|
Plagegeister aller Art und deren Bekämpfung: Extrem Langsamer PC (Internet, Download, AntiVir)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.02.2014, 19:28 | #1 |
| Extrem Langsamer PC (Internet, Download, AntiVir) Hallo, da Ich nicht genau weiß, obs nu ein Virus ist, poste Ich mal hier. (Windows 7) Mein PC ist seit zwei Tagen immens langsam; vorwiegend Browser (Chrome UND Firefox); Downloads sind natürlich im Schneckentempo, Updates für Avira usw funktionierten erstmal gar nicht. Außerdem musste Ich feststellen, dass Avira AntiVir abgestellt war obwohl Ich das nicht ausstellte. Windows wieß mich erst darauf hin und obowohl Avira aktiviert war, hat Windows das nicht erkannt. Updates funktionieren nicht richtig. Das Internet kann Ich kaum betreten, da so langsam. Ich hatte einen Systemswiederherstellungspunkt von Anfang des Monats gewählt, da Ich wirklich weiterarbeiten musste und hoffte es bringe was. Jedenfalls wurden Chrome und Avira dadurch entfernt. malwarebytes habe Ich standardmäßig auf dem PC also habe Ich das mal durchlaufen lassen ohne virusprogram an; Ich würd normalerweise nichts auf eigene Faust machen, aber Ich hab das Problem ehrlich gesagt gar nicht so arg eingeschätzt. nach wiederherstellung ist es immernoch so schrecklich langsam. bitte helft mir :C Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.26.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16686 Neslihan :: NESLIHAN-PC [Administrator] 26.09.2013 18:59:58 mbam-log-2013-09-26 (18-59-58).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 249274 Laufzeit: 1 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 2 C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> 1612 -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> 2132 -> Löschen bei Neustart. Infizierte Speichermodule: 1 C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.PerformerSoft.A) -> Löschen bei Neustart. Infizierte Registrierungsschlüssel: 14 HKLM\SYSTEM\CurrentControlSet\Services\BitGuard (PUP.Optional.PerformerSoft.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444c3c5-6c56-4a16-a453-832b05bf6ea4} (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\somotomoviestoolbar1 (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Redir (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Löschen bei Neustart. HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\DATAMNGR (PUP.Optional.MoviesToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 6 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Daten: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=ECE5BC5FF4BFAA1F&affID=119403&tt=150913_enh&tsp=5009 -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Löschen bei Neustart. HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Daten: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Somoto\SDP|affid (PUP.Optional.Somoto.A) -> Daten: network_adworkmedia_1 -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Datamngr|uninstallstring (PUP.Optional.MoviesToolbar.A) -> Daten: C:\Program Files (x86)\Movies Toolbar\SafetyNut\uninstall.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SYSTEM\CurrentControlSet\Services\BitGuard|ImagePath (PUP.Optional.BitGuard.A) -> Daten: C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 2 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.PerformerSoft.A) -> Bösartig: (c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll) Gut: () -> Löschen bei Neustart. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Bösartig: (hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=ECE5BC5FF4BFAA1F&affID=119403&tt=150913_enh&tsp=5009) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt. Infizierte Verzeichnisse: 9 C:\Users\Neslihan\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BitGuard.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\Users\Neslihan\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Movies Toolbar\SafetyNut (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64 (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 39 C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll (PUP.Optional.PerformerSoft.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe (PUP.Optional.PerformerSoft.A) -> Löschen bei Neustart. C:\ProgramData\DSearchLink\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\73ddInstaller.exe (PUP.Optional.VIT) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\instloffer.exe (PUP.Optional.VIT.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\Temp\1754C035-BAB0-7891-B6C7-828836C0B4E4\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\FilesFrog Update Checker\uninstall.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.settings (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BitGuard.A) -> Löschen bei Neustart. C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Movies Toolbar\SafetyNut\del_DM_LL_nsiEBF9.dll (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\del_DM_LL_nsiEBF9.dll (PUP.Optional.MoviesToolBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
12.02.2014, 22:53 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Hallo und
__________________Zitat:
Lesestoff: Warum wir Avira nicht mehr empfehlen Avira liefert seit einiger Zeit mit der Standardinstallation die Ask Toolbar mit aus. Diese Toolbar ist Voraussetzung dafür, dass der Webguard zuverlässig funktioniert. Die Ask Toolbar ist dafür bekannt, dass sie das Surfverhalten des Benutzers ausspioniert, um damit in letzter Konsequenz Geld zu verdienen. Daher wird diese Toolbar von uns als "schädlich" eingestuft. Mehr Informationen. Eine Sicherheitsfirma, die dem Benutzer praktisch ungefragt schädliche Software "unterjubelt", scheidet für uns daher aus. Wir empfehlen daher allen Nutzern von Avira aufgrund dieser Geschäftspraktik, der teilweise äußerst schlechten Erkennungsrate und der überaus nervtötenden Werbung Avira zu deinstallieren und auf ein alternatives Produkt auszuweichen. Solltest du dich zu einem Wechsel entscheiden, empfehlen wir dir nach der Deinstallation mit dem Avira-Cleaner alle Reste zu entfernen. Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
12.02.2014, 23:47 | #3 |
| Extrem Langsamer PC (Internet, Download, AntiVir) Hallo cosinus,
__________________lieben Dank für das Willkommenheißen und Deine Hilfe! Ich verzweifle hier langsam D: Wow, dass Avira so skrupellos ist, wusste Ich nicht. Danke für die Info. Ich habe vorübergehend AVG installiert, weil Ich merkte, dass beim beim Wiederinstallieren von Avira wieder Probleme entstanden also habe Ich es gleich einmal gelassen. Welche Software Ich nun nehmen soll, weiß ich nicht, bin offen für Empfehlungen .... Ich poste mal vorhergehende Malwarebytes logs MIT FUNDEN Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.07.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Neslihan :: NESLIHAN-PC [Administrator] 11.02.2014 23:09:12 mbam-log-2014-02-11 (23-09-12).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 616718 Laufzeit: 43 Minute(n), 4 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 4 C:\Users\Neslihan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M60PQH7Y\Setup[1].exe (PUP.Optional.Glindorus.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Neslihan\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows.old\Users\Neslihan\Desktop\office2010\WLX\mini-KMS Activator v1.1 FiNAL.exe (Riskware.Crk) -> Erfolgreich gelöscht und in Quarantäne gestellt. D:\$RECYCLE.BIN\S-1-5-21-4071366543-1694281726-3121886136-1000\$RME60RU.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.07.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Neslihan :: NESLIHAN-PC [Administrator] 07.02.2014 22:57:09 mbam-log-2014-02-07 (22-57-09).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 213945 Laufzeit: 2 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCU\Software\InstalledBrowserExtensions\Crossrider (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Vittalia\AxtanInstaller (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.23.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Neslihan :: NESLIHAN-PC [Administrator] 23.01.2014 23:36:39 mbam-log-2014-01-23 (23-36-39).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 212154 Laufzeit: 2 Minute(n), 6 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 2 HKCU\Software\AppDataLow\Software\Crossrider (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\SMARTBAR (PUP.Optional.SnapDo.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 1 HKCU\Software\Smartbar|Publisher (PUP.Optional.SnapDo.A) -> Daten: SnapdoGOblidooYB -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Das geht also bis zum 23.1. zurück - ältere lass Ich mal? FARBAR'S FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 Ran by Neslihan (administrator) on NESLIHAN-PC on 12-02-2014 23:06:57 Running from C:\Users\Neslihan\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (xwidget.com) D:\Programme\XWidget\xwidget.exe (Spotify Ltd) C:\Users\Neslihan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgui.exe (Wacom Technology, Corp.) C:\Windows\system32\WTablet\Pen_TabletUser.exe (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Microsoft Corporation) C:\Windows\sysWow64\SearchProtocolHost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-10-17] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] - D:\Programme\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-2549670680-3362463661-2922105165-1000\...\Run: [xwidget] - D:\Programme\XWidget\xwidget.exe [1811968 2013-06-09] (xwidget.com) HKU\S-1-5-21-2549670680-3362463661-2922105165-1000\...\Run: [Spotify Web Helper] - C:\Users\Neslihan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-22] (Spotify Ltd) HKU\S-1-5-21-2549670680-3362463661-2922105165-1000\...\MountPoints2: {333018b2-1035-11e3-ad86-806e6f6e6963} - E:\ASRSetup.exe AppInit_DLLs: C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL => File Not Found AppInit_DLLs-x32: c:\progra~2\movies~1\safety~1\safety~2.dll => File Not Found Startup: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ==================== Internet (Whitelisted) ==================== BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\y4ljwfsl.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Neslihan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Neslihan\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKCU: LWAPlugin15.8 - C:\Users\Neslihan\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Neslihan\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll (Microsoft Corporation) FF Extension: FireFTP - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\y4ljwfsl.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-12-23] FF Extension: Adblock Plus - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\y4ljwfsl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-12] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-09-12] FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (OnLive Game Client Detector) - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Unity Player) - C:\Users\Neslihan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Neslihan\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) CHR Plugin: (Microsoft Lync Web App Plug-in) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) CHR Extension: (Adblock Plus) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-15] CHR Extension: (No Name) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhambhgmoihmhbfjmmaciggnfcfkflo [2013-12-15] CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-09-13] CHR Extension: (XKit) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2013-11-04] CHR Extension: (AdBlock) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-04] CHR Extension: (FabCam) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2013-12-15] CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2013-11-04] CHR Extension: (No Name) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jklljiahjgoglchglekebfljnmbaleig [2013-12-15] CHR Extension: (Chat Undetected) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa [2013-11-04] CHR Extension: (Google Wallet) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (No Name) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2013-12-15] CHR HKLM\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Neslihan\AppData\Local\foxtab_speeddial.crx [2013-10-26] CHR HKCU\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Neslihan\AppData\Local\foxtab_speeddial.crx [2013-10-26] CHR HKLM-x32\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Neslihan\AppData\Local\foxtab_speeddial.crx [2013-10-26] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-27] (Adobe Systems) S2 AVGIDSAgent; D:\Programme\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.) R2 avgwd; D:\Programme\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) S4 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-01-28] (Intel Corporation) S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] () S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S3 Microsoft SharePoint Workspace Audit Service; D:\Programme\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation) S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor) S2 AntiVirSchedulerService; "D:\Programme\Avira\AntiVir Desktop\sched.exe" [X] S2 AntiVirService; "D:\Programme\Avira\AntiVir Desktop\avguard.exe" [X] S4 AntiVirWebService; "D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X] ==================== Drivers (Whitelisted) ==================== S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2013-09-10] (ASRock Incorporation) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation) S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-09-08] (FNet Co., Ltd.) R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-08-29] (FNet Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] () R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2011-04-08] (Realtek Semiconductor Corporation ) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-18] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-12 23:06 - 2014-02-12 23:07 - 00021706 _____ () C:\Users\Neslihan\Desktop\FRST.txt 2014-02-12 23:06 - 2014-02-12 23:06 - 00000000 ____D () C:\FRST 2014-02-12 23:05 - 2014-02-12 23:05 - 00001992 _____ () C:\Users\Neslihan\Desktop\JRT.txt 2014-02-12 23:02 - 2014-02-12 23:02 - 00000000 ____D () C:\Windows\ERUNT 2014-02-12 23:01 - 2014-02-12 23:02 - 02152448 _____ (Farbar) C:\Users\Neslihan\Desktop\FRST64.exe 2014-02-12 23:01 - 2014-02-12 23:01 - 01037530 _____ (Thisisu) C:\Users\Neslihan\Desktop\JRT.exe 2014-02-12 22:59 - 2014-02-12 22:59 - 00000056 _____ () C:\Windows\setupact.log 2014-02-12 22:59 - 2014-02-12 22:59 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-12 22:58 - 2014-02-12 22:58 - 00002738 _____ () C:\Windows\PFRO.log 2014-02-12 22:56 - 2014-02-12 22:57 - 00000000 ____D () C:\AdwCleaner 2014-02-12 22:55 - 2014-02-12 22:55 - 01166132 _____ () C:\Users\Neslihan\Desktop\adwcleaner.exe 2014-02-12 22:46 - 2014-02-12 22:46 - 00009478 _____ () C:\cc_20140212_224637_2.reg 2014-02-12 22:37 - 2014-02-12 22:37 - 00088546 _____ () C:\cc_20140212_223727.reg 2014-02-12 22:36 - 2014-02-12 22:36 - 00000674 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-12 22:07 - 2014-02-12 22:07 - 00614792 _____ (Chip Digital GmbH) C:\Users\Neslihan\Downloads\CCleaner - CHIP-Downloader.exe 2014-02-12 21:42 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-12 21:42 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-12 21:42 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-12 21:42 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-12 19:39 - 2014-02-12 19:39 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\AVG2014 2014-02-12 19:38 - 2014-02-12 19:38 - 00000734 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ___HD () C:\$AVG 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\TuneUp Software 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\ProgramData\AVG2014 2014-02-12 17:50 - 2014-02-12 21:28 - 00000000 ____D () C:\ProgramData\MFAData 2014-02-12 17:50 - 2014-02-12 21:16 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Avg2014 2014-02-12 17:50 - 2014-02-12 17:50 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\MFAData 2014-02-12 17:48 - 2014-02-12 17:49 - 04435328 _____ (AVG Technologies) C:\Users\Neslihan\Downloads\avg_avct_stb_all_2014_4158_futuretest2.exe 2014-02-12 17:29 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-12 17:29 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-12 17:29 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-12 17:29 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-12 17:29 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-12 17:29 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-12 17:29 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-12 17:29 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-12 17:29 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-12 17:29 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-12 17:29 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-12 17:29 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-12 17:29 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-12 17:29 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-12 17:29 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-12 17:29 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-12 17:29 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-12 17:29 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-12 17:29 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-12 17:29 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-12 17:29 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-12 17:29 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-12 17:29 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-12 17:29 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-12 17:29 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-12 17:29 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 17:29 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-12 17:29 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-12 17:29 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-12 17:29 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-12 17:29 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-12 17:29 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-12 17:29 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-12 17:29 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-12 17:29 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-12 17:29 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-12 17:29 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-12 17:29 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-12 17:29 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-12 17:15 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-12 17:15 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-12 17:14 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-12 17:14 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-12 17:14 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-12 17:14 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-12 17:14 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-12 17:14 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-12 17:14 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-12 17:14 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-12 17:14 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-12 17:14 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-12 17:14 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-12 17:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-12 17:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-12 17:14 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-12 17:14 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-12 17:14 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-12 17:14 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-12 17:14 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-12 17:08 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-12 17:08 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-12 15:21 - 2014-02-12 15:21 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Avira 2014-02-12 14:40 - 2014-02-12 17:03 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-12 14:40 - 2014-02-12 15:16 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-02-12 14:32 - 2014-02-12 14:32 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-01-31 13:32 - 2014-01-31 13:32 - 00001271 _____ () C:\Users\Neslihan\Desktop\DC Universe Online PSG.lnk 2014-01-27 19:03 - 2014-01-27 19:03 - 00000000 ____D () C:\Users\Neslihan\Documents\Updater 2014-01-27 17:57 - 2014-01-27 17:57 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2014-01-27 17:56 - 2014-01-27 17:56 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-01-27 17:56 - 2004-08-17 02:40 - 00016384 _____ () C:\Windows\SysWOW64\FileOps.exe 2014-01-15 14:42 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 14:42 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 14:42 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-14 23:48 - 2014-01-14 23:55 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Notepad++ 2014-01-14 23:48 - 2014-01-14 23:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ ==================== One Month Modified Files and Folders ======= 2014-02-12 23:07 - 2014-02-12 23:06 - 00021706 _____ () C:\Users\Neslihan\Desktop\FRST.txt 2014-02-12 23:06 - 2014-02-12 23:06 - 00000000 ____D () C:\FRST 2014-02-12 23:06 - 2011-04-12 08:43 - 00658476 _____ () C:\Windows\system32\perfh007.dat 2014-02-12 23:06 - 2011-04-12 08:43 - 00131346 _____ () C:\Windows\system32\perfc007.dat 2014-02-12 23:06 - 2009-07-14 06:13 - 01510528 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-12 23:05 - 2014-02-12 23:05 - 00001992 _____ () C:\Users\Neslihan\Desktop\JRT.txt 2014-02-12 23:03 - 2013-08-29 00:00 - 02075137 _____ () C:\Windows\WindowsUpdate.log 2014-02-12 23:02 - 2014-02-12 23:02 - 00000000 ____D () C:\Windows\ERUNT 2014-02-12 23:02 - 2014-02-12 23:01 - 02152448 _____ (Farbar) C:\Users\Neslihan\Desktop\FRST64.exe 2014-02-12 23:02 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-12 23:02 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-12 23:01 - 2014-02-12 23:01 - 01037530 _____ (Thisisu) C:\Users\Neslihan\Desktop\JRT.exe 2014-02-12 23:00 - 2013-10-17 22:27 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\WTablet 2014-02-12 23:00 - 2013-08-29 08:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-12 22:59 - 2014-02-12 22:59 - 00000056 _____ () C:\Windows\setupact.log 2014-02-12 22:59 - 2014-02-12 22:59 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-12 22:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-12 22:58 - 2014-02-12 22:58 - 00002738 _____ () C:\Windows\PFRO.log 2014-02-12 22:57 - 2014-02-12 22:56 - 00000000 ____D () C:\AdwCleaner 2014-02-12 22:55 - 2014-02-12 22:55 - 01166132 _____ () C:\Users\Neslihan\Desktop\adwcleaner.exe 2014-02-12 22:48 - 2013-08-29 09:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-12 22:46 - 2014-02-12 22:46 - 00009478 _____ () C:\cc_20140212_224637_2.reg 2014-02-12 22:38 - 2013-10-21 23:01 - 00000000 ____D () C:\Program Files (x86)\360 2014-02-12 22:38 - 2013-08-29 08:05 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-12 22:37 - 2014-02-12 22:37 - 00088546 _____ () C:\cc_20140212_223727.reg 2014-02-12 22:36 - 2014-02-12 22:36 - 00000674 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-12 22:36 - 2013-10-28 00:12 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\FileZilla 2014-02-12 22:36 - 2013-09-17 12:56 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-12 22:36 - 2013-09-08 19:37 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\CrashDumps 2014-02-12 22:36 - 2013-08-29 10:11 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Winamp 2014-02-12 22:36 - 2013-08-29 00:50 - 00000000 ____D () C:\Windows\Panther 2014-02-12 22:36 - 2013-08-28 23:57 - 00000000 ____D () C:\Windows\Minidump 2014-02-12 22:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-02-12 22:07 - 2014-02-12 22:07 - 00614792 _____ (Chip Digital GmbH) C:\Users\Neslihan\Downloads\CCleaner - CHIP-Downloader.exe 2014-02-12 21:28 - 2014-02-12 17:50 - 00000000 ____D () C:\ProgramData\MFAData 2014-02-12 21:16 - 2014-02-12 17:50 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Avg2014 2014-02-12 19:39 - 2014-02-12 19:39 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\AVG2014 2014-02-12 19:38 - 2014-02-12 19:38 - 00000734 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ___HD () C:\$AVG 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\TuneUp Software 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\ProgramData\AVG2014 2014-02-12 18:17 - 2013-09-07 21:29 - 00001456 _____ () C:\Users\Neslihan\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-02-12 17:50 - 2014-02-12 17:50 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\MFAData 2014-02-12 17:49 - 2014-02-12 17:48 - 04435328 _____ (AVG Technologies) C:\Users\Neslihan\Downloads\avg_avct_stb_all_2014_4158_futuretest2.exe 2014-02-12 17:33 - 2013-09-09 20:29 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-12 17:29 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini 2014-02-12 17:09 - 2013-08-29 09:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-12 17:08 - 2013-08-29 09:48 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-12 17:03 - 2014-02-12 14:40 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-12 17:03 - 2013-09-29 22:08 - 00000000 ____D () C:\Users\Neslihan\Documents\xwidget 2014-02-12 17:03 - 2013-09-10 15:33 - 00000000 __RHD () C:\MSOCache 2014-02-12 17:03 - 2013-09-07 23:53 - 00000000 ____D () C:\ProgramData\Avira 2014-02-12 17:03 - 2013-09-07 11:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-02-12 17:03 - 2013-08-29 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-02-12 17:03 - 2013-08-29 08:05 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Google 2014-02-12 17:03 - 2013-08-29 08:05 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-12 17:03 - 2013-08-29 00:06 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\TP-LINK 2014-02-12 17:03 - 2013-08-29 00:00 - 00000000 ____D () C:\Users\Neslihan 2014-02-12 17:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-02-12 17:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-02-12 17:02 - 2013-08-29 00:08 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Last.fm 2014-02-12 15:21 - 2014-02-12 15:21 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Avira 2014-02-12 15:16 - 2014-02-12 14:40 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-02-12 14:32 - 2014-02-12 14:32 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-02-11 23:06 - 2013-10-26 22:30 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\SoulseekQt 2014-02-06 13:16 - 2014-02-12 17:29 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-12 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-12 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-12 17:29 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-12 17:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-12 17:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-12 17:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-12 17:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 11:52 - 2014-02-12 17:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 11:49 - 2014-02-12 17:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-12 17:29 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-12 17:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-12 17:29 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-12 17:29 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-12 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-12 17:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 11:11 - 2014-02-12 17:29 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-12 17:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-12 17:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-12 17:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-12 17:29 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-12 17:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-12 17:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-12 17:29 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 10:49 - 2014-02-12 17:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 10:47 - 2014-02-12 17:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-12 17:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-12 17:29 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 10:25 - 2014-02-12 17:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 10:24 - 2014-02-12 17:29 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 10:22 - 2014-02-12 17:29 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-12 17:29 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-12 17:29 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-12 17:29 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-12 17:29 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-12 17:29 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-12 17:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-12 17:29 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-12 17:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-01-31 13:32 - 2014-01-31 13:32 - 00001271 _____ () C:\Users\Neslihan\Desktop\DC Universe Online PSG.lnk 2014-01-29 11:59 - 2009-07-14 05:45 - 05172624 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-01-28 18:10 - 2013-08-29 07:58 - 00125888 _____ () C:\Users\Neslihan\AppData\Local\GDIPFONTCACHEV1.DAT 2014-01-27 19:03 - 2014-01-27 19:03 - 00000000 ____D () C:\Users\Neslihan\Documents\Updater 2014-01-27 19:03 - 2013-08-29 08:08 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Adobe 2014-01-27 19:02 - 2013-08-29 09:36 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Adobe 2014-01-27 17:57 - 2014-01-27 17:57 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2014-01-27 17:57 - 2013-08-29 08:08 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-01-27 17:57 - 2013-08-29 00:01 - 00000000 ___RD () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-27 17:56 - 2014-01-27 17:56 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-01-27 17:56 - 2013-08-29 08:08 - 00000000 ____D () C:\ProgramData\Adobe 2014-01-24 00:02 - 2013-12-19 00:02 - 00000103 _____ () C:\Users\Neslihan\AppData\Roaming\WB.CFG 2014-01-23 22:49 - 2013-09-07 23:38 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Mozilla 2014-01-23 11:19 - 2013-08-29 09:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-23 11:19 - 2013-08-29 09:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-23 11:19 - 2013-08-29 09:37 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-22 20:46 - 2013-09-07 17:39 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Spotify 2014-01-22 18:08 - 2013-09-07 17:40 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Spotify 2014-01-22 12:29 - 2013-09-07 17:40 - 00001768 _____ () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-01-15 13:57 - 2013-11-17 12:00 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Skype 2014-01-14 23:55 - 2014-01-14 23:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Notepad++ 2014-01-14 23:48 - 2014-01-14 23:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ Some content of TEMP: ==================== C:\Users\Neslihan\AppData\Local\Temp\4E954E.dll C:\Users\Neslihan\AppData\Local\Temp\5CBD5C.dll C:\Users\Neslihan\AppData\Local\Temp\807A80.dll C:\Users\Neslihan\AppData\Local\Temp\941894.dll C:\Users\Neslihan\AppData\Local\Temp\AC47AC.dll C:\Users\Neslihan\AppData\Local\Temp\BC17BC.dll C:\Users\Neslihan\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-08 01:13 ==================== End Of Log ============================ --- --- --- Übrigens dauert es nun auch länger, bis Windows hochfährt. Sonst war er in 4 Sekunden hochgefahren, nun ist es deutlich länger bis zum Loginfenster schwarz. ^ habe den obigen Beitrag editiert, bitte refresh falls nicht schon geschehen übrigens, beim Versuch die Reste von Avira zu entfernen passiert folgendes: |
12.02.2014, 23:55 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Das andere FRST Log fehlt. Und sowas: Zitat:
Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
12.02.2014, 23:59 | #5 |
| Extrem Langsamer PC (Internet, Download, AntiVir) Ich Danke Dir vielmals für Deine Hilfe, besonders um diese Uhrzeit, Ich hoffe dass Ich morgen einigermaßen weiterarbeiten kann :C oh mann das bei der deadline morgen (( Ehrlichgesagt weiß Ich nicht, und das meine Ich ernst, was "C:\Windows.old\Users\Neslihan\Desktop\office2010\WLX\mini-KMS Activator v1.1 FiNAL.exe " für eine Datei ist? Ich habe Windows legal erworben (falls nötig kann Ich per PN meine Serial vorlegen :P) - was muss Ich genau nun deinstallieren?? :O Ich hab gerad Angst, dass Ich ein fake gekauft hab - bitte um Rat, wie Ich das löschen kann - auf anhieb finde Ich diese Datei nicht? EDIT: Anderer LOG Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014 Ran by Neslihan at 2014-02-12 23:07:12 Running from C:\Users\Neslihan\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== 3DMark 11 (x32 Version: 1.0.5 - Futuremark Corporation) ÃÀͼ¿´¿´ 2.2.7 (HKCU Version: 2.2.7 - Meitu, Inc.) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Acrobat.com (x32 Version: 1.1.377 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (x32 Version: 11.0.06 - Adobe Systems) Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden Adobe Creative Cloud (x32 Version: 2.2.0.248 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden Adobe InDesign CC (x32 Version: 9.0 - Adobe Systems Incorporated) Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated) Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated) Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Support Advisor (x32 Version: 1.6.1 - Adobe Systems Incorporated) Hidden Adobe Support Advisor (x32 Version: 1.6.1.20120504 - Adobe Systems Incorporated) Adobe SVG Viewer 3.0 (x32 Version: 3.0 - Adobe Systems, Inc.) Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18 - Amazon Services LLC) Apple Application Support (x32 Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.) ArtRage 2 (x32 Version: 2.5.20 - Ambient Design) ASRock App Charger v1.0.5 (Version: - ASRock Inc.) ASRock SmartConnect v1.0.6 (Version: - ASRock Inc.) ASRock XFast RAM v2.0.28 (Version: - ASRock Inc.) AVG 2014 (Version: 14.0.3697 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4335 - AVG Technologies) Hidden AVG 2014 (Version: 2014.0.4335 - AVG Technologies) Bonjour (Version: 3.0.0.10 - Apple Inc.) Botanicula (x32 Version: 1.0 - Amanita Design, s.r.o.) BulletProof FTP Server (remove only) (x32 Version: - BulletProof Software LLC) CCleaner (Version: 4.10 - Piriform) Chat Undetected (x32 Version: 1.28.153.4 - Crossrider) Cyberduck 4.4.3 (14140) (x32 Version: 4.4.3 (14140) - ) DC Universe Online Live (HKCU Version: - Sony Online Entertainment) DC Universe Online PSG (HKCU Version: 1.0.3.183 - Sony Online Entertainment) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft) Desura (x32 Version: 100.53 - Desura) Fibrillation version 1.1 (x32 Version: 1.1 - Mechanical Starling) FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse) Foxtab (x32 Version: - FoxTab) <==== ATTENTION Futuremark SystemInfo (x32 Version: 4.17.0 - Futuremark Corporation) Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden Intel(R) Control Center (x32 Version: 1.2.1.1011 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation) Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation) Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Hidden Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden Intel(R) Small Business Advantage (x32 Version: 2.0.30.6644 - Intel(R) Corporation) Intel(R) Smart Connect Technology 4.1 x64 (Version: 4.1.40.2143 - Intel) Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.0.0.100 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (Version: 11.1.2.32 - Apple Inc.) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH) Last.fm Scrobbler 2.1.36 (x32 Version: - Last.fm) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Lync Web App Plug-in (Version: 15.8.8653.0 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) NirSoft BlueScreenView (x32 Version: - ) Notepad++ (x32 Version: 6.5.3 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 320.49 (Version: 320.49 - NVIDIA Corporation) NVIDIA Grafiktreiber 320.49 (Version: 320.49 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden ONE TOUCH Upgrade S 2.8.0 (x32 Version: - TCL Communication Technology Holdings Limited) OnLive (x32 Version: - OnLive) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (x32 Version: 6.0.1.6865 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group) RUBICon (x32 Version: 2.0.25 - RUB) Samsung_MonSetup (x32 Version: 1.00.0000 - Samsung) SCR3xxx Smart Card Reader (x32 Version: 8.40 - SCM Microsystems) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.) Snap.Do (x32 Version: 1.138.1.12198 - ReSoft Ltd.) <==== ATTENTION SoulseekQt (x32 Version: - ) Speccy (Version: 1.22 - Piriform) Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB) Steam (x32 Version: 1.0.0.0 - Valve Corporation) Stifttablett (x32 Version: - Wacom Technology Corp.) TP-LINK TL-WN723N Driver (x32 Version: 1.1.0 - TP-LINK) TP-LINK Wireless Configuration Utility (x32 Version: 1.1.0 - TP-LINK) Unity Web Player (HKCU Version: - Unity Technologies ApS) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) XFastUSB (x32 Version: 3.02.31 - ASRock Inc.) XWidget Ver1.84 (x32 Version: - XWidget Software) 美图秀秀 3.9.4 (x32 Version: - 美图网) ==================== Restore Points ========================= 12-02-2014 11:49:18 Windows Update 12-02-2014 14:27:24 Wiederherstellungsvorgang 12-02-2014 16:08:09 Windows Update 12-02-2014 16:28:59 Windows Update 12-02-2014 18:38:16 Installed AVG 2014 12-02-2014 18:38:23 Installed AVG 2014 12-02-2014 21:39:57 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 12-02-2014 21:52:21 Windows Update ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {1BA6BBED-C888-4293-9BF8-7AEB15ED961B} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) Task: {222FF5E2-A775-488B-AEBA-796CFF45DA85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.) Task: {4E41C572-406B-4249-97DE-863E93060446} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {5F6576BF-8D57-4359-B959-7CADEEE51032} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2013-01-28] (Intel Corporation) Task: {85E5072A-83B6-4AF9-B965-5D94F2FB5346} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {9663C10B-AA2A-45CF-8369-B1088708CD03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C4E2A592-7902-4ADA-9E97-0E30D382C23A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-23] (Adobe Systems Incorporated) Task: {E4D84754-9D7E-40E2-A947-73225BB3C510} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.) Task: {FE4A3BED-EC52-44BB-A939-FC02177CA321} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Programme\Filezilla\FileZilla FTP Client\fzshellext_64.dll 2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-29 22:08 - 2009-08-12 11:09 - 00077824 _____ () D:\Programme\XWidget\Res\Lib\lib.dll 2012-09-23 19:43 - 2012-09-23 19:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: APNMCP => 2 MSCONFIG\Services: Desura Install Service => 3 MSCONFIG\Services: Futuremark SystemInfo Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2 MSCONFIG\Services: intelsba => 3 MSCONFIG\Services: ISCTAgent => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: RtkAudioService => 2 MSCONFIG\Services: SafetyNutManager => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BCSSync => "D:\Programme\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 4016.46 MB Available physical RAM: 2517.23 MB Total Pagefile: 8031.11 MB Available Pagefile: 6548.27 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.24 GB) (Free:58.01 GB) NTFS Drive d: (Volume) (Fixed) (Total:931.41 GB) (Free:864.79 GB) NTFS Drive e: (JEEVES_AND_WOOSTER_DVD1) (CDROM) (Total:6.86 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 29C690AD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 29C690D5) Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Geändert von monchou (13.02.2014 um 00:05 Uhr) |
13.02.2014, 00:11 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Steht doch da was das ist. Ist von deinem alten Desktop und Mini-KMS ist ein Crack für Office 2010. Und siehe da, das hast du auch installiert: Zitat:
__________________ --> Extrem Langsamer PC (Internet, Download, AntiVir) |
13.02.2014, 00:13 | #7 |
| Extrem Langsamer PC (Internet, Download, AntiVir) Achsoo okay, als Ich den Pfad der da stand eingegeben hab, wurde nichts dergleichen gefunden. Ich lösche nun alles, was mit Office zu tun hat. Mit welchem Logfile kann Ich Dir dann meinen sauberen Rechner dann nachweisen, damit es weitergeht? |
13.02.2014, 00:15 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Einfach neue FRST Logs machen. Vor dem Scannen Haken setzen bei additions
__________________ Logfiles bitte immer in CODE-Tags posten |
13.02.2014, 00:22 | #9 |
| Extrem Langsamer PC (Internet, Download, AntiVir) Soo Ich hoffe es kann nun weitergehen. Also Ich will Deine zeit nicht damit rauben, mit rechtfertigungen, aber das ist tatsächlich noch von meinem Vorgänger des PCs. Hab den neu aufgesetzt aber die Office entpackt, die noch drauf war. War ein Fehler :l Ansonsten hätte Ich das gewusst, hätte Ich nicht dreist etwas illegales gepostet. Daher bitte Ich um Entschuldigung,falls es so rüberkam. Vll lohnt sich ein komplettes neuaufsetzen? was Ich aber nicht hoffe Hoffe es kann nu weitergehen? Vielen vielen lieben Dank Ich weiß die Hilfe sehr zu schätzen Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-02-2014 Ran by Neslihan at 2014-02-13 00:19:46 Running from C:\Users\Neslihan\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== 3DMark 11 (x32 Version: 1.0.5 - Futuremark Corporation) ÃÀͼ¿´¿´ 2.2.7 (HKCU Version: 2.2.7 - Meitu, Inc.) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Acrobat.com (x32 Version: 1.1.377 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (x32 Version: 11.0.06 - Adobe Systems) Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden Adobe Creative Cloud (x32 Version: 2.2.0.248 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden Adobe InDesign CC (x32 Version: 9.0 - Adobe Systems Incorporated) Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated) Adobe Reader 9 (x32 Version: 9.0.0 - Adobe Systems Incorporated) Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Support Advisor (x32 Version: 1.6.1 - Adobe Systems Incorporated) Hidden Adobe Support Advisor (x32 Version: 1.6.1.20120504 - Adobe Systems Incorporated) Adobe SVG Viewer 3.0 (x32 Version: 3.0 - Adobe Systems, Inc.) Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Adobe® Content Viewer (x32 Version: 3.3.0 - Adobe Systems Incorporated) Hidden Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18 - Amazon Services LLC) Apple Application Support (x32 Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.) ArtRage 2 (x32 Version: 2.5.20 - Ambient Design) ASRock App Charger v1.0.5 (Version: - ASRock Inc.) ASRock SmartConnect v1.0.6 (Version: - ASRock Inc.) ASRock XFast RAM v2.0.28 (Version: - ASRock Inc.) AVG 2014 (Version: 14.0.3697 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4335 - AVG Technologies) Hidden AVG 2014 (Version: 2014.0.4335 - AVG Technologies) Bonjour (Version: 3.0.0.10 - Apple Inc.) Botanicula (x32 Version: 1.0 - Amanita Design, s.r.o.) BulletProof FTP Server (remove only) (x32 Version: - BulletProof Software LLC) CCleaner (Version: 4.10 - Piriform) Chat Undetected (x32 Version: 1.28.153.4 - Crossrider) Cyberduck 4.4.3 (14140) (x32 Version: 4.4.3 (14140) - ) DC Universe Online Live (HKCU Version: - Sony Online Entertainment) DC Universe Online PSG (HKCU Version: 1.0.3.183 - Sony Online Entertainment) Desura (x32 Version: 100.53 - Desura) Fibrillation version 1.1 (x32 Version: 1.1 - Mechanical Starling) FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse) Foxtab (x32 Version: - FoxTab) <==== ATTENTION Futuremark SystemInfo (x32 Version: 4.17.0 - Futuremark Corporation) Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden Intel(R) Control Center (x32 Version: 1.2.1.1011 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation) Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation) Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Intel(R) Network Connections 18.2.63.0 (Version: 18.2.63.0 - Intel) Hidden Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden Intel(R) Small Business Advantage (x32 Version: 2.0.30.6644 - Intel(R) Corporation) Intel(R) Smart Connect Technology 4.1 x64 (Version: 4.1.40.2143 - Intel) Intel(R) Update Manager (x32 Version: 1.0.0.36888 - Intel Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 2.0.0.100 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden iTunes (Version: 11.1.2.32 - Apple Inc.) Java 7 Update 45 (x32 Version: 7.0.450 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH) Last.fm Scrobbler 2.1.36 (x32 Version: - Last.fm) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft Lync Web App Plug-in (Version: 15.8.8653.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) NirSoft BlueScreenView (x32 Version: - ) Notepad++ (x32 Version: 6.5.3 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 320.49 (Version: 320.49 - NVIDIA Corporation) NVIDIA Grafiktreiber 320.49 (Version: 320.49 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden ONE TOUCH Upgrade S 2.8.0 (x32 Version: - TCL Communication Technology Holdings Limited) OnLive (x32 Version: - OnLive) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Realtek High Definition Audio Driver (x32 Version: 6.0.1.6865 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group) RUBICon (x32 Version: 2.0.25 - RUB) Samsung_MonSetup (x32 Version: 1.00.0000 - Samsung) SCR3xxx Smart Card Reader (x32 Version: 8.40 - SCM Microsystems) Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.) Snap.Do (x32 Version: 1.138.1.12198 - ReSoft Ltd.) <==== ATTENTION SoulseekQt (x32 Version: - ) Speccy (Version: 1.22 - Piriform) Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB) Steam (x32 Version: 1.0.0.0 - Valve Corporation) Stifttablett (x32 Version: - Wacom Technology Corp.) TP-LINK TL-WN723N Driver (x32 Version: 1.1.0 - TP-LINK) TP-LINK Wireless Configuration Utility (x32 Version: 1.1.0 - TP-LINK) Unity Web Player (HKCU Version: - Unity Technologies ApS) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation) VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) XFastUSB (x32 Version: 3.02.31 - ASRock Inc.) XWidget Ver1.84 (x32 Version: - XWidget Software) 美图秀秀 3.9.4 (x32 Version: - 美图网) ==================== Restore Points ========================= 12-02-2014 14:27:24 Wiederherstellungsvorgang 12-02-2014 16:08:09 Windows Update 12-02-2014 16:28:59 Windows Update 12-02-2014 18:38:16 Installed AVG 2014 12-02-2014 18:38:23 Installed AVG 2014 12-02-2014 21:39:57 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 12-02-2014 21:52:21 Windows Update 12-02-2014 23:14:40 Removed Microsoft Office Professional Plus 2010 ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {1BA6BBED-C888-4293-9BF8-7AEB15ED961B} - System32\Tasks\CCleanerSkipUAC => D:\Programme\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) Task: {222FF5E2-A775-488B-AEBA-796CFF45DA85} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.) Task: {4E41C572-406B-4249-97DE-863E93060446} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: {5F6576BF-8D57-4359-B959-7CADEEE51032} - System32\Tasks\Intel(R) Small Business Advantage\Notifier => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\SBA_Notifier.exe [2013-01-28] (Intel Corporation) Task: {85E5072A-83B6-4AF9-B965-5D94F2FB5346} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {9663C10B-AA2A-45CF-8369-B1088708CD03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {C4E2A592-7902-4ADA-9E97-0E30D382C23A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-23] (Adobe Systems Incorporated) Task: {E4D84754-9D7E-40E2-A947-73225BB3C510} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.) Task: {FE4A3BED-EC52-44BB-A939-FC02177CA321} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\Programme\Filezilla\FileZilla FTP Client\fzshellext_64.dll 2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-09-29 22:08 - 2009-08-12 11:09 - 00077824 _____ () D:\Programme\XWidget\Res\Lib\lib.dll 2012-09-23 19:43 - 2012-09-23 19:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu 2013-03-13 12:42 - 2013-06-05 13:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll 2013-12-23 10:55 - 2013-12-05 20:36 - 03559024 _____ () D:\Programme\Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: APNMCP => 2 MSCONFIG\Services: Desura Install Service => 3 MSCONFIG\Services: Futuremark SystemInfo Service => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: IAStorDataMgrSvc => 2 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: Intel(R) ME Service => 2 MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2 MSCONFIG\Services: intelsba => 3 MSCONFIG\Services: ISCTAgent => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: nvsvc => 2 MSCONFIG\Services: RtkAudioService => 2 MSCONFIG\Services: SafetyNutManager => 2 MSCONFIG\Services: Stereo Service => 2 MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: BCSSync => "D:\Programme\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/13/2014 00:19:24 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/12/2014 11:25:41 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (02/13/2014 00:19:05 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (02/13/2014 00:19:05 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (02/13/2014 00:18:15 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/13/2014 00:18:15 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Druckwarteschlange erreicht. Error: (02/13/2014 00:17:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden. Modulpfad: C:\Windows\system32\Rtlihvs.dll Fehlercode: 126 Error: (02/12/2014 11:29:03 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (02/12/2014 11:29:03 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 112. Error: (02/12/2014 11:28:48 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Error: (02/12/2014 11:28:46 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 112. Error: (02/12/2014 11:28:14 PM) (Source: Schannel) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung empfangen: 40. Microsoft Office Sessions: ========================= Error: (02/13/2014 00:19:24 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/12/2014 11:25:41 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 4016.46 MB Available physical RAM: 2535 MB Total Pagefile: 8031.11 MB Available Pagefile: 6410 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.24 GB) (Free:62.42 GB) NTFS Drive d: (Volume) (Fixed) (Total:931.41 GB) (Free:866.4 GB) NTFS Drive e: (JEEVES_AND_WOOSTER_DVD1) (CDROM) (Total:6.86 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 29C690AD) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 29C690D5) Partition 1: (Not Active) - (Size=119 GB) - (Type=07 NTFS) ==================== End Of Log ============================ FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-02-2014 Ran by Neslihan (administrator) on NESLIHAN-PC on 13-02-2014 00:19:31 Running from C:\Users\Neslihan\Desktop Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgcsrva.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe (Microsoft Corporation) C:\Windows\system32\userinit.exe (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgnsa.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (xwidget.com) D:\Programme\XWidget\xwidget.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgemca.exe (Spotify Ltd) C:\Users\Neslihan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Microsoft Corporation) C:\Windows\sysWOW64\wbem\wmiprvse.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgui.exe (Wacom Technology, Corp.) C:\Windows\system32\WTablet\Pen_TabletUser.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe (AVG Technologies CZ, s.r.o.) D:\Programme\AVG\AVG2014\avgcsrva.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291128 2013-03-06] (Intel Corporation) HKLM-x32\...\Run: [] - [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-10-17] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_UI] - D:\Programme\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-2549670680-3362463661-2922105165-1000\...\Run: [xwidget] - D:\Programme\XWidget\xwidget.exe [1811968 2013-06-09] (xwidget.com) HKU\S-1-5-21-2549670680-3362463661-2922105165-1000\...\Run: [Spotify Web Helper] - C:\Users\Neslihan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-22] (Spotify Ltd) HKU\S-1-5-21-2549670680-3362463661-2922105165-1000\...\MountPoints2: {333018b2-1035-11e3-ad86-806e6f6e6963} - E:\ASRSetup.exe AppInit_DLLs: C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL => File Not Found AppInit_DLLs-x32: c:\progra~2\movies~1\safety~1\safety~2.dll => File Not Found Startup: C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) ==================== Internet (Whitelisted) ==================== BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKCU - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\y4ljwfsl.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll () FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Neslihan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Neslihan\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) FF Plugin HKCU: LWAPlugin15.8 - C:\Users\Neslihan\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Neslihan\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll (Microsoft Corporation) FF Extension: FireFTP - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\y4ljwfsl.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013-12-23] FF Extension: Adblock Plus - C:\Users\Neslihan\AppData\Roaming\Mozilla\Firefox\Profiles\y4ljwfsl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-12] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-09-12] FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe Chrome: ======= CHR HomePage: hxxp://www.google.com CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: ( "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (OnLive Game Client Detector) - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive) CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () CHR Plugin: (Unity Player) - C:\Users\Neslihan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Neslihan\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.) CHR Plugin: (Microsoft Lync Web App Plug-in) - C:\Users\Neslihan\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll () CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL No File CHR Plugin: (Microsoft Office 2010) - D:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL No File CHR Extension: (Adblock Plus) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-15] CHR Extension: (No Name) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhambhgmoihmhbfjmmaciggnfcfkflo [2013-12-15] CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2013-09-13] CHR Extension: (XKit) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2013-11-04] CHR Extension: (AdBlock) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-04] CHR Extension: (FabCam) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejilffmihldhlfocnabcgndjjpgadfl [2013-12-15] CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2013-11-04] CHR Extension: (No Name) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jklljiahjgoglchglekebfljnmbaleig [2013-12-15] CHR Extension: (Chat Undetected) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\llmfehnfojojfamjjijjciopbjimcffa [2013-11-04] CHR Extension: (Google Wallet) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (No Name) - C:\Users\Neslihan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcflmmmcfpacggndoaaflkmcoblhnbh [2013-12-15] CHR HKLM\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Neslihan\AppData\Local\foxtab_speeddial.crx [2013-10-26] CHR HKCU\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Neslihan\AppData\Local\foxtab_speeddial.crx [2013-10-26] CHR HKLM-x32\...\Chrome\Extension: [dchmpbaclbiioedakpcldenooikekokm] - C:\Users\Neslihan\AppData\Local\foxtab_speeddial.crx [2013-10-26] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-12-21] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-01-27] (Adobe Systems) R2 AVGIDSAgent; D:\Programme\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.) R2 avgwd; D:\Programme\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.) S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation) S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation) S4 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [48832 2013-01-28] (Intel Corporation) S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] () S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation) S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor) S2 AntiVirSchedulerService; "D:\Programme\Avira\AntiVir Desktop\sched.exe" [X] S2 AntiVirService; "D:\Programme\Avira\AntiVir Desktop\avguard.exe" [X] S4 AntiVirWebService; "D:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X] ==================== Drivers (Whitelisted) ==================== S3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2013-09-10] (ASRock Incorporation) R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.) R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [496400 2013-02-26] (Intel Corporation) S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2013-09-08] (FNet Co., Ltd.) R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-08-29] (FNet Co., Ltd.) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-22] (Intel Corporation) R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] () R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] () R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] () R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2011-04-08] (Realtek Semiconductor Corporation ) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2013-09-18] () ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-12 23:37 - 2014-02-12 23:37 - 00227096 _____ () C:\Users\Neslihan\Downloads\avira_registry_cleaner_de.exe 2014-02-12 23:07 - 2014-02-12 23:07 - 00019969 _____ () C:\Users\Neslihan\Desktop\Addition.txt 2014-02-12 23:06 - 2014-02-13 00:19 - 00021387 _____ () C:\Users\Neslihan\Desktop\FRST.txt 2014-02-12 23:06 - 2014-02-13 00:19 - 00000000 ____D () C:\FRST 2014-02-12 23:05 - 2014-02-12 23:05 - 00001992 _____ () C:\Users\Neslihan\Desktop\JRT.txt 2014-02-12 23:02 - 2014-02-12 23:02 - 00000000 ____D () C:\Windows\ERUNT 2014-02-12 23:01 - 2014-02-12 23:02 - 02152448 _____ (Farbar) C:\Users\Neslihan\Desktop\FRST64.exe 2014-02-12 23:01 - 2014-02-12 23:01 - 01037530 _____ (Thisisu) C:\Users\Neslihan\Desktop\JRT.exe 2014-02-12 22:59 - 2014-02-13 00:17 - 00000168 _____ () C:\Windows\setupact.log 2014-02-12 22:59 - 2014-02-12 22:59 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-12 22:58 - 2014-02-13 00:17 - 00003098 _____ () C:\Windows\PFRO.log 2014-02-12 22:56 - 2014-02-12 22:57 - 00000000 ____D () C:\AdwCleaner 2014-02-12 22:55 - 2014-02-12 22:55 - 01166132 _____ () C:\Users\Neslihan\Desktop\adwcleaner.exe 2014-02-12 22:46 - 2014-02-12 22:46 - 00009478 _____ () C:\cc_20140212_224637_2.reg 2014-02-12 22:37 - 2014-02-12 22:37 - 00088546 _____ () C:\cc_20140212_223727.reg 2014-02-12 22:36 - 2014-02-12 22:36 - 00000674 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-12 22:07 - 2014-02-12 22:07 - 00614792 _____ (Chip Digital GmbH) C:\Users\Neslihan\Downloads\CCleaner - CHIP-Downloader.exe 2014-02-12 21:42 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-12 21:42 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-12 21:42 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-12 21:42 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-12 19:39 - 2014-02-12 19:39 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\AVG2014 2014-02-12 19:38 - 2014-02-12 19:38 - 00000734 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ___HD () C:\$AVG 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\TuneUp Software 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\ProgramData\AVG2014 2014-02-12 17:50 - 2014-02-12 23:23 - 00000000 ____D () C:\ProgramData\MFAData 2014-02-12 17:50 - 2014-02-12 21:16 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Avg2014 2014-02-12 17:50 - 2014-02-12 17:50 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\MFAData 2014-02-12 17:48 - 2014-02-12 17:49 - 04435328 _____ (AVG Technologies) C:\Users\Neslihan\Downloads\avg_avct_stb_all_2014_4158_futuretest2.exe 2014-02-12 17:29 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-12 17:29 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-12 17:29 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-12 17:29 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-12 17:29 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-12 17:29 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-12 17:29 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-12 17:29 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-12 17:29 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-12 17:29 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-12 17:29 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-12 17:29 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-12 17:29 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-12 17:29 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-12 17:29 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-12 17:29 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-12 17:29 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-12 17:29 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-12 17:29 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-12 17:29 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-12 17:29 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-12 17:29 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-12 17:29 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-12 17:29 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-12 17:29 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-12 17:29 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-12 17:29 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-12 17:29 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-12 17:29 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-12 17:29 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-12 17:29 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-12 17:29 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-12 17:29 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-12 17:29 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-12 17:29 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-12 17:29 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-12 17:29 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-12 17:29 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-12 17:29 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-12 17:15 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-12 17:15 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-12 17:14 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-12 17:14 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-12 17:14 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-12 17:14 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-12 17:14 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-12 17:14 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-12 17:14 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-12 17:14 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-12 17:14 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-12 17:14 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-12 17:14 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-12 17:14 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-12 17:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-12 17:14 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-12 17:14 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-12 17:14 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-12 17:14 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-12 17:14 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-12 17:14 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-12 17:08 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-12 17:08 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-12 15:21 - 2014-02-12 15:21 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Avira 2014-02-12 14:40 - 2014-02-12 17:03 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-12 14:40 - 2014-02-12 15:16 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-02-12 14:32 - 2014-02-12 14:32 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-01-31 13:32 - 2014-01-31 13:32 - 00001271 _____ () C:\Users\Neslihan\Desktop\DC Universe Online PSG.lnk 2014-01-27 19:03 - 2014-01-27 19:03 - 00000000 ____D () C:\Users\Neslihan\Documents\Updater 2014-01-27 17:57 - 2014-01-27 17:57 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2014-01-27 17:56 - 2014-01-27 17:56 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-01-27 17:56 - 2004-08-17 02:40 - 00016384 _____ () C:\Windows\SysWOW64\FileOps.exe 2014-01-15 14:42 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-01-15 14:42 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-01-15 14:42 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-01-15 14:42 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-01-14 23:48 - 2014-01-14 23:55 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Notepad++ 2014-01-14 23:48 - 2014-01-14 23:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ ==================== One Month Modified Files and Folders ======= 2014-02-13 00:19 - 2014-02-12 23:06 - 00021387 _____ () C:\Users\Neslihan\Desktop\FRST.txt 2014-02-13 00:19 - 2014-02-12 23:06 - 00000000 ____D () C:\FRST 2014-02-13 00:19 - 2013-10-17 22:27 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\WTablet 2014-02-13 00:19 - 2013-08-29 08:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-13 00:19 - 2013-08-29 07:58 - 00123856 _____ () C:\Users\Neslihan\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-13 00:19 - 2009-07-14 05:45 - 05168856 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-13 00:17 - 2014-02-12 22:59 - 00000168 _____ () C:\Windows\setupact.log 2014-02-13 00:17 - 2014-02-12 22:58 - 00003098 _____ () C:\Windows\PFRO.log 2014-02-13 00:17 - 2013-08-29 00:00 - 02083278 _____ () C:\Windows\WindowsUpdate.log 2014-02-13 00:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-13 00:16 - 2013-09-09 20:29 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-02-13 00:15 - 2011-04-12 08:55 - 00000000 ____D () C:\Windows\ShellNew 2014-02-13 00:15 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-02-13 00:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-02-13 00:15 - 2009-07-14 03:34 - 00000387 _____ () C:\Windows\win.ini 2014-02-12 23:48 - 2013-08-29 09:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-12 23:37 - 2014-02-12 23:37 - 00227096 _____ () C:\Users\Neslihan\Downloads\avira_registry_cleaner_de.exe 2014-02-12 23:32 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-12 23:32 - 2009-07-14 05:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-12 23:29 - 2011-04-12 08:43 - 00658476 _____ () C:\Windows\system32\perfh007.dat 2014-02-12 23:29 - 2011-04-12 08:43 - 00131346 _____ () C:\Windows\system32\perfc007.dat 2014-02-12 23:29 - 2009-07-14 06:13 - 01510528 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-12 23:27 - 2013-08-29 08:05 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-12 23:23 - 2014-02-12 17:50 - 00000000 ____D () C:\ProgramData\MFAData 2014-02-12 23:07 - 2014-02-12 23:07 - 00019969 _____ () C:\Users\Neslihan\Desktop\Addition.txt 2014-02-12 23:05 - 2014-02-12 23:05 - 00001992 _____ () C:\Users\Neslihan\Desktop\JRT.txt 2014-02-12 23:02 - 2014-02-12 23:02 - 00000000 ____D () C:\Windows\ERUNT 2014-02-12 23:02 - 2014-02-12 23:01 - 02152448 _____ (Farbar) C:\Users\Neslihan\Desktop\FRST64.exe 2014-02-12 23:01 - 2014-02-12 23:01 - 01037530 _____ (Thisisu) C:\Users\Neslihan\Desktop\JRT.exe 2014-02-12 22:59 - 2014-02-12 22:59 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-12 22:57 - 2014-02-12 22:56 - 00000000 ____D () C:\AdwCleaner 2014-02-12 22:55 - 2014-02-12 22:55 - 01166132 _____ () C:\Users\Neslihan\Desktop\adwcleaner.exe 2014-02-12 22:46 - 2014-02-12 22:46 - 00009478 _____ () C:\cc_20140212_224637_2.reg 2014-02-12 22:38 - 2013-10-21 23:01 - 00000000 ____D () C:\Program Files (x86)\360 2014-02-12 22:37 - 2014-02-12 22:37 - 00088546 _____ () C:\cc_20140212_223727.reg 2014-02-12 22:36 - 2014-02-12 22:36 - 00000674 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-12 22:36 - 2013-10-28 00:12 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\FileZilla 2014-02-12 22:36 - 2013-09-17 12:56 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-12 22:36 - 2013-09-08 19:37 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\CrashDumps 2014-02-12 22:36 - 2013-08-29 10:11 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Winamp 2014-02-12 22:36 - 2013-08-29 00:50 - 00000000 ____D () C:\Windows\Panther 2014-02-12 22:36 - 2013-08-28 23:57 - 00000000 ____D () C:\Windows\Minidump 2014-02-12 22:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-02-12 22:07 - 2014-02-12 22:07 - 00614792 _____ (Chip Digital GmbH) C:\Users\Neslihan\Downloads\CCleaner - CHIP-Downloader.exe 2014-02-12 21:16 - 2014-02-12 17:50 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Avg2014 2014-02-12 19:39 - 2014-02-12 19:39 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\AVG2014 2014-02-12 19:38 - 2014-02-12 19:38 - 00000734 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ___HD () C:\$AVG 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\TuneUp Software 2014-02-12 19:38 - 2014-02-12 19:38 - 00000000 ____D () C:\ProgramData\AVG2014 2014-02-12 18:17 - 2013-09-07 21:29 - 00001456 _____ () C:\Users\Neslihan\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2014-02-12 17:50 - 2014-02-12 17:50 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\MFAData 2014-02-12 17:49 - 2014-02-12 17:48 - 04435328 _____ (AVG Technologies) C:\Users\Neslihan\Downloads\avg_avct_stb_all_2014_4158_futuretest2.exe 2014-02-12 17:09 - 2013-08-29 09:48 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-12 17:08 - 2013-08-29 09:48 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-12 17:03 - 2014-02-12 14:40 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-12 17:03 - 2013-09-29 22:08 - 00000000 ____D () C:\Users\Neslihan\Documents\xwidget 2014-02-12 17:03 - 2013-09-07 23:53 - 00000000 ____D () C:\ProgramData\Avira 2014-02-12 17:03 - 2013-09-07 11:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-02-12 17:03 - 2013-08-29 09:11 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-02-12 17:03 - 2013-08-29 08:05 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Google 2014-02-12 17:03 - 2013-08-29 08:05 - 00000000 ____D () C:\Program Files (x86)\Google 2014-02-12 17:03 - 2013-08-29 00:06 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\TP-LINK 2014-02-12 17:03 - 2013-08-29 00:00 - 00000000 ____D () C:\Users\Neslihan 2014-02-12 17:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-02-12 17:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-02-12 17:02 - 2013-08-29 00:08 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Last.fm 2014-02-12 15:21 - 2014-02-12 15:21 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Avira 2014-02-12 15:16 - 2014-02-12 14:40 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-02-12 14:32 - 2014-02-12 14:32 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-02-11 23:06 - 2013-10-26 22:30 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\SoulseekQt 2014-02-06 13:16 - 2014-02-12 17:29 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-12 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-12 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-12 17:29 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-12 17:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-12 17:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-12 17:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-12 17:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 11:52 - 2014-02-12 17:29 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 11:49 - 2014-02-12 17:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-12 17:29 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-12 17:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-12 17:29 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-12 17:29 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-12 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-12 17:29 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 11:11 - 2014-02-12 17:29 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-12 17:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-12 17:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-12 17:29 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-12 17:29 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-12 17:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-12 17:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-12 17:29 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 10:49 - 2014-02-12 17:29 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 10:47 - 2014-02-12 17:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-12 17:29 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-12 17:29 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 10:25 - 2014-02-12 17:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 10:24 - 2014-02-12 17:29 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 10:22 - 2014-02-12 17:29 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-12 17:29 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-12 17:29 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-12 17:29 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-12 17:29 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-12 17:29 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-12 17:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-12 17:29 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-12 17:29 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-01-31 13:32 - 2014-01-31 13:32 - 00001271 _____ () C:\Users\Neslihan\Desktop\DC Universe Online PSG.lnk 2014-01-27 19:03 - 2014-01-27 19:03 - 00000000 ____D () C:\Users\Neslihan\Documents\Updater 2014-01-27 19:03 - 2013-08-29 08:08 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Adobe 2014-01-27 19:02 - 2013-08-29 09:36 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Adobe 2014-01-27 17:57 - 2014-01-27 17:57 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF 2014-01-27 17:57 - 2013-08-29 08:08 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-01-27 17:57 - 2013-08-29 00:01 - 00000000 ___RD () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-01-27 17:56 - 2014-01-27 17:56 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-01-27 17:56 - 2013-08-29 08:08 - 00000000 ____D () C:\ProgramData\Adobe 2014-01-24 00:02 - 2013-12-19 00:02 - 00000103 _____ () C:\Users\Neslihan\AppData\Roaming\WB.CFG 2014-01-23 22:49 - 2013-09-07 23:38 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Mozilla 2014-01-23 11:19 - 2013-08-29 09:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-01-23 11:19 - 2013-08-29 09:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-01-23 11:19 - 2013-08-29 09:37 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-01-22 20:46 - 2013-09-07 17:39 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Spotify 2014-01-22 18:08 - 2013-09-07 17:40 - 00000000 ____D () C:\Users\Neslihan\AppData\Local\Spotify 2014-01-22 12:29 - 2013-09-07 17:40 - 00001768 _____ () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk 2014-01-15 13:57 - 2013-11-17 12:00 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Skype 2014-01-14 23:55 - 2014-01-14 23:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Notepad++ 2014-01-14 23:48 - 2014-01-14 23:48 - 00000000 ____D () C:\Users\Neslihan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ Some content of TEMP: ==================== C:\Users\Neslihan\AppData\Local\Temp\4E954E.dll C:\Users\Neslihan\AppData\Local\Temp\5CBD5C.dll C:\Users\Neslihan\AppData\Local\Temp\807A80.dll C:\Users\Neslihan\AppData\Local\Temp\941894.dll C:\Users\Neslihan\AppData\Local\Temp\AC47AC.dll C:\Users\Neslihan\AppData\Local\Temp\BC17BC.dll C:\Users\Neslihan\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-08 01:13 ==================== End Of Log ============================ --- --- --- --- --- --- |
13.02.2014, 00:29 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
13.02.2014, 00:34 | #11 |
| Extrem Langsamer PC (Internet, Download, AntiVir) gesagt getan, da kommt diese meldung, Ich frage lieber vorher was ich nun wähle? ok zu spät ich hab schon "ja" gedrückt logfile kommt sofort Geändert von monchou (13.02.2014 um 00:40 Uhr) |
13.02.2014, 00:40 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Da auf Nein klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
13.02.2014, 01:18 | #13 |
| Extrem Langsamer PC (Internet, Download, AntiVir) EDIT: So, ein Logfile habe Ich nicht bekommen dafür das hier Der PC ist nun deutlich schneller als vorher; nicht soo schnell wie vor den ganzen Problemen aber besser! Kann Ich nun etwas tun, um weiter zu übprüfen ob alles ok ist? Und hast Du eine Empfehlung was ein Antivirusprogramm angeht? Ich würd als Studentin gern unter 50€ bleiben, aber wenn sich was teureres lohnt dann auch gern das... |
13.02.2014, 09:57 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Extrem Langsamer PC (Internet, Download, AntiVir) Log posten, keine Screeshots!
__________________ Logfiles bitte immer in CODE-Tags posten |
13.02.2014, 10:22 | #15 |
| Extrem Langsamer PC (Internet, Download, AntiVir) Upps, sorry - dachte Ich hätte keinen logfile bekommen - danke für Deine Geduld Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009 www.malwarebytes.org Database version: v2014.02.12.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Neslihan :: NESLIHAN-PC [administrator] 13.02.2014 00:39:49 mbar-log-2014-02-13 (00-39-49).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 231177 Time elapsed: 4 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |