| |
| |||||||
Log-Analyse und Auswertung: JS/Kromtracker Viren u.a.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.01.2014, 20:13
| #1 |
| |  JS/Kromtracker Viren u.a. Hallo!  Heute wollte ich mir das Animationprogramm Pivot downloaden und habe versehentlich bei der Installation unerwünschtes Zeugs installiert. Habe dann erst mal AdwCleaner durchlaufen gelassen. Jetzt hat mein Antivirenprogramm Avira allerdings Viren gefunden. Habe im abgesicherten Windowsmodus einen Scan gemacht. Der Scan ergab 5 Funde. Anschließend kam, die Meldung, dass allerdings nur 3 in die Quarantäne verschoben wurden. Habe danach erneut einen Scan durchgeführt und dieser ergab dann keine Funde. Hier mal die Logs: Erster Scan: Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 20. Januar 2014 17:15
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 8
Windowsversion : (plain) [6.2.9200]
Boot Modus : Abgesicherter Modus
Benutzername : Valiäöü
Computername : LAPPI
Versionsinformationen:
BUILD.DAT : 14.0.2.286 55547 Bytes 09.12.2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17.12.2013 14:51:47
AVSCANRC.DLL : 14.0.2.180 62008 Bytes 17.12.2013 14:52:43
LUKE.DLL : 14.0.2.234 65592 Bytes 17.12.2013 14:53:12
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17.12.2013 14:52:44
AVREG.DLL : 14.0.2.212 250424 Bytes 17.12.2013 14:51:46
avlode.dll : 14.0.2.254 540216 Bytes 17.12.2013 14:51:44
avlode.rdf : 13.0.1.66 56973 Bytes 15.01.2014 16:24:22
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 23:03:03
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 23:03:08
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 23:03:14
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 23:03:19
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 23:03:27
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 23:03:42
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 13:44:14
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 17:16:18
VBASE008.VDF : 7.11.120.140 1154560 Bytes 19.12.2013 19:29:02
VBASE009.VDF : 7.11.120.141 2048 Bytes 19.12.2013 19:29:02
VBASE010.VDF : 7.11.120.142 2048 Bytes 19.12.2013 19:29:02
VBASE011.VDF : 7.11.120.143 2048 Bytes 19.12.2013 19:29:02
VBASE012.VDF : 7.11.120.144 2048 Bytes 19.12.2013 19:29:02
VBASE013.VDF : 7.11.120.145 2048 Bytes 19.12.2013 19:29:02
VBASE014.VDF : 7.11.121.19 126976 Bytes 21.12.2013 16:14:33
VBASE015.VDF : 7.11.121.147 122880 Bytes 24.12.2013 08:50:08
VBASE016.VDF : 7.11.121.233 115712 Bytes 25.12.2013 19:18:43
VBASE017.VDF : 7.11.122.57 325120 Bytes 27.12.2013 09:37:27
VBASE018.VDF : 7.11.122.123 199680 Bytes 28.12.2013 17:27:39
VBASE019.VDF : 7.11.122.219 368640 Bytes 01.01.2014 11:50:03
VBASE020.VDF : 7.11.123.39 182272 Bytes 03.01.2014 11:38:11
VBASE021.VDF : 7.11.123.141 124416 Bytes 05.01.2014 18:26:06
VBASE022.VDF : 7.11.124.11 172032 Bytes 08.01.2014 15:52:31
VBASE023.VDF : 7.11.124.79 144896 Bytes 09.01.2014 16:04:05
VBASE024.VDF : 7.11.124.177 178176 Bytes 11.01.2014 10:24:37
VBASE025.VDF : 7.11.125.41 319488 Bytes 14.01.2014 16:24:21
VBASE026.VDF : 7.11.125.149 260096 Bytes 17.01.2014 12:30:07
VBASE027.VDF : 7.11.125.207 190976 Bytes 20.01.2014 15:35:40
VBASE028.VDF : 7.11.125.208 2048 Bytes 20.01.2014 15:35:40
VBASE029.VDF : 7.11.125.209 2048 Bytes 20.01.2014 15:35:40
VBASE030.VDF : 7.11.125.210 2048 Bytes 20.01.2014 15:35:40
VBASE031.VDF : 7.11.125.224 87040 Bytes 20.01.2014 15:35:41
Engineversion : 8.2.12.174
AEVDF.DLL : 8.1.3.4 102774 Bytes 12.09.2013 23:03:59
AESCRIPT.DLL : 8.1.4.180 520574 Bytes 16.01.2014 15:43:14
AESCN.DLL : 8.1.10.6 131447 Bytes 11.12.2013 17:17:04
AESBX.DLL : 8.2.20.6 1331575 Bytes 13.01.2014 16:08:39
AERDL.DLL : 8.2.0.138 704888 Bytes 11.12.2013 17:17:03
AEPACK.DLL : 8.3.3.8 762232 Bytes 19.12.2013 19:29:11
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 12.09.2013 23:03:56
AEHEUR.DLL : 8.1.4.870 6459770 Bytes 16.01.2014 15:43:13
AEHELP.DLL : 8.1.27.10 266618 Bytes 22.11.2013 14:04:34
AEGEN.DLL : 8.1.7.22 446839 Bytes 15.01.2014 16:24:22
AEEXP.DLL : 8.4.1.164 409976 Bytes 09.01.2014 16:04:19
AEEMU.DLL : 8.1.3.2 393587 Bytes 12.09.2013 23:03:49
AECORE.DLL : 8.1.33.0 225657 Bytes 11.12.2013 17:16:33
AEBB.DLL : 8.1.1.4 53619 Bytes 12.09.2013 23:03:48
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17.12.2013 14:50:44
AVPREF.DLL : 14.0.2.180 48696 Bytes 17.12.2013 14:51:46
AVREP.DLL : 14.0.2.180 175672 Bytes 17.12.2013 14:51:46
AVARKT.DLL : 14.0.2.254 256056 Bytes 17.12.2013 14:51:18
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17.12.2013 14:51:35
SQLITE3.DLL : 3.7.0.1 394824 Bytes 12.09.2013 23:05:06
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17.12.2013 14:52:46
NETNT.DLL : 14.0.2.180 13368 Bytes 17.12.2013 14:53:13
RCIMAGE.DLL : 14.0.2.180 4786744 Bytes 17.12.2013 14:50:44
RCTEXT.DLL : 14.0.2.270 73272 Bytes 17.12.2013 14:50:44
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Montag, 20. Januar 2014 17:15
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '137' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'helppane.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '49' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1946' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <OS_Install>
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx
[0] Archivtyp: ZIP
--> background.js
[FUND] Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.A
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> content.js
[FUND] Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\644XJ1I1\Setup[1].exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/hphehadppenpmajgnkjdcopcfijjegaf.crx
[1] Archivtyp: ZIP
--> background.js
[FUND] Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.A
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> content.js
[FUND] Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYGJB4K5\adsapi_3_0_99[1].swf
[FUND] Enthält den SWF-Virus SWF/Dldr.AdSechost.A
Beginne mit der Suche in 'D:\' <Data>
Beginne mit der Desinfektion:
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYGJB4K5\adsapi_3_0_99[1].swf
[FUND] Enthält den SWF-Virus SWF/Dldr.AdSechost.A
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5d83c1ca.qua' verschoben!
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\644XJ1I1\Setup[1].exe
[FUND] Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4515ee6e.qua' verschoben!
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx
[FUND] Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '175eb471.qua' verschoben!
Ende des Suchlaufs: Montag, 20. Januar 2014 18:42
Benötigte Zeit: 1:25:34 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
78300 Verzeichnisse wurden überprüft
1238627 Dateien wurden geprüft
5 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
3 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1238622 Dateien ohne Befall
7883 Archive wurden durchsucht
4 Warnungen
3 Hinweise
Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 20. Januar 2014 18:46
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 8
Windowsversion : (plain) [6.2.9200]
Boot Modus : Abgesicherter Modus
Benutzername : Valiäöü
Computername : LAPPI
Versionsinformationen:
BUILD.DAT : 14.0.2.286 55547 Bytes 09.12.2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 17.12.2013 14:51:47
AVSCANRC.DLL : 14.0.2.180 62008 Bytes 17.12.2013 14:52:43
LUKE.DLL : 14.0.2.234 65592 Bytes 17.12.2013 14:53:12
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 17.12.2013 14:52:44
AVREG.DLL : 14.0.2.212 250424 Bytes 17.12.2013 14:51:46
avlode.dll : 14.0.2.254 540216 Bytes 17.12.2013 14:51:44
avlode.rdf : 13.0.1.66 56973 Bytes 15.01.2014 16:24:22
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 23:03:03
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 23:03:08
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 23:03:14
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 23:03:19
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 23:03:27
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 23:03:42
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 13:44:14
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 17:16:18
VBASE008.VDF : 7.11.120.140 1154560 Bytes 19.12.2013 19:29:02
VBASE009.VDF : 7.11.120.141 2048 Bytes 19.12.2013 19:29:02
VBASE010.VDF : 7.11.120.142 2048 Bytes 19.12.2013 19:29:02
VBASE011.VDF : 7.11.120.143 2048 Bytes 19.12.2013 19:29:02
VBASE012.VDF : 7.11.120.144 2048 Bytes 19.12.2013 19:29:02
VBASE013.VDF : 7.11.120.145 2048 Bytes 19.12.2013 19:29:02
VBASE014.VDF : 7.11.121.19 126976 Bytes 21.12.2013 16:14:33
VBASE015.VDF : 7.11.121.147 122880 Bytes 24.12.2013 08:50:08
VBASE016.VDF : 7.11.121.233 115712 Bytes 25.12.2013 19:18:43
VBASE017.VDF : 7.11.122.57 325120 Bytes 27.12.2013 09:37:27
VBASE018.VDF : 7.11.122.123 199680 Bytes 28.12.2013 17:27:39
VBASE019.VDF : 7.11.122.219 368640 Bytes 01.01.2014 11:50:03
VBASE020.VDF : 7.11.123.39 182272 Bytes 03.01.2014 11:38:11
VBASE021.VDF : 7.11.123.141 124416 Bytes 05.01.2014 18:26:06
VBASE022.VDF : 7.11.124.11 172032 Bytes 08.01.2014 15:52:31
VBASE023.VDF : 7.11.124.79 144896 Bytes 09.01.2014 16:04:05
VBASE024.VDF : 7.11.124.177 178176 Bytes 11.01.2014 10:24:37
VBASE025.VDF : 7.11.125.41 319488 Bytes 14.01.2014 16:24:21
VBASE026.VDF : 7.11.125.149 260096 Bytes 17.01.2014 12:30:07
VBASE027.VDF : 7.11.125.207 190976 Bytes 20.01.2014 15:35:40
VBASE028.VDF : 7.11.125.208 2048 Bytes 20.01.2014 15:35:40
VBASE029.VDF : 7.11.125.209 2048 Bytes 20.01.2014 15:35:40
VBASE030.VDF : 7.11.125.210 2048 Bytes 20.01.2014 15:35:40
VBASE031.VDF : 7.11.125.224 87040 Bytes 20.01.2014 15:35:41
Engineversion : 8.2.12.174
AEVDF.DLL : 8.1.3.4 102774 Bytes 12.09.2013 23:03:59
AESCRIPT.DLL : 8.1.4.180 520574 Bytes 16.01.2014 15:43:14
AESCN.DLL : 8.1.10.6 131447 Bytes 11.12.2013 17:17:04
AESBX.DLL : 8.2.20.6 1331575 Bytes 13.01.2014 16:08:39
AERDL.DLL : 8.2.0.138 704888 Bytes 11.12.2013 17:17:03
AEPACK.DLL : 8.3.3.8 762232 Bytes 19.12.2013 19:29:11
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 12.09.2013 23:03:56
AEHEUR.DLL : 8.1.4.870 6459770 Bytes 16.01.2014 15:43:13
AEHELP.DLL : 8.1.27.10 266618 Bytes 22.11.2013 14:04:34
AEGEN.DLL : 8.1.7.22 446839 Bytes 15.01.2014 16:24:22
AEEXP.DLL : 8.4.1.164 409976 Bytes 09.01.2014 16:04:19
AEEMU.DLL : 8.1.3.2 393587 Bytes 12.09.2013 23:03:49
AECORE.DLL : 8.1.33.0 225657 Bytes 11.12.2013 17:16:33
AEBB.DLL : 8.1.1.4 53619 Bytes 12.09.2013 23:03:48
AVWINLL.DLL : 14.0.2.180 23608 Bytes 17.12.2013 14:50:44
AVPREF.DLL : 14.0.2.180 48696 Bytes 17.12.2013 14:51:46
AVREP.DLL : 14.0.2.180 175672 Bytes 17.12.2013 14:51:46
AVARKT.DLL : 14.0.2.254 256056 Bytes 17.12.2013 14:51:18
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 17.12.2013 14:51:35
SQLITE3.DLL : 3.7.0.1 394824 Bytes 12.09.2013 23:05:06
AVSMTP.DLL : 14.0.2.180 60472 Bytes 17.12.2013 14:52:46
NETNT.DLL : 14.0.2.180 13368 Bytes 17.12.2013 14:53:13
RCIMAGE.DLL : 14.0.2.180 4786744 Bytes 17.12.2013 14:50:44
RCTEXT.DLL : 14.0.2.270 73272 Bytes 17.12.2013 14:50:44
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Montag, 20. Januar 2014 18:46
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '177' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'helppane.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '51' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1946' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <OS_Install>
Beginne mit der Suche in 'D:\' <Data>
Ende des Suchlaufs: Montag, 20. Januar 2014 19:52
Benötigte Zeit: 1:06:00 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
78299 Verzeichnisse wurden überprüft
1238622 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1238622 Dateien ohne Befall
7877 Archive wurden durchsucht
0 Warnungen
0 Hinweise
Würde mich über Hilfe sehr freuen! Gruß Grinsbart |
|
20.01.2014, 21:21
| #2 |
| /// the machine /// TB-Ausbilder    | JS/Kromtracker Viren u.a. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.01.2014, 21:40
| #3 |
| | JS/Kromtracker Viren u.a. Danke erstmal für die schnelle Hilfe!
__________________Hier die Logs : FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by Valiäöü (administrator) on LAPPI on 20-01-2014 21:38:08
Running from C:\Users\Public\Documents
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRE.EXE
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [EPSONCEF5A2 (Epson Stylus Office BX305 Plus)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {86092E39-277A-42CE-8D21-1C344B57E52B} URL =
BHO-x32: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipbho.dll (Jump Flip)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-13]
CHR Extension: (Google Drive) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-13]
CHR Extension: (YouTube) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-13]
CHR Extension: (Google-Suche) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-13]
CHR Extension: (Google Wallet) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2013-09-13]
==================== Services (Whitelisted) =================
U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
U2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.)
U2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI)
U2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
U3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
U2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
U2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
U2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [97056 2014-01-16] ()
U2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [97056 2014-01-20] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
U2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
U3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
U3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation )
U0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
U0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 21:38 - 2014-01-20 21:38 - 00016646 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:54 - 2014-01-20 20:23 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:54 - 2014-01-20 19:56 - 00000000 ____D C:\AdwCleaner
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 19:58 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:44 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-20 16:42 - 2014-01-20 16:42 - 01765888 _____ C:\Users\Public\Documents\Pivot_hrdc_ns.exe
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:39 - 2014-01-19 19:40 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 17:32 - 2014-01-19 19:33 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 16:07 - 2014-01-19 19:17 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-15 18:44 - 2014-01-15 18:44 - 00336936 _____ (Amônétízé Ltd) C:\Users\Valiäöü\Downloads\FlashPlayersetup__3873_i266056225_il3.exe
2014-01-15 17:31 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 17:31 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 17:31 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 17:31 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 17:31 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 17:31 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 17:31 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 17:31 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 17:31 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-12 12:50 - 2009-09-30 18:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBHRE.DLL
2014-01-12 12:50 - 2008-11-11 18:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHRE.DLL
2014-01-12 12:50 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-27 15:35 - 2013-12-27 15:38 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 16:50 - 2013-12-25 16:53 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 18:37 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:23 - 2013-12-25 16:25 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 15:49 - 2013-12-25 15:58 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:36 - 2013-12-25 15:47 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:16 - 2013-12-25 15:28 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:55 - 2014-01-19 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:52 - 2014-01-19 20:55 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2013-12-25 14:51 - 2013-12-25 16:20 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2014-01-19 20:56 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-02-22 19:12 - 00002110 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-25 14:49 - 2013-12-25 15:05 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:49 - 2013-09-26 21:04 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 14:49 - 2013-09-16 22:03 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:23 - 2013-12-24 21:47 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:21 - 2013-12-24 21:22 - 38691253 _____ (Dreambelievers ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 12:29 - 2014-01-19 13:20 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
==================== One Month Modified Files and Folders =======
2014-01-20 21:38 - 2014-01-20 21:38 - 00016646 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 21:31 - 2013-09-12 05:51 - 02091182 _____ C:\Windows\WindowsUpdate.log
2014-01-20 21:27 - 2013-09-12 23:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1002
2014-01-20 21:26 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\VirtualStore
2014-01-20 21:24 - 2013-09-13 00:09 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-20 21:23 - 2013-11-12 20:46 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Windows Live
2014-01-20 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-20 20:47 - 2013-09-25 15:31 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CrashDumps
2014-01-20 20:46 - 2013-09-26 18:00 - 00000000 ____D C:\Users\Valiäöü\Documents\FIFA 14
2014-01-20 20:42 - 2013-09-25 15:37 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-20 20:23 - 2014-01-20 18:54 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 20:01 - 2013-09-12 05:53 - 00039382 _____ C:\Users\Valiäöü\AppData\Local\BTServer.log
2014-01-20 19:58 - 2014-01-20 16:45 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-20 19:58 - 2013-04-28 00:49 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-20 19:57 - 2013-09-13 00:09 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-20 19:57 - 2013-04-28 00:51 - 00000000 ____D C:\ProgramData\Realtek
2014-01-20 19:57 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-20 19:56 - 2014-01-20 16:54 - 00000000 ____D C:\AdwCleaner
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:45 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-20 16:42 - 2014-01-20 16:42 - 01765888 _____ C:\Users\Public\Documents\Pivot_hrdc_ns.exe
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 21:46 - 2013-09-13 03:01 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Skype
2014-01-19 20:56 - 2013-12-25 14:50 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2014-01-19 20:55 - 2013-12-25 14:52 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:40 - 2014-01-19 19:39 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:33 - 2014-01-19 17:32 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 19:17 - 2014-01-19 16:07 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 18:30 - 2013-12-25 14:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2014-01-19 17:38 - 2013-10-05 20:48 - 00131072 ___SH C:\Users\Valiäöü\Downloads\Thumbs.db
2014-01-19 17:32 - 2013-09-13 03:01 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:32 - 2013-09-13 03:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 13:20 - 2013-12-23 12:29 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
2014-01-18 22:46 - 2013-09-18 20:52 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Spotify
2014-01-18 18:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-18 14:26 - 2013-09-13 00:11 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 13:29 - 2013-02-22 09:34 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-18 13:29 - 2013-02-22 09:34 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-18 13:29 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 21:54 - 2013-09-13 00:21 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\PMB Files
2014-01-16 17:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-15 22:12 - 2013-09-13 00:21 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 18:44 - 2014-01-15 18:44 - 00336936 _____ (Amônétízé Ltd) C:\Users\Valiäöü\Downloads\FlashPlayersetup__3873_i266056225_il3.exe
2014-01-15 18:08 - 2013-09-18 20:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Spotify
2014-01-15 17:54 - 2013-09-15 19:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:52 - 2013-09-15 19:32 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 21:13 - 2013-10-16 18:57 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Audacity
2014-01-12 21:13 - 2013-09-13 00:56 - 00000000 ____D C:\Users\Valiäöü\Desktop\Neuer Ordner
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 16:24 - 2013-12-15 12:14 - 00072704 ___SH C:\Users\Valiäöü\Documents\Thumbs.db
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-09 09:02 - 2013-12-12 16:57 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-12 16:57 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:00 - 2013-11-16 16:13 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Battle.net
2014-01-08 20:44 - 2013-11-05 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 18:09 - 2013-09-22 12:13 - 00000000 ____D C:\Users\Valiäöü\.gimp-2.8
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-08 18:05 - 2013-09-22 12:15 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\gtk-2.0
2014-01-08 17:10 - 2013-11-16 16:21 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-07 20:36 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-04 17:43 - 2013-09-25 15:41 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-04 14:25 - 2013-09-13 01:08 - 00000000 ____D C:\Users\Valiäöü\Desktop\ProtzischesRPGInventar
2014-01-04 13:42 - 2012-07-26 08:21 - 00040377 _____ C:\Windows\setupact.log
2014-01-03 21:16 - 2013-09-18 20:03 - 00000000 ____D C:\Program Files (x86)\DevPro
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-31 13:59 - 2013-12-18 20:59 - 00000000 ____D C:\Users\Valiäöü\Documents\TrackMania
2013-12-31 13:51 - 2013-12-18 20:59 - 00000000 ____D C:\ProgramData\TrackMania
2013-12-27 15:38 - 2013-12-27 15:35 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 18:37 - 2013-12-25 16:48 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:53 - 2013-12-25 16:50 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:25 - 2013-12-25 16:23 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 16:20 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 15:58 - 2013-12-25 15:49 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:47 - 2013-12-25 15:36 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:28 - 2013-12-25 15:16 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 15:05 - 2013-12-25 14:49 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-09-12 05:55 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:47 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:22 - 2013-12-24 21:21 - 38691253 _____ (Dreambelievers ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 20:54 - 2013-11-18 21:17 - 00000000 ____D C:\Users\Valiäöü\Desktop\KEEPCALM
Some content of TEMP:
====================
C:\Users\FIFA Offline\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\devpro.dll
C:\Users\Valiäöü\AppData\Local\Temp\DevPro.exe
C:\Users\Valiäöü\AppData\Local\Temp\DownloadManager.exe
C:\Users\Valiäöü\AppData\Local\Temp\htmlayout.dll
C:\Users\Valiäöü\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Valiäöü\AppData\Local\Temp\project1.exe
C:\Users\Valiäöü\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Valiäöü\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138630187.exe
C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138703140.exe
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138815593.exe
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138819890.exe
C:\Users\Valiäöü\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-18 14:49
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 04
Ran by Valiäöü at 2014-01-20 21:38:49
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
AruaROSE v893 (x32 Version: 893 - )
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battery Calibration (x32 Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (x32 Version: - Blizzard Entertainment)
BlueStacks App Player (x32 Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (x32 Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Castle Crashers (x32 Version: - The Behemoth)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (x32 Version: - )
Creation Master 14.1 (x32 Version: - FIFA MASTER)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DartPro 2.9.0.0 (x32 Version: - RuSyS)
EPSON BX305 Plus Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version: - )
Free M4a to MP3 Converter 8.0 (x32 Version: - ManiacTools.com)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version: - Blizzard Entertainment)
HyperCam 2 (x32 Version: 2.28.01 - Hyperionics Technology LLC)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jump Flip (Version: 2014.01.16.002256 - Jump Flip) <==== ATTENTION
KB9X Radio Switch Driver (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Lazarus 1.0.12 (Version: 1.0.12 - Lazarus Team)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Remind Manager (x32 Version: 2.12.1003 - MSI)
MSI Social Media Collection (x32 Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Anti-Theft (x32 Version: 1.10.0.9 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pokemon Online 2.3.2 (x32 Version: - Dreambelievers)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - )
Roll (x32 Version: - )
SCM (Version: 13.013.04234 - Application)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster Cinema (x32 Version: 1.00.01 - Creative Technology Limited)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.017 - MSI)
TrackMania Nations ESWC 1.7.9 (x32 Version: - Nadeo)
TrackMania Nations Forever (x32 Version: - Nadeo)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Vokabel Trainer 5 (x32 Version: - Manuel Wäschle)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
XSplit Broadcaster (x32 Version: 1.3.1309.1602 - SplitMediaLabs)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
14-01-2014 19:15:11 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0712A20A-E1DF-4B2D-8C6D-C216E6B8C03F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {098E7BEA-23E9-4277-AD91-7BC15F3B6C79} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3003F08D-CD3D-40D6-958B-6E45B8374FAB} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {503EBE27-D462-4FF9-98EA-D3C73E3AD2E2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5B165D58-39AF-4565-937B-31E0514D6631} - \Advanced System Protector No Task File
Task: {6FB1BFF5-DE4B-4847-A257-DFF94BAFB991} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {71AF0919-21AF-4CC1-9630-1AB0ADD2C3A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {74D01EBA-913D-457C-B836-64C7426959A2} - \RegClean Pro No Task File
Task: {8FF40BF9-ECC7-4A03-B683-A97B278CEE28} - System32\Tasks\{1C87B510-71F4-4B03-8345-C620F11E8915} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {9480CA09-2CC2-4215-8A4B-9455965D8F62} - \RegClean Pro_UPDATES No Task File
Task: {A15D2791-E443-4E09-A3AC-F53CA4B1AA98} - \RegClean Pro_DEFAULT No Task File
Task: {A62EE018-AD91-4912-9457-41A25DDA5F45} - \Advanced System Protector_startup No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8BDB1EA-27F5-4F42-89BE-0ABB20788B63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {CABDCEAD-6014-4C10-B33D-19EC237C4007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5E2B5DB-6BDC-4F10-ACF5-6695E2AC6600} - \Express FilesUpdate No Task File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-28 01:02 - 2012-11-01 19:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2013-09-13 00:07 - 2013-09-13 00:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-07-26 00:29 - 2012-07-26 04:06 - 00924672 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2012-07-26 00:26 - 2012-07-26 04:06 - 00720384 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2014-01-18 14:26 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
2013-04-28 00:44 - 2013-03-12 21:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 19:57 - 2012-06-14 19:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-16 04:15 - 2011-08-16 04:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 00:41 - 2011-08-18 00:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 19:56 - 2012-06-14 19:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 20:06 - 2012-06-14 20:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 19:55 - 2012-06-14 19:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2013-09-25 15:39 - 2013-11-28 21:24 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
Der angeforderte Dienst wurde bereits gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 8111.66 MB
Available physical RAM: 4896.82 MB
Total Pagefile: 13487.66 MB
Available Pagefile: 9495.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:469.36 GB) (Free:323.38 GB) NTFS
Drive d: (Data) (Fixed) (Total:209.58 GB) (Free:98.81 GB) NTFS
Drive e: (RCTYCOON) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4CC0E3F6)
Partition: GPT Partition Type
==================== End Of Log ============================
Dankeschön! |
|
21.01.2014, 12:01
| #4 |
| /// the machine /// TB-Ausbilder | JS/Kromtracker Viren u.a. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.01.2014, 16:45
| #5 |
| | JS/Kromtracker Viren u.a. Hallo! Hier die Logs : Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.21.05 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16750 Valiäöü :: LAPPI [Administrator] Schutz: Aktiviert 21.01.2014 16:08:05 mbam-log-2014-01-21 (16-08-05).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 272952 Laufzeit: 4 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 2 C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 2364 -> Löschen bei Neustart. C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 1964 -> Löschen bei Neustart. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 8 HKCR\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{f325945d-dafe-4312-95d8-1913aeb1d810} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{4318395F-DFF1-48AF-B5F0-958E93D16D56} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CurrentControlSet\Services\Util Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 3 C:\Program Files (x86)\Jump Flip (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart. C:\Program Files (x86)\Jump Flip\bin (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart. C:\Program Files (x86)\Jump Flip\bin\plugins (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 21 C:\Program Files (x86)\Jump Flip\JumpFlipBHO.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.Smart) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138630187.exe (PUP.Optional.Smart) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138703140.exe (PUP.Optional.Smart) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138815593.exe (PUP.Optional.ExpressFiles.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\AppData\Local\Temp\is616603462\184721341_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Public\Documents\Pivot_hrdc_ns.exe (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\Downloads\FlashPlayersetup__3873_i266056225_il3.exe (PUP.Optional.InstallMonetizer) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Valiäöü\Downloads\SoftonicDownloader_fuer_trackmania-nations.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\JumpFlip.ico (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\sqlite3.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart. C:\Program Files (x86)\Jump Flip\updateJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\bin\sqlite3.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart. C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.FFUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.GCUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.IEUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) AdwCleaner: Code:
ATTFilter # AdwCleaner v3.017 - Bericht erstellt am 21/01/2014 um 16:27:22
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Valiäöü - LAPPI
# Gestartet von : C:\Users\Public\Documents\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Google Chrome v32.0.1700.76
[ Datei : C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\FIFA Offline\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [968 octets] - [20/01/2014 16:55:01]
AdwCleaner[R1].txt - [1088 octets] - [20/01/2014 17:00:51]
AdwCleaner[R2].txt - [1148 octets] - [20/01/2014 18:44:25]
AdwCleaner[R3].txt - [1209 octets] - [20/01/2014 19:55:55]
AdwCleaner[R4].txt - [1259 octets] - [21/01/2014 16:26:35]
AdwCleaner[S0].txt - [1028 octets] - [20/01/2014 16:56:04]
AdwCleaner[S1].txt - [1180 octets] - [21/01/2014 16:27:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1240 octets] ##########
JunkwareRemovalTool: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8 x64
Ran by Vali„” on 21.01.2014 at 16:36:49,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.2014 at 16:38:51,62
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Valiäöü (administrator) on LAPPI on 21-01-2014 16:42:16
Running from C:\Users\Public\Documents
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRE.EXE
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Public\Documents\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [EPSONCEF5A2 (Epson Stylus Office BX305 Plus)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {86092E39-277A-42CE-8D21-1C344B57E52B} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-13]
CHR Extension: (Google Drive) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-13]
CHR Extension: (YouTube) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-13]
CHR Extension: (Google-Suche) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-13]
CHR Extension: (Google Wallet) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2013-09-13]
==================== Services (Whitelisted) =================
U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
U2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.)
U2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI)
U2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
U3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
U2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
U2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
U2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
U3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation )
U0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
U0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:40 - 2014-01-21 16:41 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64 (1).exe
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-20 21:38 - 2014-01-21 16:42 - 00016963 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:38 - 2014-01-20 21:39 - 00021882 _____ C:\Users\Public\Documents\Addition.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:54 - 2014-01-20 20:23 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:54 - 2014-01-21 16:27 - 00000000 ____D C:\AdwCleaner
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:44 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:39 - 2014-01-19 19:40 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 17:32 - 2014-01-19 19:33 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 16:07 - 2014-01-19 19:17 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-15 17:31 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 17:31 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 17:31 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 17:31 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 17:31 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 17:31 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 17:31 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 17:31 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 17:31 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-12 12:50 - 2009-09-30 18:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBHRE.DLL
2014-01-12 12:50 - 2008-11-11 18:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHRE.DLL
2014-01-12 12:50 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-27 15:35 - 2013-12-27 15:38 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 16:50 - 2013-12-25 16:53 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 18:37 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:23 - 2013-12-25 16:25 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 15:49 - 2013-12-25 15:58 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:36 - 2013-12-25 15:47 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:16 - 2013-12-25 15:28 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:55 - 2014-01-19 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:52 - 2014-01-19 20:55 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2013-12-25 14:51 - 2013-12-25 16:20 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2014-01-19 20:56 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-02-22 19:12 - 00002110 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-25 14:49 - 2013-12-25 15:05 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:49 - 2013-09-26 21:04 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 14:49 - 2013-09-16 22:03 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:23 - 2013-12-24 21:47 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:21 - 2013-12-24 21:22 - 38691253 _____ (Dreambelievers ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 12:29 - 2014-01-19 13:20 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
==================== One Month Modified Files and Folders =======
2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:42 - 2014-01-20 21:38 - 00016963 _____ C:\Users\Public\Documents\FRST.txt
2014-01-21 16:42 - 2013-09-12 23:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1002
2014-01-21 16:41 - 2014-01-21 16:40 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64 (1).exe
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:39 - 2013-09-12 05:53 - 00063368 _____ C:\Users\Valiäöü\AppData\Local\BTServer.log
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:36 - 2013-09-13 00:09 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 16:36 - 2013-04-28 00:49 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-21 16:35 - 2013-04-28 00:51 - 00000000 ____D C:\ProgramData\Realtek
2014-01-21 16:35 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 16:34 - 2013-09-12 05:51 - 01137339 _____ C:\Windows\WindowsUpdate.log
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:27 - 2014-01-20 16:54 - 00000000 ____D C:\AdwCleaner
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:24 - 2013-09-13 00:09 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 16:15 - 2013-02-22 08:00 - 00779826 _____ C:\Windows\PFRO.log
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-21 16:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-20 21:39 - 2014-01-20 21:38 - 00021882 _____ C:\Users\Public\Documents\Addition.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 21:26 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\VirtualStore
2014-01-20 21:23 - 2013-11-12 20:46 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Windows Live
2014-01-20 20:47 - 2013-09-25 15:31 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CrashDumps
2014-01-20 20:46 - 2013-09-26 18:00 - 00000000 ____D C:\Users\Valiäöü\Documents\FIFA 14
2014-01-20 20:42 - 2013-09-25 15:37 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-20 20:23 - 2014-01-20 18:54 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:45 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 21:46 - 2013-09-13 03:01 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Skype
2014-01-19 20:56 - 2013-12-25 14:50 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2014-01-19 20:55 - 2013-12-25 14:52 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:40 - 2014-01-19 19:39 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:33 - 2014-01-19 17:32 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 19:17 - 2014-01-19 16:07 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 18:30 - 2013-12-25 14:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2014-01-19 17:38 - 2013-10-05 20:48 - 00131072 ___SH C:\Users\Valiäöü\Downloads\Thumbs.db
2014-01-19 17:32 - 2013-09-13 03:01 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:32 - 2013-09-13 03:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 13:20 - 2013-12-23 12:29 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
2014-01-18 22:46 - 2013-09-18 20:52 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Spotify
2014-01-18 18:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-18 14:26 - 2013-09-13 00:11 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 13:29 - 2013-02-22 09:34 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-18 13:29 - 2013-02-22 09:34 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-18 13:29 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 21:54 - 2013-09-13 00:21 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\PMB Files
2014-01-16 17:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-15 22:12 - 2013-09-13 00:21 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 18:08 - 2013-09-18 20:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Spotify
2014-01-15 17:54 - 2013-09-15 19:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:52 - 2013-09-15 19:32 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 21:13 - 2013-10-16 18:57 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Audacity
2014-01-12 21:13 - 2013-09-13 00:56 - 00000000 ____D C:\Users\Valiäöü\Desktop\Neuer Ordner
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 16:24 - 2013-12-15 12:14 - 00072704 ___SH C:\Users\Valiäöü\Documents\Thumbs.db
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-09 09:02 - 2013-12-12 16:57 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-12 16:57 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:00 - 2013-11-16 16:13 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Battle.net
2014-01-08 20:44 - 2013-11-05 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 18:09 - 2013-09-22 12:13 - 00000000 ____D C:\Users\Valiäöü\.gimp-2.8
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-08 18:05 - 2013-09-22 12:15 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\gtk-2.0
2014-01-08 17:10 - 2013-11-16 16:21 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-07 20:36 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-04 17:43 - 2013-09-25 15:41 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-04 14:25 - 2013-09-13 01:08 - 00000000 ____D C:\Users\Valiäöü\Desktop\ProtzischesRPGInventar
2014-01-04 13:42 - 2012-07-26 08:21 - 00040377 _____ C:\Windows\setupact.log
2014-01-03 21:16 - 2013-09-18 20:03 - 00000000 ____D C:\Program Files (x86)\DevPro
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-31 13:59 - 2013-12-18 20:59 - 00000000 ____D C:\Users\Valiäöü\Documents\TrackMania
2013-12-31 13:51 - 2013-12-18 20:59 - 00000000 ____D C:\ProgramData\TrackMania
2013-12-27 15:38 - 2013-12-27 15:35 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 18:37 - 2013-12-25 16:48 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:53 - 2013-12-25 16:50 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:25 - 2013-12-25 16:23 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 16:20 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 15:58 - 2013-12-25 15:49 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:47 - 2013-12-25 15:36 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:28 - 2013-12-25 15:16 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 15:05 - 2013-12-25 14:49 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-09-12 05:55 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:47 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:22 - 2013-12-24 21:21 - 38691253 _____ (Dreambelievers ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 20:54 - 2013-11-18 21:17 - 00000000 ____D C:\Users\Valiäöü\Desktop\KEEPCALM
Some content of TEMP:
====================
C:\Users\FIFA Offline\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\devpro.dll
C:\Users\Valiäöü\AppData\Local\Temp\DevPro.exe
C:\Users\Valiäöü\AppData\Local\Temp\htmlayout.dll
C:\Users\Valiäöü\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Valiäöü\AppData\Local\Temp\project1.exe
C:\Users\Valiäöü\AppData\Local\Temp\Quarantine.exe
C:\Users\Valiäöü\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Valiäöü\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138819890.exe
C:\Users\Valiäöü\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-18 14:49
==================== End Of Log ============================
Addition.txt : Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2014
Ran by Valiäöü at 2014-01-21 16:42:41
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
AruaROSE v893 (x32 Version: 893 - )
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battery Calibration (x32 Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (x32 Version: - Blizzard Entertainment)
BlueStacks App Player (x32 Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (x32 Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Castle Crashers (x32 Version: - The Behemoth)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (x32 Version: - )
Creation Master 14.1 (x32 Version: - FIFA MASTER)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DartPro 2.9.0.0 (x32 Version: - RuSyS)
EPSON BX305 Plus Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version: - )
Free M4a to MP3 Converter 8.0 (x32 Version: - ManiacTools.com)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version: - Blizzard Entertainment)
HyperCam 2 (x32 Version: 2.28.01 - Hyperionics Technology LLC)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jump Flip (Version: 2014.01.16.002256 - Jump Flip) <==== ATTENTION
KB9X Radio Switch Driver (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Lazarus 1.0.12 (Version: 1.0.12 - Lazarus Team)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Remind Manager (x32 Version: 2.12.1003 - MSI)
MSI Social Media Collection (x32 Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Anti-Theft (x32 Version: 1.10.0.9 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pokemon Online 2.3.2 (x32 Version: - Dreambelievers)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - )
Roll (x32 Version: - )
SCM (Version: 13.013.04234 - Application)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster Cinema (x32 Version: 1.00.01 - Creative Technology Limited)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.017 - MSI)
TrackMania Nations ESWC 1.7.9 (x32 Version: - Nadeo)
TrackMania Nations Forever (x32 Version: - Nadeo)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Vokabel Trainer 5 (x32 Version: - Manuel Wäschle)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
XSplit Broadcaster (x32 Version: 1.3.1309.1602 - SplitMediaLabs)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
14-01-2014 19:15:11 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0712A20A-E1DF-4B2D-8C6D-C216E6B8C03F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {098E7BEA-23E9-4277-AD91-7BC15F3B6C79} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3003F08D-CD3D-40D6-958B-6E45B8374FAB} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {503EBE27-D462-4FF9-98EA-D3C73E3AD2E2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5B165D58-39AF-4565-937B-31E0514D6631} - \Advanced System Protector No Task File
Task: {6FB1BFF5-DE4B-4847-A257-DFF94BAFB991} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {71AF0919-21AF-4CC1-9630-1AB0ADD2C3A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {74D01EBA-913D-457C-B836-64C7426959A2} - \RegClean Pro No Task File
Task: {8FF40BF9-ECC7-4A03-B683-A97B278CEE28} - System32\Tasks\{1C87B510-71F4-4B03-8345-C620F11E8915} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {9480CA09-2CC2-4215-8A4B-9455965D8F62} - \RegClean Pro_UPDATES No Task File
Task: {A15D2791-E443-4E09-A3AC-F53CA4B1AA98} - \RegClean Pro_DEFAULT No Task File
Task: {A62EE018-AD91-4912-9457-41A25DDA5F45} - \Advanced System Protector_startup No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8BDB1EA-27F5-4F42-89BE-0ABB20788B63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {CABDCEAD-6014-4C10-B33D-19EC237C4007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5E2B5DB-6BDC-4F10-ACF5-6695E2AC6600} - \Express FilesUpdate No Task File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2013-09-13 00:07 - 2013-09-13 00:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-07-26 00:29 - 2012-07-26 04:06 - 00924672 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2012-07-26 00:26 - 2012-07-26 04:06 - 00720384 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2013-04-28 00:44 - 2013-03-12 21:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
Der angeforderte Dienst wurde bereits gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.
==================== Memory info ===========================
Percentage of memory in use: 34%
Total physical RAM: 8111.66 MB
Available physical RAM: 5342.73 MB
Total Pagefile: 13487.66 MB
Available Pagefile: 10117.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:469.36 GB) (Free:323.33 GB) NTFS
Drive d: (Data) (Fixed) (Total:209.58 GB) (Free:98.81 GB) NTFS
Drive e: (RCTYCOON) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4CC0E3F6)
Partition: GPT Partition Type
==================== End Of Log ============================
Weiterhin vielen Dank für die Unterstützun! |
|
22.01.2014, 10:37
| #6 |
| /// the machine /// TB-Ausbilder | JS/Kromtracker Viren u.a.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> JS/Kromtracker Viren u.a. |
|
22.01.2014, 16:12
| #7 |
| | JS/Kromtracker Viren u.a. Hallo! Hier der Log vom ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2e94406cedbcbb418190d3902a0f7b23
# engine=16748
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-22 11:43:11
# local_time=2014-01-22 12:43:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 6071 11364154 2436 0
# compatibility_mode=5893 16776574 100 94 2848868 23286609 0 0
# scanned=314677
# found=1
# cleaned=0
# scan_time=5704
sh=4663ED4D796C718A09B37C2891C456FF0D5D5E0B ft=1 fh=5e50dd5f7db39132 vn="Win32/AdWare.1ClickDownload.AQ application" ac=I fn="C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
Hier der von SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 0.99.79 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Defender Avira Desktop Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Java 7 Update 45 Java version out of Date! Google Chrome 31.0.1650.63 Google Chrome 32.0.1700.76 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Und hier die FRST- Textdateien: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 01
Ran by Valiäöü (administrator) on LAPPI on 22-01-2014 16:10:00
Running from C:\Users\Public\Documents
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRE.EXE
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [EPSONCEF5A2 (Epson Stylus Office BX305 Plus)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {86092E39-277A-42CE-8D21-1C344B57E52B} URL =
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-13]
CHR Extension: (Google Drive) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-13]
CHR Extension: (YouTube) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-13]
CHR Extension: (Google-Suche) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-13]
CHR Extension: (Google Wallet) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2013-09-13]
==================== Services (Whitelisted) =================
U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
U2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.)
U2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI)
U2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
U3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
U2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
U2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
U2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
U3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation )
U0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
U0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-22 16:09 - 2014-01-22 16:09 - 00000000 ____D C:\Users\Public\Documents\FRST-OlderVersion
2014-01-22 16:06 - 2014-01-22 16:06 - 00987425 _____ C:\Users\Public\Documents\SecurityCheck.exe
2014-01-22 11:04 - 2014-01-22 11:04 - 02347384 _____ (ESET) C:\Users\Public\Documents\esetsmartinstaller_enu.exe
2014-01-21 21:25 - 2014-01-21 21:25 - 00084969 _____ C:\Users\Public\Documents\Hilferuf aus einer anderen Zeit.odt
2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-20 21:38 - 2014-01-22 16:10 - 00016927 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:38 - 2014-01-21 16:43 - 00020307 _____ C:\Users\Public\Documents\Addition.txt
2014-01-20 21:34 - 2014-01-22 16:09 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-22 16:09 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:54 - 2014-01-20 20:23 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:54 - 2014-01-21 16:27 - 00000000 ____D C:\AdwCleaner
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:44 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:39 - 2014-01-19 19:40 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 17:32 - 2014-01-19 19:33 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 16:07 - 2014-01-19 19:17 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-15 17:31 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 17:31 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 17:31 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 17:31 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 17:31 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 17:31 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 17:31 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 17:31 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 17:31 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-12 12:50 - 2009-09-30 18:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBHRE.DLL
2014-01-12 12:50 - 2008-11-11 18:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHRE.DLL
2014-01-12 12:50 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-27 15:35 - 2013-12-27 15:38 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 16:50 - 2013-12-25 16:53 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 18:37 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:23 - 2013-12-25 16:25 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 15:49 - 2013-12-25 15:58 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:36 - 2013-12-25 15:47 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:16 - 2013-12-25 15:28 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:55 - 2014-01-19 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:52 - 2014-01-19 20:55 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2013-12-25 14:51 - 2013-12-25 16:20 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2014-01-19 20:56 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-02-22 19:12 - 00002110 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-25 14:49 - 2013-12-25 15:05 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:49 - 2013-09-26 21:04 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 14:49 - 2013-09-16 22:03 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:23 - 2013-12-24 21:47 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:21 - 2013-12-24 21:22 - 38691253 _____ (Dreambelievers ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 12:29 - 2014-01-19 13:20 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
==================== One Month Modified Files and Folders =======
2014-01-22 16:10 - 2014-01-20 21:38 - 00016927 _____ C:\Users\Public\Documents\FRST.txt
2014-01-22 16:09 - 2014-01-22 16:09 - 00000000 ____D C:\Users\Public\Documents\FRST-OlderVersion
2014-01-22 16:09 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-22 16:09 - 2014-01-20 21:33 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-22 16:06 - 2014-01-22 16:06 - 00987425 _____ C:\Users\Public\Documents\SecurityCheck.exe
2014-01-22 16:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-22 14:17 - 2013-09-12 05:53 - 00065273 _____ C:\Users\Valiäöü\AppData\Local\BTServer.log
2014-01-22 13:58 - 2013-09-12 05:51 - 01179291 _____ C:\Windows\WindowsUpdate.log
2014-01-22 13:53 - 2013-04-28 00:51 - 00000000 ____D C:\ProgramData\Realtek
2014-01-22 13:24 - 2013-09-13 00:09 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 12:43 - 2013-09-12 23:44 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1002
2014-01-22 12:16 - 2013-09-26 18:00 - 00000000 ____D C:\Users\Valiäöü\Documents\FIFA 14
2014-01-22 11:04 - 2014-01-22 11:04 - 02347384 _____ (ESET) C:\Users\Public\Documents\esetsmartinstaller_enu.exe
2014-01-22 11:01 - 2013-09-13 00:09 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 11:01 - 2013-04-28 00:49 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-21 21:25 - 2014-01-21 21:25 - 00084969 _____ C:\Users\Public\Documents\Hilferuf aus einer anderen Zeit.odt
2014-01-21 18:32 - 2013-09-25 15:37 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-21 16:51 - 2013-09-25 15:31 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CrashDumps
2014-01-21 16:43 - 2014-01-20 21:38 - 00020307 _____ C:\Users\Public\Documents\Addition.txt
2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:35 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:27 - 2014-01-20 16:54 - 00000000 ____D C:\AdwCleaner
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:15 - 2013-02-22 08:00 - 00779826 _____ C:\Windows\PFRO.log
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-20 21:26 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\VirtualStore
2014-01-20 21:23 - 2013-11-12 20:46 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Windows Live
2014-01-20 20:23 - 2014-01-20 18:54 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:45 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 21:46 - 2013-09-13 03:01 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Skype
2014-01-19 20:56 - 2013-12-25 14:50 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2014-01-19 20:55 - 2013-12-25 14:52 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:40 - 2014-01-19 19:39 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:33 - 2014-01-19 17:32 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 19:17 - 2014-01-19 16:07 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 18:30 - 2013-12-25 14:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2014-01-19 17:38 - 2013-10-05 20:48 - 00131072 ___SH C:\Users\Valiäöü\Downloads\Thumbs.db
2014-01-19 17:32 - 2013-09-13 03:01 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:32 - 2013-09-13 03:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 13:20 - 2013-12-23 12:29 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
2014-01-18 22:46 - 2013-09-18 20:52 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Spotify
2014-01-18 18:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-18 14:26 - 2013-09-13 00:11 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 13:29 - 2013-02-22 09:34 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-18 13:29 - 2013-02-22 09:34 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-18 13:29 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 21:54 - 2013-09-13 00:21 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\PMB Files
2014-01-16 17:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-15 22:12 - 2013-09-13 00:21 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 18:08 - 2013-09-18 20:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Spotify
2014-01-15 17:54 - 2013-09-15 19:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:52 - 2013-09-15 19:32 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 21:13 - 2013-10-16 18:57 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Audacity
2014-01-12 21:13 - 2013-09-13 00:56 - 00000000 ____D C:\Users\Valiäöü\Desktop\Neuer Ordner
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 16:24 - 2013-12-15 12:14 - 00072704 ___SH C:\Users\Valiäöü\Documents\Thumbs.db
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-09 09:02 - 2013-12-12 16:57 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-12 16:57 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:00 - 2013-11-16 16:13 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Battle.net
2014-01-08 20:44 - 2013-11-05 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 18:09 - 2013-09-22 12:13 - 00000000 ____D C:\Users\Valiäöü\.gimp-2.8
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-08 18:05 - 2013-09-22 12:15 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\gtk-2.0
2014-01-08 17:10 - 2013-11-16 16:21 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-07 20:36 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-04 17:43 - 2013-09-25 15:41 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-04 14:25 - 2013-09-13 01:08 - 00000000 ____D C:\Users\Valiäöü\Desktop\ProtzischesRPGInventar
2014-01-04 13:42 - 2012-07-26 08:21 - 00040377 _____ C:\Windows\setupact.log
2014-01-03 21:16 - 2013-09-18 20:03 - 00000000 ____D C:\Program Files (x86)\DevPro
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-31 13:59 - 2013-12-18 20:59 - 00000000 ____D C:\Users\Valiäöü\Documents\TrackMania
2013-12-31 13:51 - 2013-12-18 20:59 - 00000000 ____D C:\ProgramData\TrackMania
2013-12-27 15:38 - 2013-12-27 15:35 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 18:37 - 2013-12-25 16:48 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:53 - 2013-12-25 16:50 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:25 - 2013-12-25 16:23 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 16:20 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 15:58 - 2013-12-25 15:49 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:47 - 2013-12-25 15:36 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:28 - 2013-12-25 15:16 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 15:05 - 2013-12-25 14:49 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-09-12 05:55 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:47 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:22 - 2013-12-24 21:21 - 38691253 _____ (Dreambelievers ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 20:54 - 2013-11-18 21:17 - 00000000 ____D C:\Users\Valiäöü\Desktop\KEEPCALM
Some content of TEMP:
====================
C:\Users\FIFA Offline\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\devpro.dll
C:\Users\Valiäöü\AppData\Local\Temp\DevPro.exe
C:\Users\Valiäöü\AppData\Local\Temp\htmlayout.dll
C:\Users\Valiäöü\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Valiäöü\AppData\Local\Temp\project1.exe
C:\Users\Valiäöü\AppData\Local\Temp\Quarantine.exe
C:\Users\Valiäöü\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Valiäöü\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138819890.exe
C:\Users\Valiäöü\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-18 14:49
==================== End Of Log ============================
Addition.txt : Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2014 01
Ran by Valiäöü at 2014-01-22 16:10:32
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
AruaROSE v893 (x32 Version: 893 - )
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battery Calibration (x32 Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (x32 Version: - Blizzard Entertainment)
BlueStacks App Player (x32 Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (x32 Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Castle Crashers (x32 Version: - The Behemoth)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (x32 Version: - )
Creation Master 14.1 (x32 Version: - FIFA MASTER)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DartPro 2.9.0.0 (x32 Version: - RuSyS)
EPSON BX305 Plus Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version: - )
Free M4a to MP3 Converter 8.0 (x32 Version: - ManiacTools.com)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version: - Blizzard Entertainment)
HyperCam 2 (x32 Version: 2.28.01 - Hyperionics Technology LLC)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jump Flip (Version: 2014.01.16.002256 - Jump Flip) <==== ATTENTION
KB9X Radio Switch Driver (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Lazarus 1.0.12 (Version: 1.0.12 - Lazarus Team)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Remind Manager (x32 Version: 2.12.1003 - MSI)
MSI Social Media Collection (x32 Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Anti-Theft (x32 Version: 1.10.0.9 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pokemon Online 2.3.2 (x32 Version: - Dreambelievers)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - )
Roll (x32 Version: - )
SCM (Version: 13.013.04234 - Application)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster Cinema (x32 Version: 1.00.01 - Creative Technology Limited)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.017 - MSI)
TrackMania Nations ESWC 1.7.9 (x32 Version: - Nadeo)
TrackMania Nations Forever (x32 Version: - Nadeo)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Vokabel Trainer 5 (x32 Version: - Manuel Wäschle)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
XSplit Broadcaster (x32 Version: 1.3.1309.1602 - SplitMediaLabs)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0712A20A-E1DF-4B2D-8C6D-C216E6B8C03F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {098E7BEA-23E9-4277-AD91-7BC15F3B6C79} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3003F08D-CD3D-40D6-958B-6E45B8374FAB} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {503EBE27-D462-4FF9-98EA-D3C73E3AD2E2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5B165D58-39AF-4565-937B-31E0514D6631} - \Advanced System Protector No Task File
Task: {6FB1BFF5-DE4B-4847-A257-DFF94BAFB991} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {71AF0919-21AF-4CC1-9630-1AB0ADD2C3A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {74D01EBA-913D-457C-B836-64C7426959A2} - \RegClean Pro No Task File
Task: {8FF40BF9-ECC7-4A03-B683-A97B278CEE28} - System32\Tasks\{1C87B510-71F4-4B03-8345-C620F11E8915} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {9480CA09-2CC2-4215-8A4B-9455965D8F62} - \RegClean Pro_UPDATES No Task File
Task: {A15D2791-E443-4E09-A3AC-F53CA4B1AA98} - \RegClean Pro_DEFAULT No Task File
Task: {A62EE018-AD91-4912-9457-41A25DDA5F45} - \Advanced System Protector_startup No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8BDB1EA-27F5-4F42-89BE-0ABB20788B63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {CABDCEAD-6014-4C10-B33D-19EC237C4007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5E2B5DB-6BDC-4F10-ACF5-6695E2AC6600} - \Express FilesUpdate No Task File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-04-28 01:02 - 2012-11-01 19:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2013-09-13 00:07 - 2013-09-13 00:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-28 00:44 - 2013-03-12 21:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-07-26 00:29 - 2012-07-26 04:06 - 00924672 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2012-07-26 00:26 - 2012-07-26 04:06 - 00720384 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2013-09-25 15:39 - 2013-11-28 21:24 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 19:57 - 2012-06-14 19:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-16 04:15 - 2011-08-16 04:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 00:41 - 2011-08-18 00:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 19:56 - 2012-06-14 19:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 20:06 - 2012-06-14 20:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 19:55 - 2012-06-14 19:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-20 00:05 - 2011-07-20 00:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-16 04:17 - 2011-08-16 04:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-20 00:04 - 2011-07-20 00:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 8111.66 MB
Available physical RAM: 4846.53 MB
Total Pagefile: 13487.66 MB
Available Pagefile: 9602.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:469.36 GB) (Free:334.28 GB) NTFS
Drive d: (Data) (Fixed) (Total:209.58 GB) (Free:98.76 GB) NTFS
Drive e: (RCTYCOON) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4CC0E3F6)
Partition: GPT Partition Type
==================== End Of Log ============================
Ansonsten fühlt sich mein Computer eigentlich ganz normal an. Kann dadurch jetzt was kaputtgegangen sein? Danke weiterhin! Grüße! |
|
23.01.2014, 09:01
| #8 |
| /// the machine /// TB-Ausbilder | JS/Kromtracker Viren u.a. Nee Java updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.01.2014, 16:34
| #9 |
| | JS/Kromtracker Viren u.a. Vielen Dank für alles! Ist nun alles erledigt! |
|
24.01.2014, 09:33
| #10 |
| /// the machine /// TB-Ausbilder | JS/Kromtracker Viren u.a. Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
