxPc Update3.job 2013-12-22 21:06 - 2013-02-08 02:49 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify 2013-12-22 20:43 - 2013-02-08 02:49 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\Spotify 2013-12-18 16:31 - 2013-02-24 00:49 - 00135648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-12-18 16:31 - 2013-02-24 00:49 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-12-17 22:43 - 2011-09-10 23:33 - 00000000 ____D C:\ProgramData\IObit 2013-12-17 15:06 - 2014-01-14 16:39 - 00205656 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Thetta32.sys Some content of TEMP: ==================== C:\Users\artpc.artpc-PC\AppData\Local\Temp\avgnt.exe C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup23156.exe C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup28070.exe C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup8773.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit oder auch noch was anderes auch mit FRST, kenne mich leider nicht aus aber vl. sagt es was?:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2014 03 Ran by artpc at 2014-01-16 15:02:01 Running from C:\Documents Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AV: BullGuard Antivirus (Enabled - Up to date) {504FFF66-3028-EB7E-2E60-62B19ADD791C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: BullGuard Antispyware (Enabled - Up to date) {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: BullGuard Firewall (Disabled) {68747E43-7A47-EA26-053F-CB84640E3E67} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (Version: - Microsoft) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden 4500_G510gm_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden 4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden 4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden 7-Zip 9.20 (Version: - ) Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (Version: 11.6.7.637 - Adobe Systems, Inc.) Advanced SystemCare 5 (Version: 5.2.0 - IObit) ALPS Touch Pad Driver (Version: - ) AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) ArcSoft MediaImpression HD Edition (Version: 3.5.255.985 - ArcSoft) Ask Toolbar (Version: 12.9.1.17 - APN, LLC) <==== ATTENTION Audacity 1.3.13 (Unicode) (Version: - Audacity Team) Avira Free Antivirus (Version: 14.0.2.286 - Avira) BS.ru (Version: 1.0 - Global Gamers Solution ©) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden BullGuard (Version: 9.0 - BullGuard Ltd.) CCleaner (Version: 4.01 - Piriform) Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000 - Microsoft Corporation) Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden Digital Video Repair 1.0 (Version: - ) DivX-Setup (Version: 2.6.1.84 - DivX, LLC) DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden FSCLounge (Version: 1.0.0 - Fujitsu Siemens Computers) Google Chrome (Version: 32.0.1700.76 - Google Inc.) GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden HP Customer Participation Program 13.0 (Version: 13.0 - HP) HP Document Manager 2.0 (Version: 2.0 - HP) HP Imaging Device Functions 13.0 (Version: 13.0 - HP) HP Officejet 4500 G510g-m (Version: 13.0 - HP) HP Smart Web Printing 4.5 (Version: 4.5 - HP) HP Solution Center 13.0 (Version: 13.0 - HP) HP Update (Version: 5.003.001.001 - Hewlett-Packard) HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden Intel(R) Graphics Media Accelerator Driver (Version: - ) Intel(R) Network Connections Drivers (Version: - ) IObit Apps Toolbar v7.6 (Version: 7.6 - Spigot, Inc.) <==== ATTENTION Java 7 Update 45 (Version: 7.0.450 - Oracle) Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden LG Bluetooth Drivers (Version: 1.1 - LG Electronics) LG PC Suite (Version: 5.3.10.20131107 - LG Electronics) LG United Mobile Driver (Version: 3.10.1.0 - LG Electronics) MAGIX Video deluxe 2013 (Version: 12.0.0.32 - MAGIX AG) Hidden MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (Version: 9.7.0621 - Microsoft Corporation) MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation) neroxml (Version: 1.0.0 - Nero AG) Hidden Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP) OpenOffice.org 3.3 (Version: 3.3.9567 - OpenOffice.org) PDF Architect (Version: 1.1.83.9982 - pdfforge GmbH) PDFCreator (Version: 1.7.0 - pdfforge) Picasa 3 (Version: 3.9 - Google, Inc.) Power Manager 2.8.4 (Version: 2.8.4 - FIC, Inc.) QGNA (Version: 1.36.719.0 - Global Gamers Solutions ©) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (Version: 16.0.3 - RealNetworks) Realtek High Definition Audio Driver (Version: 6.0.1.5618 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (Version: 13.0 - HP) Smart Defrag 2 (Version: 2.7 - IObit) SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated) Spotify (Version: 0.9.4.185.g7545a404 - Spotify AB) Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (Version: - Microsoft) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden VKMusic 4 (Version: 4.56 - ) VLC media player 2.0.5 (Version: 2.0.5 - VideoLAN) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden WiFi HotSpot Creator (Version: 2.0.0 - DanuSoft) Windows Media Player Firefox Plugin (Version: 1.0.0.8 - Microsoft Corp) WinRAR 4.20 (32-Bit) (Version: 4.20.0 - win.rar GmbH) xp-AntiSpy 3.98-2 (Version: - Christian Taubenheim) ==================== Restore Points ========================= 10-01-2014 13:09:37 Geplanter Prüfpunkt 11-01-2014 16:22:07 Geplanter Prüfpunkt 12-01-2014 15:52:01 Geplanter Prüfpunkt 15-01-2014 03:14:43 Geplanter Prüfpunkt 16-01-2014 02:01:42 Windows Update ==================== Hosts content: ========================== 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0050265D-4EA6-4D24-A4C4-6CD150C59E89} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {0757B605-B1FE-4D84-98D6-CC19727FD233} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-27] (Google Inc.) Task: {14AA24C1-75C1-43CE-82C3-9182E90B6A3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {1E0DF468-3C26-44F9-9931-6BAE39B3B7FF} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe Task: {2A2FD524-8E7F-44E1-A2E1-3CF6B6F0A351} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-09-12] (RealNetworks, Inc.) Task: {2AA9C7EC-2C74-4BA9-9030-510C8FCA92E8} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI Task: {34E1C497-1501-4922-837C-FD14A51015DC} - System32\Tasks\OptimizerProUpdaterTask{9B360689-EE64-4AB1-941E-48EE2C16979C} => C:\ProgramData\OptimizerPro\OptimizerPro.exe [2012-08-03] () <==== ATTENTION Task: {3B65512E-8CB7-4314-A478-8299B37DA59E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation) Task: {462BF972-FB1C-4815-B763-3F0D60537115} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-27] (Google Inc.) Task: {558C6BA7-3CA3-4733-AFBC-3201DECAC446} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [2012-12-11] (IObit) Task: {5D53DF66-6FAF-43B7-845F-278C2D9DD02B} - System32\Tasks\SpeedMaxPc Update3 => C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe Task: {71EA1767-DCC8-4042-8377-78F951DACE8D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated) Task: {735AF642-57DF-4C31-B214-650AA799792C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) Task: {77FAEC25-AEB1-460B-B3B5-AD321AC8E226} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe Task: {7EC41868-827F-4ABB-B64C-B1A990709B01} - System32\Tasks\VKSaverUpdate => C:\ProgramData\VKSaver\VKSaver.exe [2012-12-25] (AudioVkontakte.ru) Task: {8331A07D-0EC2-452A-B4B3-F11C75EB1AF1} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe Task: {8E2577CD-6217-46D8-9FBC-0F696B485B09} - System32\Tasks\SpeedMaxPc Registration3 => Rundll32.exe "C:\Program Files\Common Files\SpeedMaxPc\UUS3\UUS3.dll" RunUns Task: {8F38313F-4110-41E9-963A-DCEBC0154C40} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe [2012-09-06] (IObit) Task: {9E9B6439-437F-4EB1-B9F2-17A70819DEBB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {AC6F9E9C-8EBB-4215-BE16-51BFE2646DED} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe Task: {ACDCD493-59F7-463D-B64D-4037FF9FCBF3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {B368B0AF-A887-42FD-8FBE-A205E720FC4B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {BD7B197A-0347-43A9-827C-57D39CD38309} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard) Task: {CCCC2426-AF6F-48CB-8C26-8F915ADA1C13} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe Task: {D5D19CC3-E7DF-4A53-8BB7-A1099D0158DE} - System32\Tasks\Google Updater and Installer => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-27] (Google Inc.) Task: {D97B1DC3-D3C5-44A0-9C45-17A6BD613C61} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {DE5D3EC7-23BB-4FC6-9996-A71C787E9466} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated) Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] () Task: {E8BAB889-3F96-4FA5-AB78-8FCAD15232F9} - System32\Tasks\GameNet => C:/Program Files/QGNA/qgna.exe [2014-01-09] (GGS) Task: {ECC33EB1-F4D6-443A-91CA-90DC8EF2189A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe Task: {EE3CD7D1-34EF-4A23-B222-A1C813234535} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.) Task: {F8084A72-B47B-4EEE-BF06-0548E29D970A} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core.job => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA.job => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\OptimizerProUpdaterTask{9B360689-EE64-4AB1-941E-48EE2C16979C}.job => C:\ProgramData\OptimizerPro\OptimizerPro.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedMaxPc Registration3.job => C:\Program Files\Common Files\SpeedMaxPc\UUS3\UUS3.dll Task: C:\Windows\Tasks\SpeedMaxPc Update3.job => C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe Task: C:\Windows\Tasks\User_Feed_Synchronization-{F28FB0E6-C1A5-46AB-97DA-C5159556C201}.job => C:\Windows\system32\msfeedssync.exe ==================== Loaded Modules (whitelisted) ============= 2013-02-25 01:48 - 2011-08-19 16:33 - 00047960 _____ () C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll 2012-05-14 18:46 - 2011-11-10 21:43 - 00103256 _____ () C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu.dll 2014-01-08 00:48 - 2014-01-07 05:05 - 04055320 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll 2014-01-08 00:48 - 2014-01-07 05:05 - 00399640 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll 2014-01-08 00:48 - 2014-01-07 05:04 - 01634584 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll 2014-01-08 10:17 - 2014-01-08 10:17 - 04591616 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll 2014-01-08 10:17 - 2014-01-08 10:17 - 00112128 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll 2014-01-08 00:48 - 2014-01-07 05:05 - 13615896 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4 AlternateDataStreams: C:\ProgramData\TEMP:A8665DF4 AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service" ==================== Faulty Device Manager Devices ============= Name: Microsoft-6zu4-Adapter #17 Description: Microsoft-6zu4-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver Name: isatap.{C87FB976-F093-4DE7-8353-1B8379184E8B} Description: Microsoft-ISATAP-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (01/16/2014 01:42:21 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/15/2014 06:06:10 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/15/2014 06:05:12 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/14/2014 02:07:02 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/13/2014 05:04:56 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe". Error: (01/13/2014 05:04:52 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/12/2014 00:11:32 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/11/2014 02:51:09 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/10/2014 05:06:31 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/10/2014 00:25:47 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/16/2014 01:52:17 PM) (Source: Microsoft-Windows-Bits-Client) (User: NT-AUTORITÄT) Description: artpc-PC\artpc24360 Error: (01/16/2014 03:46:09 AM) (Source: DCOM) (User: ) Description: {6295DF2D-35EE-11D1-8707-00C04FD93327} Error: (01/16/2014 03:14:35 AM) (Source: Service Control Manager) (User: ) Description: Windows Search%%1053 Error: (01/16/2014 03:14:35 AM) (Source: Service Control Manager) (User: ) Description: 30000Windows Search Error: (01/16/2014 03:14:35 AM) (Source: Service Control Manager) (User: ) Description: Windows Search%%1053 Error: (01/16/2014 03:14:34 AM) (Source: Service Control Manager) (User: ) Description: 30000Windows Search Error: (01/16/2014 03:14:34 AM) (Source: DCOM) (User: ) Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (01/13/2014 05:07:41 PM) (Source: Microsoft-Windows-Bits-Client) (User: NT-AUTORITÄT) Description: artpc-PC\artpc22260 Error: (01/11/2014 03:36:39 AM) (Source: DCOM) (User: ) Description: {6295DF2D-35EE-11D1-8707-00C04FD93327} Error: (01/10/2014 02:51:34 PM) (Source: Dhcp) (User: ) Description: Die Lease dieses Computers zu der IP-Adresse 192.168.100.2 über die Netzwerkkarte mit der Netzwerkadresse 00140B60C635 ist verloren gegangen. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-01-16 15:01:44.386 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:43.863 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:43.341 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:42.145 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:41.621 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:41.073 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:40.524 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:39.966 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:15.608 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 15:01:15.088 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 69% Total physical RAM: 3032.18 MB Available physical RAM: 927.63 MB Total Pagefile: 6302.62 MB Available Pagefile: 3129.48 MB Total Virtual: 2047.88 MB Available Virtual: 1888.43 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:67.37 GB) (Free:0.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:156.73 GB) (Free:0.36 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 233 GB) (Disk ID: D56DB547) Partition 1: (Not Active) - (Size=9 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=67 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=157 GB) - (Type=07 NTFS) ==================== End Of Log ============================ --- --- --- --- --- --- könnte ihr vl mitteilen ob es gefährlich sein könnte wenn man so ein scann postet? Danke im Voraus. Gruß |
Themen zu Werbung trotz Addblocker Plus. Funktioniert nicht. |
4d36e972-e325-11ce-bfc1-08002be10318, adblock, adblocker, adblocker funktioniert nicht, adobe, antivir, antivirus, avira, converter, coupons, defender, desktop, excel, fehler, fehler scan, flash player, google, home, homepage, hotspot, microsoft-6zu4-adapter, mozilla, officejet, optimizerpro, pc aufbessern, realtek, registry, required, rundll, scan, security, services.exe, software, spotify web helper, svchost.exe, system, werbung, werbung bei chrome, windows, wsearch |