| |
| |||||||
Log-Analyse und Auswertung: MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.02.2014, 13:52
| #1 |
 |  MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) Hallo wie schon oben angegeben hat der MBAM nach dem scan folgende infizierte Datei gefunden: C:\ProgramData\WebTect\trzF037.tmp (Trojan.SProtector) wollte mal Nachfragen ob ich mir sorgen machen muss und wie ich jetzt vorgehen soll, die Datei WebTect finde ich auch unter systemsteurung Programme deinstallieren krieg Sie aber nicht entfernt. (konnte nicht entfernt werden, angegebene Modul wurde nicht gefunden...) MBAM LOG: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.05.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16750 Charlie :: CHARLIE-VAIO [Administrator] 05.02.2014 10:30:29 MBAM-log-2014-02-05 (12-57-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|M:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 601253 Laufzeit: 2 Stunde(n), 26 Minute(n), 40 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\ProgramData\WebTect\trzF037.tmp (Trojan.SProtector) -> Keine Aktion durchgeführt. (Ende) defogger log: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:07 on 05/02/2014 (Charlie)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Log: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Charlie (administrator) on CHARLIE-VAIO on 05-02-2014 13:09:29
Running from C:\Users\Charlie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Charlie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
() C:\Users\Charlie\Downloads\Defogger.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Cm112Sound] - C:\Windows\Syswow64\cm112.dll [8146944 2009-12-08] (C-Media Corporation)
HKLM\...\Run: [Cm112GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cm112GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Cm108Sound] - C:\Windows\Syswow64\cm108.dll [8146944 2012-04-10] (C-Media Corporation)
HKLM\...\Run: [BCSSync] - M:\Programme\Microsoft Office 2010\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-05] (AVAST Software)
HKU\S-1-5-21-1747016203-3155398904-578371931-1000\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [455744 2013-12-10] (BillP Studios)
Startup: C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Charlie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE9475A899D9ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {408B6B9F-154A-48A3-8E6A-92804D1F51B0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {7C2F6073-2FC5-43D2-9D96-8840CFA6F129} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKCU - {AC457CC2-2E7A-4F6A-825D-25123C566EF2} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: HappY2Save - {1576E68C-2DA7-962E-2453-0A5827EF7F4C} - C:\ProgramData\HappY2Save\bGeK_PvhbO.x64.dll No File
BHO: SHaoppDRop - {2C805D62-2703-F2E5-DCD4-0239AEA49A03} - C:\ProgramData\SHaoppDRop\H7YuTsJgnw.x64.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - M:\Programme\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CoupExtenesiOn - {77CA3678-3090-C527-7918-27D7B78D4A8E} - C:\ProgramData\CoupExtenesiOn\q.x64.dll No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - M:\Programme\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SavERExtension - {E62BCD8F-2460-7E01-529D-3EB6E8EF3C72} - C:\ProgramData\SavERExtension\4IPdsdMDGz.x64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\vz8eyhrb.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - M:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - M:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - M:\Programme\WebDivix\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - M:\Programme\WebDivix\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Charlie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Charlie\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - M:\Programme\WebDivix\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - M:\Programme\WebDivix\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-17]
Chrome:
=======
CHR Extension: (ProxTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-28]
CHR Extension: (Google Docs) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (WOT) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-18]
CHR Extension: (YouTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google-Suche) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (AdBlock) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-14]
CHR Extension: (Google Mail) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR Extension: (SHaoppDRop) - C:\ProgramData\bddnngaocglmnfhcpcjmoomohjiobgoo [2014-01-01]
CHR Extension: (HappY2Save) - C:\ProgramData\daedbbfaebjgclnoijiekplilobacoia [2014-01-01]
CHR Extension: (SavERExtension) - C:\ProgramData\phmpmlianadbfifbhfcijdlhgcnfjccn [2014-01-01]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - M:\Programme\WebDivix\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-05] (AVAST Software)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; M:\Programme\Microsoft Office 2010\Office14\GROOVE.EXE [50921648 2013-03-09] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe [38926 2011-05-20] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-07-29] (Secunia)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe [4999680 2011-07-27] (Moonware Studios)
S2 05837205; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~1\BrowserfasterSvc.dll",service
S2 5717af3d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~2\BrowserEnhancerSvc.dll",service
S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service
==================== Drivers (Whitelisted) ====================
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1312256 2010-12-15] (C-Media Electronics Inc)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-05] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-09] ()
S3 catchme; C:\uninstall.exe [0 2014-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-01] (DT Soft Ltd)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-04-24] (Gemalto)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-05 13:09 - 2014-02-05 13:09 - 00025928 _____ () C:\Users\Charlie\Downloads\FRST.txt
2014-02-05 13:09 - 2014-02-05 13:09 - 00000000 ____D () C:\FRST
2014-02-05 13:08 - 2014-02-05 13:09 - 02080256 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2014-02-05 13:08 - 2014-02-05 13:08 - 00000476 _____ () C:\Users\Charlie\Downloads\defogger_disable.log
2014-02-05 13:07 - 2014-02-05 13:07 - 00050477 _____ () C:\Users\Charlie\Downloads\Defogger.exe
2014-02-05 13:07 - 2014-02-05 13:07 - 00000476 _____ () C:\Users\Charlie\Desktop\defogger_disable.log
2014-02-05 13:07 - 2014-02-05 13:07 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2014-02-05 10:32 - 2014-02-05 10:32 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-04 12:58 - 2014-02-04 12:58 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{7508AF87-8CEC-44B3-9E10-C0B31A9DCB70}
2014-01-29 12:14 - 2014-01-29 12:14 - 00628195 _____ () C:\Users\Charlie\Downloads\MTH4105_chap10.mw
2014-01-26 17:07 - 2014-01-26 17:07 - 03583488 _____ () C:\Users\Charlie\Downloads\Brandschutz - Bemessungsprogramm H-Fire-Temp1-04-1.xls
2014-01-26 14:32 - 2014-01-26 14:32 - 00001954 _____ () C:\Users\Public\Desktop\s+v Planungssoftware.lnk
2014-01-26 14:32 - 2014-01-26 14:32 - 00000000 ____D () C:\Program Files (x86)\s+v Planungssoftware
2014-01-26 14:31 - 2014-01-26 14:31 - 22685424 _____ () C:\Users\Charlie\Downloads\sundv_planungssoftware_setup.zip
2014-01-25 10:18 - 2014-01-25 10:18 - 00000000 ____D () C:\Users\Charlie\Downloads\TBOD
2014-01-23 14:38 - 2014-01-23 14:43 - 132554053 _____ () C:\Users\Charlie\Downloads\Baudynamik & Mathe - Arbeitsordner.zip
2014-01-23 14:30 - 2014-01-23 14:31 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{C10A9BAB-2E90-4AEE-AB7E-77C9C2FB2F96}
2014-01-22 21:43 - 2014-01-22 22:31 - 420667950 _____ () C:\Users\Charlie\Downloads\TBOD.rar
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\WinPatrol
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-01-17 10:14 - 2014-01-17 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 10:14 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 10:14 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 10:14 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 10:14 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-17 10:13 - 2014-01-17 10:14 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 16:33 - 2014-01-16 16:34 - 00001348 _____ () C:\DelFix.txt
2014-01-16 16:20 - 2014-01-16 16:20 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{52C36FBE-6050-43F5-8C09-F1B66DE1C9B3}
2014-01-16 16:05 - 2014-01-16 16:28 - 00000000 ____D () C:\uninstall.exe
2014-01-16 09:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 09:21 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 09:21 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:05 - 2014-02-05 13:10 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 20:05 - 2014-02-05 13:00 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 20:05 - 2014-01-14 20:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-14 20:05 - 2014-01-14 20:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-14 20:05 - 2014-01-14 20:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-14 19:58 - 2014-01-14 19:58 - 00057671 _____ () C:\Users\Charlie\Desktop\bookmarks_14.01.14.html
2014-01-14 19:36 - 2014-01-14 19:36 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{AC5BD1BE-FC7F-447A-9BA8-7A8094F2CFA9}
2014-01-12 18:50 - 2014-01-12 18:50 - 00613833 _____ () C:\Users\Charlie\Downloads\6.2 Dreieckselemente SD32.zip
2014-01-10 17:17 - 2014-01-12 11:14 - 00000000 ____D () C:\Users\Charlie\Downloads\FRST-OlderVersion
2014-01-10 17:02 - 2014-01-16 16:33 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 16:48 - 2014-02-05 12:59 - 00005540 _____ () C:\Windows\PFRO.log
2014-01-10 14:01 - 2014-02-05 10:24 - 00075135 _____ () C:\Windows\IE11_main.log
2014-01-09 22:07 - 2014-02-05 12:59 - 00002016 _____ () C:\Windows\setupact.log
2014-01-09 22:07 - 2014-01-09 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-09 16:40 - 2014-02-05 10:31 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-08 20:16 - 2014-01-08 20:16 - 00000406 _____ () C:\Windows\system32\.crusader
2014-01-08 19:47 - 2014-01-08 19:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-01-08 19:45 - 2014-01-08 21:33 - 00000000 ____D () C:\ProgramData\HitmanPro
==================== One Month Modified Files and Folders =======
2014-02-05 13:10 - 2014-01-14 20:05 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 13:09 - 2014-02-05 13:09 - 00025928 _____ () C:\Users\Charlie\Downloads\FRST.txt
2014-02-05 13:09 - 2014-02-05 13:09 - 00000000 ____D () C:\FRST
2014-02-05 13:09 - 2014-02-05 13:08 - 02080256 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2014-02-05 13:09 - 2011-07-01 17:45 - 01759613 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 13:08 - 2014-02-05 13:08 - 00000476 _____ () C:\Users\Charlie\Downloads\defogger_disable.log
2014-02-05 13:07 - 2014-02-05 13:07 - 00050477 _____ () C:\Users\Charlie\Downloads\Defogger.exe
2014-02-05 13:07 - 2014-02-05 13:07 - 00000476 _____ () C:\Users\Charlie\Desktop\defogger_disable.log
2014-02-05 13:07 - 2014-02-05 13:07 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2014-02-05 13:07 - 2011-07-01 17:45 - 00000000 ____D () C:\Users\Charlie
2014-02-05 13:04 - 2011-11-26 12:18 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Dropbox
2014-02-05 13:02 - 2011-05-10 04:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-05 13:01 - 2011-11-26 12:20 - 00000000 ___RD () C:\Users\Charlie\Dropbox
2014-02-05 13:00 - 2014-01-14 20:05 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-05 12:59 - 2014-01-10 16:48 - 00005540 _____ () C:\Windows\PFRO.log
2014-02-05 12:59 - 2014-01-09 22:07 - 00002016 _____ () C:\Windows\setupact.log
2014-02-05 12:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 12:58 - 2012-10-22 11:07 - 00000660 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2012.job
2014-02-05 12:57 - 2013-12-31 01:09 - 00000000 ____D () C:\ProgramData\WebTect
2014-02-05 12:13 - 2011-07-15 07:39 - 00011161 _____ () C:\test.xml
2014-02-05 11:59 - 2011-10-12 17:25 - 00000642 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2011.job
2014-02-05 11:53 - 2011-07-06 23:44 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000UA.job
2014-02-05 10:40 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 10:40 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 10:32 - 2014-02-05 10:32 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-05 10:32 - 2012-08-05 03:26 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-05 10:31 - 2014-01-09 16:40 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-05 10:31 - 2011-07-21 14:30 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-05 10:31 - 2011-07-21 14:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-05 10:24 - 2014-01-10 14:01 - 00075135 _____ () C:\Windows\IE11_main.log
2014-02-05 10:22 - 2013-11-29 11:06 - 00000000 ____D () C:\Users\Charlie\Desktop\FH AACHEN MASTER
2014-02-05 10:18 - 2011-07-02 20:13 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Adobe
2014-02-05 10:17 - 2013-03-03 13:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 10:17 - 2011-07-02 00:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 10:05 - 2011-07-06 23:44 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000Core.job
2014-02-05 10:03 - 2011-05-10 14:19 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-02-05 10:03 - 2011-05-10 14:19 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-02-05 10:03 - 2009-07-14 06:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-05 09:48 - 2012-10-22 11:07 - 00000504 _____ () C:\Windows\Tasks\AutoUpdate Allplan 2012.job
2014-02-05 09:48 - 2011-10-12 17:25 - 00000496 _____ () C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job
2014-02-04 20:54 - 2011-07-01 17:52 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2ABB2932-AA29-4351-B409-8136CB98F6A6}
2014-02-04 12:58 - 2014-02-04 12:58 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{7508AF87-8CEC-44B3-9E10-C0B31A9DCB70}
2014-01-31 17:43 - 2012-11-07 13:46 - 00001440 _____ () C:\Users\Charlie\AppData\Local\FriloWebInfo.html
2014-01-31 17:42 - 2012-11-07 13:39 - 00000000 ____D () C:\Users\Charlie\AppData\Local\5a4cf8ca-080e-48f6-b512-229638b7ce10
2014-01-30 18:55 - 2011-07-01 20:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 14:10 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-01-29 12:15 - 2013-11-20 12:38 - 00000000 ____D () C:\Users\Charlie\.maplesoft
2014-01-29 12:14 - 2014-01-29 12:14 - 00628195 _____ () C:\Users\Charlie\Downloads\MTH4105_chap10.mw
2014-01-26 22:25 - 2012-03-06 16:33 - 00000000 ____D () C:\Users\Charlie\AppData\Local\FreePDF_XP
2014-01-26 22:24 - 2012-03-15 15:33 - 00000289 _____ () C:\Users\Charlie\Documents\plot.log
2014-01-26 21:49 - 2011-07-01 22:29 - 00000000 ____D () C:\Users\Charlie\AppData\Local\cache
2014-01-26 17:07 - 2014-01-26 17:07 - 03583488 _____ () C:\Users\Charlie\Downloads\Brandschutz - Bemessungsprogramm H-Fire-Temp1-04-1.xls
2014-01-26 14:58 - 2011-07-01 17:47 - 00000000 ____D () C:\Users\Charlie\AppData\Local\VirtualStore
2014-01-26 14:32 - 2014-01-26 14:32 - 00001954 _____ () C:\Users\Public\Desktop\s+v Planungssoftware.lnk
2014-01-26 14:32 - 2014-01-26 14:32 - 00000000 ____D () C:\Program Files (x86)\s+v Planungssoftware
2014-01-26 14:31 - 2014-01-26 14:31 - 22685424 _____ () C:\Users\Charlie\Downloads\sundv_planungssoftware_setup.zip
2014-01-26 13:22 - 2013-11-30 13:31 - 00000000 ____D () C:\Users\Charlie\Downloads\FH AC STUD DOKU
2014-01-26 11:36 - 2011-07-01 18:36 - 00000000 ____D () C:\Users\Charlie\AppData\Local\MediaMonkey
2014-01-25 10:18 - 2014-01-25 10:18 - 00000000 ____D () C:\Users\Charlie\Downloads\TBOD
2014-01-23 14:43 - 2014-01-23 14:38 - 132554053 _____ () C:\Users\Charlie\Downloads\Baudynamik & Mathe - Arbeitsordner.zip
2014-01-23 14:31 - 2014-01-23 14:30 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{C10A9BAB-2E90-4AEE-AB7E-77C9C2FB2F96}
2014-01-22 22:31 - 2014-01-22 21:43 - 420667950 _____ () C:\Users\Charlie\Downloads\TBOD.rar
2014-01-22 21:12 - 2012-11-07 13:34 - 00000852 _____ () C:\Users\Public\Desktop\FriloSystemNext.lnk
2014-01-22 21:12 - 2012-11-07 13:34 - 00000000 ____D () C:\ProgramData\Frilo2010
2014-01-22 21:12 - 2011-07-01 20:07 - 00000000 ____D () C:\Program Files (x86)\Frilo
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\WinPatrol
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-01-18 00:37 - 2013-01-17 14:23 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-17 10:14 - 2014-01-17 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 10:14 - 2014-01-17 10:13 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 10:14 - 2011-05-10 04:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-17 00:02 - 2013-08-31 11:25 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\vlc
2014-01-16 16:51 - 2009-07-14 05:45 - 00556072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 16:40 - 2013-08-22 20:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 16:36 - 2011-07-01 19:06 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 16:34 - 2014-01-16 16:33 - 00001348 _____ () C:\DelFix.txt
2014-01-16 16:33 - 2014-01-10 17:02 - 00000000 ____D () C:\Windows\ERUNT
2014-01-16 16:28 - 2014-01-16 16:05 - 00000000 ____D () C:\uninstall.exe
2014-01-16 16:23 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-16 16:22 - 2014-01-01 16:05 - 00000000 ____D () C:\ProgramData\Browser Enhancer
2014-01-16 16:22 - 2013-12-31 13:18 - 00000000 ____D () C:\ProgramData\Browser faster
2014-01-16 16:20 - 2014-01-16 16:20 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{52C36FBE-6050-43F5-8C09-F1B66DE1C9B3}
2014-01-14 20:06 - 2014-01-14 20:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-14 20:06 - 2011-07-01 18:00 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Google
2014-01-14 20:05 - 2014-01-14 20:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-14 20:05 - 2014-01-14 20:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-14 19:58 - 2014-01-14 19:58 - 00057671 _____ () C:\Users\Charlie\Desktop\bookmarks_14.01.14.html
2014-01-14 19:36 - 2014-01-14 19:36 - 00000000 ____D () C:\Users\Charlie\AppData\Local\{AC5BD1BE-FC7F-447A-9BA8-7A8094F2CFA9}
2014-01-12 18:50 - 2014-01-12 18:50 - 00613833 _____ () C:\Users\Charlie\Downloads\6.2 Dreieckselemente SD32.zip
2014-01-12 11:14 - 2014-01-10 17:17 - 00000000 ____D () C:\Users\Charlie\Downloads\FRST-OlderVersion
2014-01-09 22:07 - 2014-01-09 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-09 17:27 - 2011-02-10 23:48 - 00000000 ____D () C:\Windows\Panther
2014-01-09 17:26 - 2011-07-15 06:59 - 00000000 ____D () C:\Windows\Minidump
2014-01-09 17:26 - 2011-07-02 00:52 - 00000000 ____D () C:\Users\Charlie\AppData\Local\CrashDumps
2014-01-09 16:39 - 2013-07-26 13:01 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-09 16:38 - 2011-11-10 21:55 - 00000000 ____D () C:\Windows\ERDNT
2014-01-08 21:33 - 2014-01-08 19:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-01-08 20:16 - 2014-01-08 20:16 - 00000406 _____ () C:\Windows\system32\.crusader
2014-01-08 19:47 - 2014-01-08 19:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-01-08 19:33 - 2014-01-01 16:16 - 00000000 ____D () C:\ProgramData\CoupExtenesiOn
2014-01-08 14:30 - 2011-07-01 17:47 - 00000000 ___RD () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 14:29 - 2011-11-26 12:19 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Files to move or delete:
====================
C:\ProgramData\UninstallFrilo.Exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 11:27
==================== End Of Log ============================
--- --- --- Addition Log: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2014
Ran by Charlie at 2014-02-05 13:10:07
Running from C:\Users\Charlie\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638 - Adobe Systems, Inc.)
Alps Pointing-device for VAIO (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.444 - ArcSoft)
ASUS Xonar U3 Audio (Version: - )
Atheros WiFi Driver Installation (x32 Version: 3.0 - Atheros)
AutoCAD 2012 - Deutsch (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - Deutsch (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - Deutsch (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Content Service (x32 Version: 2.0.90 - Autodesk)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion Plugin for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion Plugin Language Pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Material Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (x32 Version: 2.5.0.8 - Autodesk)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Bing Bar (x32 Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (Version: 7.3.0.95 - Atheros Communications)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Browser Enhancer (x32 Version: - Goingo)
Browser faster (x32 Version: - Surfnet)
Canon MG5100 series Benutzerregistrierung (x32 Version: - )
Canon MG5100 series MP Drivers (Version: - )
Canon MP490 series MP Drivers (Version: - )
CCleaner (Version: 3.12 - Piriform)
Conexant HD Audio (Version: 8.54.0.53 - Conexant)
CyberGhost 5 (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.40.2.0131 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
Defraggler (Version: 2.08 - Piriform)
DivX-Setup (x32 Version: 2.6.1.9 - DivX, LLC)
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
eDocPrinter PDF Pro 6.83(x64) MSI (Version: 6.83.6171 - ITeksoft Corporation)
eDocPrintPro v3.17.0 (Version: 3.17.0 - MAY-Computer)
Epson Easy Photo Print 2 (x32 Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (x32 Version: 2.30.00 - SEIKO EPSON Corporation)
EPSON Scan (x32 Version: - )
Epson Stylus SX510W_TX550W Handbuch (x32 Version: - )
EPSON SX510W Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EpsonNet Setup (x32 Version: 3.1a - SEIKO EPSON CORPORATION)
ESS Energie Indikator (x32 Version: 2011.0 - Nemetschek Allplan GmbH)
Facebook Messenger 2.1.4814.0 (x32 Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
FARO LS 1.1.406.58 (x32 Version: 4.6.58.2 - FARO Scanner Production)
FH-Aachen OpenVPN 2.2.0 (x32 Version: 2.2.0 - )
FILSHtray (x32 Version: 0.12 - FILSH Media GmbH)
Firebird 2.5.1.26351 (Win32) (x32 Version: 2.5.1.26351 - Firebird Project)
Foto-Mosaik-Edda Standard V6.8.12318.1 (x32 Version: - Steffen Schirmer)
FreeOCR 3.0 (Version: 3.0 - Free OCR)
FreePDF (Remove only) (x32 Version: - )
Frilo (x32 Version: - )
Frilo Installation (x32 Version: 1.0.0 - Frilo)
Frilo.System.Next (x32 Version: 3.11.27 - Friedrich + Lochner GmbH)
FriloBase (x32 Version: 1.0.0 - Friedrich + Lochner GmbH)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
General Runtime Files for Allplan 2011-1-5 (x32 Version: 1.3.0.0 - Nemetschek Allplan GmbH) Hidden
General Runtime Files for Allplan 2012-1 Release (x32 Version: 1.6.0.0 - Nemetschek Allplan GmbH) Hidden
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.165 - Google Inc.) Hidden
GPL Ghostscript (Version: 9.04 - Artifex Software Inc.)
gs_x64 (Version: 9.00 - MAY-Computer)
HitmanPro 3.7 (Version: 3.7.8.208 - SurfRight B.V.)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (Version: 28.0.1315.0 - Hewlett-Packard Co.)
iFunbox (v2.0.2103.725), iFunbox DevTeam (x32 Version: v2.0.2103.725 - )
ImgBurn (x32 Version: 2.5.6.0 - LIGHTNING UK!)
InfoCAD Studienversion 13.0a (x32 Version: - InfoGraph GmbH, Kackertstrasse 10, 52072 Aachen, Germany)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)
-isb cad- 2013 Academy (x32 Version: 26.00.0000 - GLASER -isb cad- Programmsysteme GmbH) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (Version: 1.7.0.250 - Oracle)
Java(TM) 6 Update 29 (x32 Version: 6.0.290 - Oracle)
Java(TM) SE Development Kit 7 Update 1 (64-bit) (Version: 1.7.0.10 - Oracle)
Java(TM) SE Development Kit 7 Update 3 (64-bit) (Version: 1.7.0.30 - Oracle)
JavaFX 2.0.3 (64-bit) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.0.3 SDK (64-bit) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.1.0 (x32 Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Maple 16 (Version: - Maplesoft)
Maple 16 (x32 Version: 16.0.0.0 - Maplesoft)
Media Gallery (Version: 1.5.0.17050 - Your Company Name) Hidden
MediaMonkey 3.2 (x32 Version: 3.2 - Ventis Media Inc.)
Mepla Iso (x32 Version: 1.2.2 - Mepla Software)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971119) (x32 Version: 9.0.30731 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2008 SP1 (x32 Version: - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic Power Packs 3.0 (x32 Version: 9.0.30214 - Microsoft)
Microsoft Visual Basic PowerPacks 10.0 (x32 Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (x32 Version: 8.0.50727.42 - The Firebird Project)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Nemetschek Allplan 2011 (x32 Version: 2011.0 - Nemetschek Allplan GmbH)
Nemetschek Allplan 2012 (x32 Version: 2012.0 - Nemetschek Allplan GmbH)
Nemetschek SoftLock 2006 (x32 Version: 1.26.55 - )
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37 - WindSolutions)
NVIDIA 3D Vision Treiber 269.73 (Version: 269.73 - NVIDIA Corporation)
NVIDIA Grafiktreiber 269.73 (Version: 269.73 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.24.0 (Version: 1.2.24.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.42.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0507 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0507 (Version: 9.12.0507 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6973 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 269.73 (Version: 269.73 - NVIDIA Corporation) Hidden
PDF Architect (x32 Version: 1.0.52.8917 - pdfforge)
PDF Blender (x32 Version: - )
PDFCreator (x32 Version: 1.6.2 - pdfforge)
PDF-XChange Viewer (Version: 2.5.199.0 - Tracker Software Products Ltd.)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PPÖúÊÖ PC°æ 1.1.0.2 (x32 Version: 1.1.0.2 - ¹ãÖÝÌúÈËÍøÂç¿Æ¼¼ÓÐÏÞ¹«Ë¾)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Quick Web Access (x32 Version: 1.4.6.9 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.6.9 - Sony Corporation) Hidden
QuickTime (x32 Version: 7.71.80.42 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (x32 Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (Version: - )
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
RuckZuck Student (x32 Version: 6.0.11 - MURSOFT)
s+v Planungssoftware (x32 Version: 2.0.7 - s+v gmbh)
Secunia PSI (2.0.0.4002) (x32 Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.3 (x32 Version: 6.3.105 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SopCast 3.4.0 (x32 Version: 3.4.0 - www.sopcast.com)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (Version: 9.9.2 - )
TeamViewer 8 (x32 Version: 8.0.22298 - TeamViewer)
UltraVnc (Version: 1.0.9.6.1 - uvnc bvba)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
USB PnP Sound Device (Version: - )
VAIO - Media Gallery (x32 Version: 1.5.1.17050 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.10.11160 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur (x32 Version: 1.1.0.07060 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (x32 Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (x32 Version: - )
VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (Version: 1.0.4.01190 - Sony Corporation)
VAIO Sample Contents (x32 Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (x32 Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (x32 Version: 6.3.0.08010 - Sony Corporation)
VAIO-Handbuch (x32 Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (x32 Version: 1.4.0.14230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual DJ - Atomix Productions (x32 Version: - )
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
webcam 7 (x32 Version: 0.9.9.22 - Moonware Studios)
WebTect (x32 Version: - Succes Stream)
Win sys filter (x32 Version: - Appdev Ltd)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорация Майкрософт) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation)
WinPatrol (Version: 29.2.2013 - BillP Studios)
WinRAR 4.01 (32-Bit) (x32 Version: 4.01.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
16-01-2014 15:33:31 Ende der Bereinigung
16-01-2014 15:36:24 Windows Update
17-01-2014 09:12:59 Installed Java 7 Update 51
19-01-2014 10:26:09 Windows Update
21-01-2014 07:54:22 Windows Update
24-01-2014 22:20:17 Windows Update
28-01-2014 17:44:31 Windows Update
31-01-2014 15:33:18 Windows Update
04-02-2014 18:57:22 Windows Update
05-02-2014 09:23:22 Windows Update
05-02-2014 09:29:23 avast! antivirus system restore point
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-01-16 16:23 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0F3405DB-A7DD-4530-9A0F-DCA526AC30A0} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {1CA46AD9-19CB-4D14-AFB2-C14B74AAB7EE} - System32\Tasks\Allplan AutoUpdate 2011-1 => C:\Program Files (x86)\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2012-01-30] (Nemetschek Allplan GmbH)
Task: {2BEB40A9-C3FC-4F88-93CC-13F8D427342F} - System32\Tasks\WebContent AutoUpdate 2011 => C:\Program Files (x86)\Nemetschek\Allplan\prg\NemDownloadHandler.exe [2012-01-30] (Nemetschek Allplan GmbH)
Task: {373DFF92-5B94-4CD4-A4BA-4DFEE06EDCFB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {482207B0-15DA-4364-99CF-CD1B11EB9792} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-05] (AVAST Software)
Task: {5A497CC6-D250-47A3-BA55-D6F02952D348} - System32\Tasks\WebContent AutoUpdate 2012 => C:\Program Files (x86)\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2012-03-21] (Nemetschek Allplan GmbH)
Task: {726F6F97-44DD-45CA-A7F6-A2F9DB43873D} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {74ED0844-1807-465F-8C50-B53E5C7C99BB} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {8C2D8855-6403-4095-B0D5-C22BCFD2334E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-14] (Google Inc.)
Task: {8FC439DD-E29B-4E99-97A6-9B2094BF7F7C} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {9D15F457-6214-47ED-B671-9E8518EF366C} - System32\Tasks\AutoUpdate Allplan 2012 => C:\Program Files (x86)\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe [2012-03-21] (Nemetschek Allplan GmbH)
Task: {A8F4A950-7C02-46C8-9B76-20AEFF15A51B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {B4E74671-F294-4FA1-BE43-9A4404698849} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {B9759462-045D-4D13-A974-74012A8EAA30} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {BD588BF4-14ED-4F1E-881E-05E35BF02FD5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000Core => C:\Users\Charlie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C3D4DCFB-7C8F-4375-8FDB-34AF2E57B5DC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C929619F-63D0-4215-9DA6-5DA5A3D8B9A1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {D2BA3FD6-698D-44D5-9A1B-EA1D5CCAF4EC} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {D363324A-A57A-450D-B957-77317C3F56AF} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {F74BF3CC-C03D-41B9-B61F-55FAE5ED7621} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000UA => C:\Users\Charlie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job => C:\Program Files (x86)\Nemetschek\Allplan\prg\NemDownloadHandler.exe
Task: C:\Windows\Tasks\AutoUpdate Allplan 2012.job => C:\Program Files (x86)\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000Core.job => C:\Users\Charlie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000UA.job => C:\Users\Charlie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WebContent AutoUpdate 2011.job => C:\Program Files (x86)\Nemetschek\Allplan\prg\NemDownloadHandler.exe
Task: C:\Windows\Tasks\WebContent AutoUpdate 2012.job => C:\Program Files (x86)\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-05 09:47 - 2014-02-04 20:33 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020401\algo.dll
2014-02-05 13:05 - 2014-02-05 10:22 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020500\algo.dll
2014-01-18 00:37 - 2013-07-15 18:29 - 00620718 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Charlie\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-26 21:32 - 2013-11-26 21:32 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-14 20:06 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-14 20:06 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-14 20:06 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-14 20:06 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-14 20:06 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2011-05-10 04:41 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-05-10 04:30 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2014 01:03:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2014 10:29:53 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service WebTect since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (02/05/2014 10:27:54 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2014 10:02:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 282971
Error: (02/05/2014 10:02:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 282971
Error: (02/05/2014 10:02:24 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 09:57:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030
Error: (02/05/2014 09:57:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030
Error: (02/05/2014 09:57:42 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 04:59:53 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15038
System errors:
=============
Error: (02/05/2014 01:03:22 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "CyberGhost VPN 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/05/2014 01:03:22 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost VPN 5 Client Service erreicht.
Error: (02/05/2014 01:01:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Win sys filter erreicht.
Error: (02/05/2014 01:01:18 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/05/2014 01:01:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Browser Enhancer erreicht.
Error: (02/05/2014 01:00:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Browser faster erreicht.
Error: (02/05/2014 10:36:01 AM) (Source: DCOM) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/05/2014 10:34:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (02/05/2014 10:32:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.
Error: (02/05/2014 10:27:46 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Win sys filter erreicht.
Microsoft Office Sessions:
=========================
Error: (02/05/2014 01:03:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2014 10:29:53 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service WebTect since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (02/05/2014 10:27:54 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/05/2014 10:02:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 282971
Error: (02/05/2014 10:02:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 282971
Error: (02/05/2014 10:02:24 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 09:57:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030
Error: (02/05/2014 09:57:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030
Error: (02/05/2014 09:57:42 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/05/2014 04:59:53 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15038
CodeIntegrity Errors:
===================================
Date: 2014-01-16 16:22:26.344
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\uninstall.exe\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-16 16:22:26.131
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\uninstall.exe\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-09 17:00:16.526
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-09 17:00:16.324
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-09 17:00:16.115
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-09 17:00:15.888
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-11 10:41:43.791
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-11 10:41:43.664
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-11 10:41:39.307
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-02-11 10:41:39.184
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 4077.86 MB
Available physical RAM: 1429.16 MB
Total Pagefile: 8153.9 MB
Available Pagefile: 5086.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:291.83 GB) (Free:124.25 GB) NTFS
Drive m: (Volume) (Fixed) (Total:290.73 GB) (Free:274.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 99DAAE85)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=292 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=291 GB) - (Type=OF Extended)
==================== End Of Log ============================
wollte den Pc auch mit GMER scanen und die Logfile postet jedoch kommt während dem Log immer ein Bluescreen und der Laptop stürzt ab..  BILD ich bedanke mich schon im vorraus für die Mühe lg hxxp://www.directupload.net/file/d/3524/tar3272y_jpg.htm ORIGINAL Größe |
|
05.02.2014, 14:22
| #2 |
| /// the machine /// TB-Ausbilder    | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) Hi,
__________________Fund mit MBAM löschen lassen. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
05.02.2014, 15:12
| #3 |
| | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) hey danke erstmals:
__________________AdwcleanerLog: Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 05/02/2014 um 14:51:47
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Charlie - CHARLIE-VAIO
# Gestartet von : C:\Users\Charlie\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Uninstall.exe
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16750
-\\ Mozilla Firefox v24.0 (en-US)
[ Datei : C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\vz8eyhrb.default\prefs.js ]
-\\ Google Chrome v32.0.1700.76
[ Datei : C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1074 octets] - [05/02/2014 14:49:38]
AdwCleaner[S0].txt - [993 octets] - [05/02/2014 14:51:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1052 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Home Premium x64
Ran by Charlie on 05.02.2014 at 14:59:17,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Charlie\appdata\local\{52C36FBE-6050-43F5-8C09-F1B66DE1C9B3}
Successfully deleted: [Empty Folder] C:\Users\Charlie\appdata\local\{7508AF87-8CEC-44B3-9E10-C0B31A9DCB70}
Successfully deleted: [Empty Folder] C:\Users\Charlie\appdata\local\{AC5BD1BE-FC7F-447A-9BA8-7A8094F2CFA9}
Successfully deleted: [Empty Folder] C:\Users\Charlie\appdata\local\{C10A9BAB-2E90-4AEE-AB7E-77C9C2FB2F96}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.02.2014 at 15:06:39,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2014
Ran by Charlie (administrator) on CHARLIE-VAIO on 05-02-2014 15:07:28
Running from C:\Users\Charlie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Charlie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Cm112Sound] - C:\Windows\Syswow64\cm112.dll [8146944 2009-12-08] (C-Media Corporation)
HKLM\...\Run: [Cm112GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cm112GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Cm108Sound] - C:\Windows\Syswow64\cm108.dll [8146944 2012-04-10] (C-Media Corporation)
HKLM\...\Run: [BCSSync] - M:\Programme\Microsoft Office 2010\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-05] (AVAST Software)
HKU\S-1-5-21-1747016203-3155398904-578371931-1000\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [455744 2013-12-10] (BillP Studios)
Startup: C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Charlie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE9475A899D9ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {408B6B9F-154A-48A3-8E6A-92804D1F51B0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {7C2F6073-2FC5-43D2-9D96-8840CFA6F129} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKCU - {AC457CC2-2E7A-4F6A-825D-25123C566EF2} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: HappY2Save - {1576E68C-2DA7-962E-2453-0A5827EF7F4C} - C:\ProgramData\HappY2Save\bGeK_PvhbO.x64.dll No File
BHO: SHaoppDRop - {2C805D62-2703-F2E5-DCD4-0239AEA49A03} - C:\ProgramData\SHaoppDRop\H7YuTsJgnw.x64.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - M:\Programme\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CoupExtenesiOn - {77CA3678-3090-C527-7918-27D7B78D4A8E} - C:\ProgramData\CoupExtenesiOn\q.x64.dll No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - M:\Programme\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SavERExtension - {E62BCD8F-2460-7E01-529D-3EB6E8EF3C72} - C:\ProgramData\SavERExtension\4IPdsdMDGz.x64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\vz8eyhrb.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - M:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - M:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - M:\Programme\WebDivix\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - M:\Programme\WebDivix\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Charlie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Charlie\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - M:\Programme\WebDivix\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - M:\Programme\WebDivix\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-17]
Chrome:
=======
CHR Extension: (ProxTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-28]
CHR Extension: (Google Docs) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (WOT) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-18]
CHR Extension: (YouTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google-Suche) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (AdBlock) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-14]
CHR Extension: (Google Mail) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR Extension: (SHaoppDRop) - C:\ProgramData\bddnngaocglmnfhcpcjmoomohjiobgoo [2014-01-01]
CHR Extension: (HappY2Save) - C:\ProgramData\daedbbfaebjgclnoijiekplilobacoia [2014-01-01]
CHR Extension: (SavERExtension) - C:\ProgramData\phmpmlianadbfifbhfcijdlhgcnfjccn [2014-01-01]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - M:\Programme\WebDivix\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-05] (AVAST Software)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; M:\Programme\Microsoft Office 2010\Office14\GROOVE.EXE [50921648 2013-03-09] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe [38926 2011-05-20] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-07-29] (Secunia)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe [4999680 2011-07-27] (Moonware Studios)
S2 05837205; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~1\BrowserfasterSvc.dll",service
S2 5717af3d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~2\BrowserEnhancerSvc.dll",service
S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service
==================== Drivers (Whitelisted) ====================
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1312256 2010-12-15] (C-Media Electronics Inc)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-05] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-09] ()
S3 catchme; C:\uninstall.exe [0 2014-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-01] (DT Soft Ltd)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-04-24] (Gemalto)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-05 15:07 - 2014-02-05 15:07 - 00025809 _____ () C:\Users\Charlie\Downloads\FRST.txt
2014-02-05 15:06 - 2014-02-05 15:06 - 00001061 _____ () C:\Users\Charlie\Desktop\JRT.txt
2014-02-05 14:58 - 2014-02-05 14:58 - 01037530 _____ (Thisisu) C:\Users\Charlie\Downloads\JRT.exe
2014-02-05 14:56 - 2014-02-05 14:56 - 00001136 _____ () C:\Users\Charlie\Desktop\AdwCleaner[S0].txt
2014-02-05 14:49 - 2014-02-05 14:51 - 00000000 ____D () C:\AdwCleaner
2014-02-05 14:49 - 2014-02-05 14:49 - 01166132 _____ () C:\Users\Charlie\Downloads\adwcleaner.exe
2014-02-05 13:37 - 2014-02-05 13:38 - 00290656 _____ () C:\Windows\Minidump\020514-30232-01.dmp
2014-02-05 13:22 - 2014-02-05 13:22 - 00284264 _____ () C:\Windows\Minidump\020514-80106-01.dmp
2014-02-05 13:21 - 2014-02-05 13:37 - 620509357 _____ () C:\Windows\MEMORY.DMP
2014-02-05 13:13 - 2014-02-05 13:13 - 00380416 _____ () C:\Users\Charlie\Downloads\Gmer-19357.exe
2014-02-05 13:09 - 2014-02-05 15:07 - 00000000 ____D () C:\FRST
2014-02-05 13:08 - 2014-02-05 13:09 - 02080256 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2014-02-05 13:08 - 2014-02-05 13:08 - 00000476 _____ () C:\Users\Charlie\Downloads\defogger_disable.log
2014-02-05 13:07 - 2014-02-05 13:07 - 00050477 _____ () C:\Users\Charlie\Downloads\Defogger.exe
2014-02-05 13:07 - 2014-02-05 13:07 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2014-01-29 12:14 - 2014-01-29 12:14 - 00628195 _____ () C:\Users\Charlie\Downloads\MTH4105_chap10.mw
2014-01-26 17:07 - 2014-01-26 17:07 - 03583488 _____ () C:\Users\Charlie\Downloads\Brandschutz - Bemessungsprogramm H-Fire-Temp1-04-1.xls
2014-01-26 14:32 - 2014-01-26 14:32 - 00001954 _____ () C:\Users\Public\Desktop\s+v Planungssoftware.lnk
2014-01-26 14:32 - 2014-01-26 14:32 - 00000000 ____D () C:\Program Files (x86)\s+v Planungssoftware
2014-01-26 14:31 - 2014-01-26 14:31 - 22685424 _____ () C:\Users\Charlie\Downloads\sundv_planungssoftware_setup.zip
2014-01-25 10:18 - 2014-01-25 10:18 - 00000000 ____D () C:\Users\Charlie\Downloads\TBOD
2014-01-23 14:38 - 2014-01-23 14:43 - 132554053 _____ () C:\Users\Charlie\Downloads\Baudynamik & Mathe - Arbeitsordner.zip
2014-01-22 21:43 - 2014-01-22 22:31 - 420667950 _____ () C:\Users\Charlie\Downloads\TBOD.rar
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\WinPatrol
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-01-17 10:14 - 2014-01-17 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 10:14 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 10:14 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 10:14 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 10:14 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-17 10:13 - 2014-01-17 10:14 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 16:33 - 2014-01-16 16:34 - 00001348 _____ () C:\DelFix.txt
2014-01-16 16:05 - 2014-01-16 16:28 - 00000000 ____D () C:\uninstall.exe
2014-01-16 09:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 09:21 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 09:21 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:05 - 2014-02-05 14:55 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 20:05 - 2014-02-05 14:10 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 20:05 - 2014-01-14 20:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-14 20:05 - 2014-01-14 20:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-14 20:05 - 2014-01-14 20:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-14 19:58 - 2014-01-14 19:58 - 00057671 _____ () C:\Users\Charlie\Desktop\bookmarks_14.01.14.html
2014-01-12 18:50 - 2014-01-12 18:50 - 00613833 _____ () C:\Users\Charlie\Downloads\6.2 Dreieckselemente SD32.zip
2014-01-10 17:17 - 2014-01-12 11:14 - 00000000 ____D () C:\Users\Charlie\Downloads\FRST-OlderVersion
2014-01-10 17:02 - 2014-01-16 16:33 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 16:48 - 2014-02-05 12:59 - 00005540 _____ () C:\Windows\PFRO.log
2014-01-10 14:01 - 2014-02-05 10:24 - 00075135 _____ () C:\Windows\IE11_main.log
2014-01-09 22:07 - 2014-02-05 14:53 - 00002184 _____ () C:\Windows\setupact.log
2014-01-09 22:07 - 2014-01-09 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-09 16:40 - 2014-02-05 10:31 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-08 20:16 - 2014-01-08 20:16 - 00000406 _____ () C:\Windows\system32\.crusader
2014-01-08 19:47 - 2014-01-08 19:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-01-08 19:45 - 2014-01-08 21:33 - 00000000 ____D () C:\ProgramData\HitmanPro
==================== One Month Modified Files and Folders =======
2014-02-05 15:07 - 2014-02-05 15:07 - 00025809 _____ () C:\Users\Charlie\Downloads\FRST.txt
2014-02-05 15:07 - 2014-02-05 13:09 - 00000000 ____D () C:\FRST
2014-02-05 15:06 - 2014-02-05 15:06 - 00001061 _____ () C:\Users\Charlie\Desktop\JRT.txt
2014-02-05 15:05 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-05 15:05 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-05 15:01 - 2011-07-01 17:45 - 01787980 _____ () C:\Windows\WindowsUpdate.log
2014-02-05 14:59 - 2011-11-26 12:18 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Dropbox
2014-02-05 14:59 - 2011-10-12 17:25 - 00000642 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2011.job
2014-02-05 14:58 - 2014-02-05 14:58 - 01037530 _____ (Thisisu) C:\Users\Charlie\Downloads\JRT.exe
2014-02-05 14:58 - 2012-10-22 11:07 - 00000660 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2012.job
2014-02-05 14:56 - 2014-02-05 14:56 - 00001136 _____ () C:\Users\Charlie\Desktop\AdwCleaner[S0].txt
2014-02-05 14:56 - 2011-11-26 12:20 - 00000000 ___RD () C:\Users\Charlie\Dropbox
2014-02-05 14:56 - 2011-05-10 04:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-05 14:55 - 2014-01-14 20:05 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-05 14:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 14:53 - 2014-01-09 22:07 - 00002184 _____ () C:\Windows\setupact.log
2014-02-05 14:51 - 2014-02-05 14:49 - 00000000 ____D () C:\AdwCleaner
2014-02-05 14:49 - 2014-02-05 14:49 - 01166132 _____ () C:\Users\Charlie\Downloads\adwcleaner.exe
2014-02-05 14:10 - 2014-01-14 20:05 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 13:38 - 2014-02-05 13:37 - 00290656 _____ () C:\Windows\Minidump\020514-30232-01.dmp
2014-02-05 13:37 - 2014-02-05 13:21 - 620509357 _____ () C:\Windows\MEMORY.DMP
2014-02-05 13:37 - 2011-07-15 06:59 - 00000000 ____D () C:\Windows\Minidump
2014-02-05 13:22 - 2014-02-05 13:22 - 00284264 _____ () C:\Windows\Minidump\020514-80106-01.dmp
2014-02-05 13:13 - 2014-02-05 13:13 - 00380416 _____ () C:\Users\Charlie\Downloads\Gmer-19357.exe
2014-02-05 13:09 - 2014-02-05 13:08 - 02080256 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2014-02-05 13:08 - 2014-02-05 13:08 - 00000476 _____ () C:\Users\Charlie\Downloads\defogger_disable.log
2014-02-05 13:07 - 2014-02-05 13:07 - 00050477 _____ () C:\Users\Charlie\Downloads\Defogger.exe
2014-02-05 13:07 - 2014-02-05 13:07 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2014-02-05 13:07 - 2011-07-01 17:45 - 00000000 ____D () C:\Users\Charlie
2014-02-05 12:59 - 2014-01-10 16:48 - 00005540 _____ () C:\Windows\PFRO.log
2014-02-05 12:57 - 2013-12-31 01:09 - 00000000 ____D () C:\ProgramData\WebTect
2014-02-05 12:13 - 2011-07-15 07:39 - 00011161 _____ () C:\test.xml
2014-02-05 11:53 - 2011-07-06 23:44 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000UA.job
2014-02-05 10:32 - 2012-08-05 03:26 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-05 10:31 - 2014-01-09 16:40 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-05 10:31 - 2011-07-21 14:30 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-05 10:31 - 2011-07-21 14:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-05 10:24 - 2014-01-10 14:01 - 00075135 _____ () C:\Windows\IE11_main.log
2014-02-05 10:22 - 2013-11-29 11:06 - 00000000 ____D () C:\Users\Charlie\Desktop\FH AACHEN MASTER
2014-02-05 10:18 - 2011-07-02 20:13 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Adobe
2014-02-05 10:17 - 2013-03-03 13:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 10:17 - 2011-07-02 00:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 10:05 - 2011-07-06 23:44 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000Core.job
2014-02-05 10:03 - 2011-05-10 14:19 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-02-05 10:03 - 2011-05-10 14:19 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-02-05 10:03 - 2009-07-14 06:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-05 09:48 - 2012-10-22 11:07 - 00000504 _____ () C:\Windows\Tasks\AutoUpdate Allplan 2012.job
2014-02-05 09:48 - 2011-10-12 17:25 - 00000496 _____ () C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job
2014-02-04 20:54 - 2011-07-01 17:52 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2ABB2932-AA29-4351-B409-8136CB98F6A6}
2014-01-31 17:43 - 2012-11-07 13:46 - 00001440 _____ () C:\Users\Charlie\AppData\Local\FriloWebInfo.html
2014-01-31 17:42 - 2012-11-07 13:39 - 00000000 ____D () C:\Users\Charlie\AppData\Local\5a4cf8ca-080e-48f6-b512-229638b7ce10
2014-01-30 18:55 - 2011-07-01 20:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 14:10 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-01-29 12:15 - 2013-11-20 12:38 - 00000000 ____D () C:\Users\Charlie\.maplesoft
2014-01-29 12:14 - 2014-01-29 12:14 - 00628195 _____ () C:\Users\Charlie\Downloads\MTH4105_chap10.mw
2014-01-26 22:25 - 2012-03-06 16:33 - 00000000 ____D () C:\Users\Charlie\AppData\Local\FreePDF_XP
2014-01-26 22:24 - 2012-03-15 15:33 - 00000289 _____ () C:\Users\Charlie\Documents\plot.log
2014-01-26 21:49 - 2011-07-01 22:29 - 00000000 ____D () C:\Users\Charlie\AppData\Local\cache
2014-01-26 17:07 - 2014-01-26 17:07 - 03583488 _____ () C:\Users\Charlie\Downloads\Brandschutz - Bemessungsprogramm H-Fire-Temp1-04-1.xls
2014-01-26 14:58 - 2011-07-01 17:47 - 00000000 ____D () C:\Users\Charlie\AppData\Local\VirtualStore
2014-01-26 14:32 - 2014-01-26 14:32 - 00001954 _____ () C:\Users\Public\Desktop\s+v Planungssoftware.lnk
2014-01-26 14:32 - 2014-01-26 14:32 - 00000000 ____D () C:\Program Files (x86)\s+v Planungssoftware
2014-01-26 14:31 - 2014-01-26 14:31 - 22685424 _____ () C:\Users\Charlie\Downloads\sundv_planungssoftware_setup.zip
2014-01-26 13:22 - 2013-11-30 13:31 - 00000000 ____D () C:\Users\Charlie\Downloads\FH AC STUD DOKU
2014-01-26 11:36 - 2011-07-01 18:36 - 00000000 ____D () C:\Users\Charlie\AppData\Local\MediaMonkey
2014-01-25 10:18 - 2014-01-25 10:18 - 00000000 ____D () C:\Users\Charlie\Downloads\TBOD
2014-01-23 14:43 - 2014-01-23 14:38 - 132554053 _____ () C:\Users\Charlie\Downloads\Baudynamik & Mathe - Arbeitsordner.zip
2014-01-22 22:31 - 2014-01-22 21:43 - 420667950 _____ () C:\Users\Charlie\Downloads\TBOD.rar
2014-01-22 21:12 - 2012-11-07 13:34 - 00000852 _____ () C:\Users\Public\Desktop\FriloSystemNext.lnk
2014-01-22 21:12 - 2012-11-07 13:34 - 00000000 ____D () C:\ProgramData\Frilo2010
2014-01-22 21:12 - 2011-07-01 20:07 - 00000000 ____D () C:\Program Files (x86)\Frilo
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\WinPatrol
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-01-18 00:37 - 2013-01-17 14:23 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-17 10:14 - 2014-01-17 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 10:14 - 2014-01-17 10:13 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 10:14 - 2011-05-10 04:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-17 00:02 - 2013-08-31 11:25 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\vlc
2014-01-16 16:51 - 2009-07-14 05:45 - 00556072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 16:40 - 2013-08-22 20:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 16:36 - 2011-07-01 19:06 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 16:34 - 2014-01-16 16:33 - 00001348 _____ () C:\DelFix.txt
2014-01-16 16:33 - 2014-01-10 17:02 - 00000000 ____D () C:\Windows\ERUNT
2014-01-16 16:28 - 2014-01-16 16:05 - 00000000 ____D () C:\uninstall.exe
2014-01-16 16:23 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-16 16:22 - 2014-01-01 16:05 - 00000000 ____D () C:\ProgramData\Browser Enhancer
2014-01-16 16:22 - 2013-12-31 13:18 - 00000000 ____D () C:\ProgramData\Browser faster
2014-01-14 20:06 - 2014-01-14 20:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-14 20:06 - 2011-07-01 18:00 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Google
2014-01-14 20:05 - 2014-01-14 20:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-14 20:05 - 2014-01-14 20:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-14 19:58 - 2014-01-14 19:58 - 00057671 _____ () C:\Users\Charlie\Desktop\bookmarks_14.01.14.html
2014-01-12 18:50 - 2014-01-12 18:50 - 00613833 _____ () C:\Users\Charlie\Downloads\6.2 Dreieckselemente SD32.zip
2014-01-12 11:14 - 2014-01-10 17:17 - 00000000 ____D () C:\Users\Charlie\Downloads\FRST-OlderVersion
2014-01-09 22:07 - 2014-01-09 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-09 17:27 - 2011-02-10 23:48 - 00000000 ____D () C:\Windows\Panther
2014-01-09 17:26 - 2011-07-02 00:52 - 00000000 ____D () C:\Users\Charlie\AppData\Local\CrashDumps
2014-01-09 16:39 - 2013-07-26 13:01 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-09 16:38 - 2011-11-10 21:55 - 00000000 ____D () C:\Windows\ERDNT
2014-01-08 21:33 - 2014-01-08 19:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-01-08 20:16 - 2014-01-08 20:16 - 00000406 _____ () C:\Windows\system32\.crusader
2014-01-08 19:47 - 2014-01-08 19:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-01-08 19:33 - 2014-01-01 16:16 - 00000000 ____D () C:\ProgramData\CoupExtenesiOn
2014-01-08 14:30 - 2011-07-01 17:47 - 00000000 ___RD () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 14:29 - 2011-11-26 12:19 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Files to move or delete:
====================
C:\ProgramData\UninstallFrilo.Exe
Some content of TEMP:
====================
C:\Users\Charlie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 11:27
==================== End Of Log ============================
--- --- --- mach jetzt nochmals einen kompletten scan mit MBAM.. |
|
06.02.2014, 10:24
| #4 |
| /// the machine /// TB-Ausbilder | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector)ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.02.2014, 22:50
| #5 |
| | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ae93096e5991c149abdbd27b3553f934
# engine=16967
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-06 09:33:43
# local_time=2014-02-06 10:33:43 (+0100, Mitteleuropäische Zeit )
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 77 124317 133353 0 0
# compatibility_mode=5893 16776573 100 94 90096 143352273 0 0
# scanned=375172
# found=0
# cleaned=0
# scan_time=17130
Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Secunia PSI (2.0.0.4002) Malwarebytes Anti-Malware Version 1.75.0.1300 JavaFX 2.1.0 Java(TM) 6 Update 29 Java 7 Update 51 Adobe Flash Player 12.0.0.44 Flash Player out of Date! Mozilla Firefox 24.0 Firefox out of Date! Google Chrome 32.0.1700.76 ````````Process Check: objlist.exe by Laurent```````` WinPatrol winpatrol.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Malwarebytes' Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe BillP Studios WinPatrol WinPatrol.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-02-2014
Ran by Charlie (administrator) on CHARLIE-VAIO on 06-02-2014 22:49:38
Running from C:\Users\Charlie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Dropbox, Inc.) C:\Users\Charlie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Tracker Software Products Ltd.) M:\Programme\Pdfviewer\PDF Viewer\PDFXCview.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) M:\Programme\Microsoft Office 2010\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
() C:\Users\Charlie\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [Cm112Sound] - C:\Windows\Syswow64\cm112.dll [8146944 2009-12-08] (C-Media Corporation)
HKLM\...\Run: [Cm112GX] - C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cm112GX64] - C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Cm108Sound] - C:\Windows\Syswow64\cm108.dll [8146944 2012-04-10] (C-Media Corporation)
HKLM\...\Run: [BCSSync] - M:\Programme\Microsoft Office 2010\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-05] (AVAST Software)
HKU\S-1-5-21-1747016203-3155398904-578371931-1000\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [455744 2013-12-10] (BillP Studios)
Startup: C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Charlie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE9475A899D9ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {408B6B9F-154A-48A3-8E6A-92804D1F51B0} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {7C2F6073-2FC5-43D2-9D96-8840CFA6F129} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms}
SearchScopes: HKCU - {AC457CC2-2E7A-4F6A-825D-25123C566EF2} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: HappY2Save - {1576E68C-2DA7-962E-2453-0A5827EF7F4C} - C:\ProgramData\HappY2Save\bGeK_PvhbO.x64.dll No File
BHO: SHaoppDRop - {2C805D62-2703-F2E5-DCD4-0239AEA49A03} - C:\ProgramData\SHaoppDRop\H7YuTsJgnw.x64.dll No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - M:\Programme\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CoupExtenesiOn - {77CA3678-3090-C527-7918-27D7B78D4A8E} - C:\ProgramData\CoupExtenesiOn\q.x64.dll No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - M:\Programme\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: SavERExtension - {E62BCD8F-2460-7E01-529D-3EB6E8EF3C72} - C:\ProgramData\SavERExtension\4IPdsdMDGz.x64.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Charlie\AppData\Roaming\Mozilla\Firefox\Profiles\vz8eyhrb.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - M:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - M:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - M:\Programme\WebDivix\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - M:\Programme\WebDivix\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - M:\Programme\Pdfviewer\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Charlie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Charlie\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - M:\Programme\WebDivix\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - M:\Programme\WebDivix\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-19]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-17]
Chrome:
=======
CHR Extension: (ProxTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-28]
CHR Extension: (Google Docs) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (WOT) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-01-18]
CHR Extension: (YouTube) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Google-Suche) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (AdBlock) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-14]
CHR Extension: (Google Wallet) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-14]
CHR Extension: (Google Mail) - C:\Users\Charlie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - M:\Programme\WebDivix\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-03-31] (Atheros)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-05] (AVAST Software)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [26600 2013-10-08] (CyberGhost S.R.L)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2011-10-03] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3764224 2011-10-03] (Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Microsoft SharePoint Workspace Audit Service; M:\Programme\Microsoft Office 2010\Office14\GROOVE.EXE [50921648 2013-03-09] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\FH-Aachen OpenVPN\bin\openvpnserv.exe [38926 2011-05-20] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-07-29] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-07-29] (Secunia)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 w7Svc; C:\Program Files (x86)\webcam 7\wService.exe [4999680 2011-07-27] (Moonware Studios)
S2 05837205; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~1\BrowserfasterSvc.dll",service
S2 5717af3d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~2\BrowserEnhancerSvc.dll",service
S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service
==================== Drivers (Whitelisted) ====================
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S3 ASUSU1; C:\Windows\System32\drivers\cm11264.sys [1312256 2010-12-15] (C-Media Electronics Inc)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-05] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-09] ()
S3 catchme; C:\uninstall.exe [0 2014-01-16] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-07-01] (DT Soft Ltd)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [129792 2013-04-24] (Gemalto)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 22:49 - 2014-02-06 22:49 - 00026397 _____ () C:\Users\Charlie\Downloads\FRST.txt
2014-02-06 22:44 - 2014-02-06 22:44 - 00987425 _____ () C:\Users\Charlie\Downloads\SecurityCheck.exe
2014-02-06 13:09 - 2014-02-06 13:11 - 00157331 _____ () C:\ProgramData\FriloUnzipProtocol.txt
2014-02-05 14:49 - 2014-02-05 14:51 - 00000000 ____D () C:\AdwCleaner
2014-02-05 13:37 - 2014-02-05 13:38 - 00290656 _____ () C:\Windows\Minidump\020514-30232-01.dmp
2014-02-05 13:22 - 2014-02-05 13:22 - 00284264 _____ () C:\Windows\Minidump\020514-80106-01.dmp
2014-02-05 13:21 - 2014-02-05 13:37 - 620509357 _____ () C:\Windows\MEMORY.DMP
2014-02-05 13:09 - 2014-02-06 22:49 - 00000000 ____D () C:\FRST
2014-02-05 13:08 - 2014-02-06 22:49 - 02079744 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2014-02-05 13:07 - 2014-02-05 13:07 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2014-01-29 12:14 - 2014-01-29 12:14 - 00628195 _____ () C:\Users\Charlie\Downloads\MTH4105_chap10.mw
2014-01-26 17:07 - 2014-01-26 17:07 - 03583488 _____ () C:\Users\Charlie\Downloads\Brandschutz - Bemessungsprogramm H-Fire-Temp1-04-1.xls
2014-01-26 14:32 - 2014-01-26 14:32 - 00001954 _____ () C:\Users\Public\Desktop\s+v Planungssoftware.lnk
2014-01-26 14:32 - 2014-01-26 14:32 - 00000000 ____D () C:\Program Files (x86)\s+v Planungssoftware
2014-01-26 14:31 - 2014-01-26 14:31 - 22685424 _____ () C:\Users\Charlie\Downloads\sundv_planungssoftware_setup.zip
2014-01-25 10:18 - 2014-01-25 10:18 - 00000000 ____D () C:\Users\Charlie\Downloads\TBOD
2014-01-23 14:38 - 2014-01-23 14:43 - 132554053 _____ () C:\Users\Charlie\Downloads\Baudynamik & Mathe - Arbeitsordner.zip
2014-01-22 21:43 - 2014-01-22 22:31 - 420667950 _____ () C:\Users\Charlie\Downloads\TBOD.rar
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\WinPatrol
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-01-17 10:14 - 2014-01-17 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 10:14 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-17 10:14 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-17 10:14 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-17 10:14 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-17 10:13 - 2014-01-17 10:14 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 16:33 - 2014-01-16 16:34 - 00001348 _____ () C:\DelFix.txt
2014-01-16 16:05 - 2014-01-16 16:28 - 00000000 ____D () C:\uninstall.exe
2014-01-16 09:22 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-16 09:22 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-16 09:21 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-16 09:21 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 20:05 - 2014-02-06 21:10 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-14 20:05 - 2014-02-06 20:10 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 20:05 - 2014-01-14 20:06 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-14 20:05 - 2014-01-14 20:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-14 20:05 - 2014-01-14 20:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-14 19:58 - 2014-01-14 19:58 - 00057671 _____ () C:\Users\Charlie\Desktop\bookmarks_14.01.14.html
2014-01-12 18:50 - 2014-01-12 18:50 - 00613833 _____ () C:\Users\Charlie\Downloads\6.2 Dreieckselemente SD32.zip
2014-01-10 17:17 - 2014-02-06 22:49 - 00000000 ____D () C:\Users\Charlie\Downloads\FRST-OlderVersion
2014-01-10 17:02 - 2014-01-16 16:33 - 00000000 ____D () C:\Windows\ERUNT
2014-01-10 16:48 - 2014-02-05 12:59 - 00005540 _____ () C:\Windows\PFRO.log
2014-01-10 14:01 - 2014-02-05 10:24 - 00075135 _____ () C:\Windows\IE11_main.log
2014-01-09 22:07 - 2014-02-06 13:55 - 00002352 _____ () C:\Windows\setupact.log
2014-01-09 22:07 - 2014-01-09 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-09 16:40 - 2014-02-05 10:31 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-08 20:16 - 2014-01-08 20:16 - 00000406 _____ () C:\Windows\system32\.crusader
2014-01-08 19:47 - 2014-01-08 19:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-01-08 19:45 - 2014-01-08 21:33 - 00000000 ____D () C:\ProgramData\HitmanPro
==================== One Month Modified Files and Folders =======
2014-02-06 22:49 - 2014-02-06 22:49 - 00026397 _____ () C:\Users\Charlie\Downloads\FRST.txt
2014-02-06 22:49 - 2014-02-05 13:09 - 00000000 ____D () C:\FRST
2014-02-06 22:49 - 2014-02-05 13:08 - 02079744 _____ (Farbar) C:\Users\Charlie\Downloads\FRST64.exe
2014-02-06 22:49 - 2014-01-10 17:17 - 00000000 ____D () C:\Users\Charlie\Downloads\FRST-OlderVersion
2014-02-06 22:49 - 2011-11-26 12:18 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Dropbox
2014-02-06 22:44 - 2014-02-06 22:44 - 00987425 _____ () C:\Users\Charlie\Downloads\SecurityCheck.exe
2014-02-06 22:34 - 2011-07-01 17:52 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2ABB2932-AA29-4351-B409-8136CB98F6A6}
2014-02-06 22:34 - 2011-05-10 14:19 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 22:34 - 2011-05-10 14:19 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 22:34 - 2009-07-14 06:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 22:31 - 2011-07-01 17:45 - 01825151 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 21:10 - 2014-01-14 20:05 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-06 20:59 - 2011-07-06 23:44 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000UA.job
2014-02-06 20:10 - 2014-01-14 20:05 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 19:27 - 2012-10-22 11:07 - 00000660 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2012.job
2014-02-06 19:27 - 2011-10-12 17:25 - 00000642 _____ () C:\Windows\Tasks\WebContent AutoUpdate 2011.job
2014-02-06 14:06 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 14:06 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 13:58 - 2011-05-10 04:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-06 13:57 - 2011-11-26 12:20 - 00000000 ___RD () C:\Users\Charlie\Dropbox
2014-02-06 13:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 13:55 - 2014-01-09 22:07 - 00002352 _____ () C:\Windows\setupact.log
2014-02-06 13:12 - 2012-11-07 13:46 - 00001440 _____ () C:\Users\Charlie\AppData\Local\FriloWebInfo.html
2014-02-06 13:12 - 2012-11-07 13:39 - 00000000 ____D () C:\Users\Charlie\AppData\Local\5a4cf8ca-080e-48f6-b512-229638b7ce10
2014-02-06 13:12 - 2012-11-07 13:39 - 00000000 ____D () C:\ProgramData\5a4cf8ca-080e-48f6-b512-229638b7ce10
2014-02-06 13:11 - 2014-02-06 13:09 - 00157331 _____ () C:\ProgramData\FriloUnzipProtocol.txt
2014-02-06 13:11 - 2011-07-01 20:07 - 00000000 ____D () C:\Program Files (x86)\Frilo
2014-02-06 13:10 - 2012-12-11 17:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-06 04:48 - 2011-07-06 23:44 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1747016203-3155398904-578371931-1000Core.job
2014-02-05 15:29 - 2011-07-01 17:45 - 00000000 ____D () C:\Users\Charlie
2014-02-05 14:51 - 2014-02-05 14:49 - 00000000 ____D () C:\AdwCleaner
2014-02-05 13:38 - 2014-02-05 13:37 - 00290656 _____ () C:\Windows\Minidump\020514-30232-01.dmp
2014-02-05 13:37 - 2014-02-05 13:21 - 620509357 _____ () C:\Windows\MEMORY.DMP
2014-02-05 13:37 - 2011-07-15 06:59 - 00000000 ____D () C:\Windows\Minidump
2014-02-05 13:22 - 2014-02-05 13:22 - 00284264 _____ () C:\Windows\Minidump\020514-80106-01.dmp
2014-02-05 13:07 - 2014-02-05 13:07 - 00000000 _____ () C:\Users\Charlie\defogger_reenable
2014-02-05 12:59 - 2014-01-10 16:48 - 00005540 _____ () C:\Windows\PFRO.log
2014-02-05 12:13 - 2011-07-15 07:39 - 00011161 _____ () C:\test.xml
2014-02-05 10:32 - 2012-08-05 03:26 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-05 10:31 - 2014-01-09 16:40 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-05 10:31 - 2011-07-21 14:30 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-05 10:31 - 2011-07-21 14:30 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-05 10:31 - 2011-07-21 14:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-05 10:24 - 2014-01-10 14:01 - 00075135 _____ () C:\Windows\IE11_main.log
2014-02-05 10:22 - 2013-11-29 11:06 - 00000000 ____D () C:\Users\Charlie\Desktop\FH AACHEN MASTER
2014-02-05 10:18 - 2011-07-02 20:13 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Adobe
2014-02-05 10:17 - 2013-03-03 13:07 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 10:17 - 2011-07-02 00:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 09:48 - 2012-10-22 11:07 - 00000504 _____ () C:\Windows\Tasks\AutoUpdate Allplan 2012.job
2014-02-05 09:48 - 2011-10-12 17:25 - 00000496 _____ () C:\Windows\Tasks\Allplan AutoUpdate 2011-1.job
2014-01-30 18:55 - 2011-07-01 20:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 14:10 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-01-29 12:15 - 2013-11-20 12:38 - 00000000 ____D () C:\Users\Charlie\.maplesoft
2014-01-29 12:14 - 2014-01-29 12:14 - 00628195 _____ () C:\Users\Charlie\Downloads\MTH4105_chap10.mw
2014-01-26 22:25 - 2012-03-06 16:33 - 00000000 ____D () C:\Users\Charlie\AppData\Local\FreePDF_XP
2014-01-26 22:24 - 2012-03-15 15:33 - 00000289 _____ () C:\Users\Charlie\Documents\plot.log
2014-01-26 21:49 - 2011-07-01 22:29 - 00000000 ____D () C:\Users\Charlie\AppData\Local\cache
2014-01-26 17:07 - 2014-01-26 17:07 - 03583488 _____ () C:\Users\Charlie\Downloads\Brandschutz - Bemessungsprogramm H-Fire-Temp1-04-1.xls
2014-01-26 14:58 - 2011-07-01 17:47 - 00000000 ____D () C:\Users\Charlie\AppData\Local\VirtualStore
2014-01-26 14:32 - 2014-01-26 14:32 - 00001954 _____ () C:\Users\Public\Desktop\s+v Planungssoftware.lnk
2014-01-26 14:32 - 2014-01-26 14:32 - 00000000 ____D () C:\Program Files (x86)\s+v Planungssoftware
2014-01-26 14:31 - 2014-01-26 14:31 - 22685424 _____ () C:\Users\Charlie\Downloads\sundv_planungssoftware_setup.zip
2014-01-26 13:22 - 2013-11-30 13:31 - 00000000 ____D () C:\Users\Charlie\Downloads\FH AC STUD DOKU
2014-01-26 11:36 - 2011-07-01 18:36 - 00000000 ____D () C:\Users\Charlie\AppData\Local\MediaMonkey
2014-01-25 10:18 - 2014-01-25 10:18 - 00000000 ____D () C:\Users\Charlie\Downloads\TBOD
2014-01-23 14:43 - 2014-01-23 14:38 - 132554053 _____ () C:\Users\Charlie\Downloads\Baudynamik & Mathe - Arbeitsordner.zip
2014-01-22 22:31 - 2014-01-22 21:43 - 420667950 _____ () C:\Users\Charlie\Downloads\TBOD.rar
2014-01-22 21:12 - 2012-11-07 13:34 - 00000852 _____ () C:\Users\Public\Desktop\FriloSystemNext.lnk
2014-01-22 21:12 - 2012-11-07 13:34 - 00000000 ____D () C:\ProgramData\Frilo2010
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\WinPatrol
2014-01-18 00:37 - 2014-01-18 00:37 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-01-18 00:37 - 2013-01-17 14:23 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-17 10:14 - 2014-01-17 10:14 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-17 10:14 - 2014-01-17 10:13 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-17 10:14 - 2011-05-10 04:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-17 00:02 - 2013-08-31 11:25 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\vlc
2014-01-16 16:51 - 2009-07-14 05:45 - 00556072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 16:40 - 2013-08-22 20:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 16:36 - 2011-07-01 19:06 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-16 16:34 - 2014-01-16 16:33 - 00001348 _____ () C:\DelFix.txt
2014-01-16 16:33 - 2014-01-10 17:02 - 00000000 ____D () C:\Windows\ERUNT
2014-01-16 16:28 - 2014-01-16 16:05 - 00000000 ____D () C:\uninstall.exe
2014-01-16 16:23 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-14 20:06 - 2014-01-14 20:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-14 20:06 - 2011-07-01 18:00 - 00000000 ____D () C:\Users\Charlie\AppData\Local\Google
2014-01-14 20:05 - 2014-01-14 20:05 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-14 20:05 - 2014-01-14 20:05 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-14 19:58 - 2014-01-14 19:58 - 00057671 _____ () C:\Users\Charlie\Desktop\bookmarks_14.01.14.html
2014-01-12 18:50 - 2014-01-12 18:50 - 00613833 _____ () C:\Users\Charlie\Downloads\6.2 Dreieckselemente SD32.zip
2014-01-09 22:07 - 2014-01-09 22:07 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-09 17:27 - 2011-02-10 23:48 - 00000000 ____D () C:\Windows\Panther
2014-01-09 16:39 - 2013-07-26 13:01 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-01-09 16:38 - 2011-11-10 21:55 - 00000000 ____D () C:\Windows\ERDNT
2014-01-08 21:33 - 2014-01-08 19:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-01-08 20:16 - 2014-01-08 20:16 - 00000406 _____ () C:\Windows\system32\.crusader
2014-01-08 19:47 - 2014-01-08 19:47 - 00000000 ____D () C:\Program Files\HitmanPro
2014-01-08 14:30 - 2011-07-01 17:47 - 00000000 ___RD () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-08 14:29 - 2011-11-26 12:19 - 00000000 ____D () C:\Users\Charlie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
Files to move or delete:
====================
C:\ProgramData\UninstallFrilo.Exe
Some content of TEMP:
====================
C:\Users\Charlie\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 11:27
==================== End Of Log ============================
--- --- --- danke  lg |
|
07.02.2014, 17:27
| #6 |
| /// the machine /// TB-Ausbilder | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S2 05837205; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~1\BrowserfasterSvc.dll",service
S2 5717af3d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~2\BrowserEnhancerSvc.dll",service
S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) |
|
07.02.2014, 22:07
| #7 |
| | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-02-2014
Ran by Charlie at 2014-02-07 19:59:13 Run:1
Running from C:\Users\Charlie\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S2 05837205; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~1\BrowserfasterSvc.dll",service
S2 5717af3d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\browse~2\BrowserEnhancerSvc.dll",service
S2 8ffb8f2d; "C:\Windows\system32\rundll32.exe" "c:\progra~3\winsys~1\WinsysfilterSvc.dll",service
*****************
05837205 => Service deleted successfully.
5717af3d => Service deleted successfully.
8ffb8f2d => Service deleted successfully.
==== End of Fixlog ====
danke nochmals hier nochmal der delfix log: Code:
ATTFilter # DelFix v10.6 - Datei am 07/02/2014 um 21:23:09 erstellt
# Aktualisiert am 11/11/2013 von Xplode
# Benutzer : Charlie - CHARLIE-VAIO
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Charlie\Downloads\Defogger.exe
Gelöscht : C:\Users\Charlie\Downloads\defogger_enable.log
Gelöscht : C:\Users\Charlie\Downloads\Fixlog.txt
Gelöscht : C:\Users\Charlie\Downloads\FRST64.exe
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #438 [Ende der Bereinigung | 01/16/2014 15:33:31]
Gelöscht : RP #439 [Windows Update | 01/16/2014 15:36:24]
Gelöscht : RP #440 [Installed Java 7 Update 51 | 01/17/2014 09:12:59]
Gelöscht : RP #441 [Windows Update | 01/19/2014 10:26:09]
Gelöscht : RP #443 [Windows Update | 01/21/2014 07:54:22]
Gelöscht : RP #447 [Windows Update | 01/24/2014 22:20:17]
Gelöscht : RP #448 [Windows Update | 01/28/2014 17:44:31]
Gelöscht : RP #450 [Windows Update | 01/31/2014 15:33:18]
Gelöscht : RP #454 [Windows Update | 02/04/2014 18:57:22]
Gelöscht : RP #455 [Windows Update | 02/05/2014 09:23:22]
Gelöscht : RP #456 [avast! antivirus system restore point | 02/05/2014 09:29:23]
Gelöscht : RP #457 [Windows Update | 02/07/2014 12:15:09]
Gelöscht : RP #458 [Windows Update | 02/07/2014 12:49:45]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
wissen Sie vielleicht voran das liegen kann? danke |
|
08.02.2014, 16:51
| #8 |
| /// the machine /// TB-Ausbilder | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) welcher Fehlercode wird denn bei dem update angezeigt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.02.2014, 09:26
| #9 |
| | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) ich glaube es hat sich erledigt, irgendwie hat der PC die Updates doch noch alle installiert. lg |
|
14.02.2014, 06:45
| #10 |
| /// the machine /// TB-Ausbilder | MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) ok
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu MBAM hat Trojaner gefunden: C:\...\WebTect\trzF037.tmp (Trojan.SProtector) |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, bingbar, bluescreen, bonjour, browser, combofix, converter, cyberghost, diagnostics, entfernen, error, excel, fehler, flash player, google, home, iexplore.exe, install.exe, installation, launch, lightning, logfile, mozilla, officejet, realtek, registry, rojaner gefunden, rundll, scan, secunia psi, security, software, svchost.exe, tracker, trojan.sprotector, trojaner |
Linear-Darstellung
