| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malwarebytes Anti-Malware hat 5 Funde.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.03.2014, 16:43
| #1 |
| |  Malwarebytes Anti-Malware hat 5 Funde. Hallo Liebes Forum, habe mich gerade hier angemeldet, da ich ein wenig Angst habe. Ich hatte heute aus geistiger Umnachtung auf eine Phishing Mail geklickt, jedoch keinen Link geöffnet. Habe daraufhin Malewarebytes Anti Malware heruntergeladen und einmal wie mein McAfee über den PC laufen lassen. Nach anfänglicher Freude hat sich jedoch herausgestellt, dass MBAM 5 Funde gemacht hat. MBAM läuft gerade noch, jedoch wollte ich jetzt bereits fragen, wie ich nun weiter verfahren soll. Ich hoffe Ihr könnt mir helfen. Mit freundlichen Grüßen Daniel |
|
02.03.2014, 16:45
| #2 |
| /// the machine /// TB-Ausbilder    | Malwarebytes Anti-Malware hat 5 Funde. hi,
__________________Logfile von MBAM posten. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.03.2014, 10:35
| #3 |
| | Malwarebytes Anti-Malware hat 5 Funde. MBAM-Logfile
__________________Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware Datenbank Version: v2014.03.02.05 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16518 Daniel :: DANIELS-LAPTOP [Administrator] Schutz: Aktiviert 02.03.2014 15:24:10 MBAM-log-2014-03-02 (16-49-56).txt Art des Suchlaufs: Vollständiger Suchlauf (B:\|C:\|E:\|H:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 464353 Laufzeit: 1 Stunde(n), 24 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 5 C:\Users\Daniel\Desktop\Verknüpfungen\Spiele\Minecraft\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Keine Aktion durchgeführt. C:\Users\Daniel\Downloads\Installed\cdbxp_setup_4.5.2.4214_minimal.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Daniel\Downloads\Installed\DTLite4471-0333.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Daniel\Downloads\Installed\PhotoScape_V3.6.5.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Daniel\Downloads\Installed\SoftonicDownloader_fuer_origin.exe (PUP.Optional.Softonic) -> Keine Aktion durchgeführt. (Ende) Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2014 02
Ran by Daniel at 2014-03-02 16:53:15
Running from C:\Users\Daniel\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.5.100.20808 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{95EF3DDB-27C8-CDA9-9E72-5EC3F02C1B02}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Antichamber (HKLM-x32\...\Steam App 219890) (Version: - Alexander Bruce)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.3 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Command and Conquer: Red Alert 3 - Uprising (HKLM-x32\...\Steam App 24800) (Version: - EA Los Angeles)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Space (HKLM-x32\...\Steam App 17470) (Version: - EA Redwood Shores)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version: - Black Forest Games)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version: - IO Interactive)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - IO Interactive)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version: - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version: - IO Interactive)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Machinarium (HKLM-x32\...\Steam App 40700) (Version: - Amanita Design)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 12.8.934 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.5.0.3026 - McAfee, Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.0 (HKLM\...\{7CBBEE56-EEF2-462D-B1CE-EACDBBF6457E}) (Version: 4.3.0 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.6000 - DTS, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6794 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13074_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolForge (HKLM-x32\...\Steam App 232450) (Version: - Stone Blade Entertainment)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6626.6410 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.973 - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 2.00.973 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0015 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.3.3 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.21-A - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.24 - NCH Software)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version: - 2D BOY)
==================== Restore Points =========================
17-02-2014 12:11:07 Geplanter Prüfpunkt
20-02-2014 20:12:42 Windows Update
22-02-2014 13:44:06 DirectX wurde installiert
25-02-2014 19:38:36 DirectX wurde installiert
02-03-2014 13:32:59 McAfee Vulnerability Scanner
==================== Hosts content: ==========================
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {11A1FDF4-2CB6-4A35-A559-E95370F8CA3A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-22] (Microsoft Corporation)
Task: {1792D210-F2F8-4F50-8D9E-A175810EC4BF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-11-29] (Synaptics Incorporated)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {222100C2-1DFC-4C6A-A5FD-8AF9822AEFFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B7C82D2-64F8-4E2B-99AA-608B5F2EFBC1} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-01-04] (Toshiba Europe GmbH)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7201DE79-6AD4-4034-B9D0-D05513D8D452} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77C45707-2366-43F8-88C1-805CF6B78F66} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-02] (Adobe Systems Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C4C85383-5FDE-4DC1-B6AD-A17FC4C1B13B} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {CCA5CA2B-E948-4091-87F3-A59A76C57566} - System32\Tasks\Microsoft\Windows\SysResetLogSuccess => Rundll32.exe ResetEng.dll,RjvLogSuccessEntryPoint
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) =============
2011-10-13 21:38 - 2011-10-13 21:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2013-12-22 21:14 - 2013-08-23 14:45 - 00386216 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-12-22 21:14 - 2013-10-31 09:08 - 00520872 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-12-22 21:14 - 2013-10-31 09:07 - 00618152 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2012-10-31 23:15 - 2012-10-31 23:15 - 02565544 _____ () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-14 03:13 - 2012-08-14 03:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2013-12-26 11:30 - 2014-01-14 20:46 - 03140608 _____ () C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-08 00:19 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Daniel\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-15 01:42 - 2014-02-15 01:42 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Daniel\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Daniel\SkyDrive (2).old:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2014 02:45:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TCrdMain_Win8.exe, Version: 2.0.7.64, Zeitstempel: 0x5091827a
Name des fehlerhaften Moduls: SynCOM.dll_unloaded, Version: 16.3.4.0, Zeitstempel: 0x50b86421
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001f368
ID des fehlerhaften Prozesses: 0x1e74
Startzeit der fehlerhaften Anwendung: 0xTCrdMain_Win8.exe0
Pfad der fehlerhaften Anwendung: TCrdMain_Win8.exe1
Pfad des fehlerhaften Moduls: TCrdMain_Win8.exe2
Berichtskennung: TCrdMain_Win8.exe3
Vollständiger Name des fehlerhaften Pakets: TCrdMain_Win8.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: TCrdMain_Win8.exe5
Error: (02/26/2014 06:01:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62406
Error: (02/26/2014 06:01:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62406
Error: (02/26/2014 06:01:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/26/2014 06:01:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53844
Error: (02/26/2014 06:01:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53844
Error: (02/26/2014 06:01:50 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/26/2014 06:01:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47266
Error: (02/26/2014 06:01:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47266
Error: (02/26/2014 06:01:43 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (03/01/2014 05:31:20 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/01/2014 04:27:26 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (03/01/2014 04:27:09 PM) (Source: DCOM) (User: Daniels-Laptop)
Description: {209500FC-6B45-4693-8871-6296C4843751}
Error: (03/01/2014 04:22:37 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/28/2014 09:11:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/28/2014 02:41:30 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/28/2014 01:22:47 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/26/2014 08:25:09 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/26/2014 08:23:45 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/26/2014 06:01:56 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioEndpointBuilder erreicht.
Microsoft Office Sessions:
=========================
Error: (03/02/2014 02:45:09 PM) (Source: Application Error)(User: )
Description: TCrdMain_Win8.exe2.0.7.645091827aSynCOM.dll_unloaded16.3.4.050b86421c0000005000000000001f3681e7401cf361b849d6f7bC:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exeSynCOM.dlldea00a67-a210-11e3-bee9-2cd05aa587e4
Error: (02/26/2014 06:01:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62406
Error: (02/26/2014 06:01:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62406
Error: (02/26/2014 06:01:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/26/2014 06:01:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 53844
Error: (02/26/2014 06:01:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 53844
Error: (02/26/2014 06:01:50 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/26/2014 06:01:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 47266
Error: (02/26/2014 06:01:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 47266
Error: (02/26/2014 06:01:43 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 8143.22 MB
Available physical RAM: 4774.87 MB
Total Pagefile: 9535.22 MB
Available Pagefile: 6133.71 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive b: (Privat) (Fixed) (Total:300 GB) (Free:198.93 GB) NTFS
Drive c: (Boot) (Fixed) (Total:619.91 GB) (Free:403.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2014 02 Ran by Daniel (administrator) on DANIELS-LAPTOP on 02-03-2014 16:52:30 Running from C:\Users\Daniel\Downloads Windows 8.1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\WINDOWS\system32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Microsoft Corporation) C:\WINDOWS\system32\dashost.exe (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe (McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (AMD) C:\WINDOWS\system32\atieclxx.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe () C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Dropbox, Inc.) C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13261456 2012-11-29] (Realtek Semiconductor) HKLM\...\Run: [TCrdMain] - C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565544 2012-10-31] () HKLM\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation) HKLM\...\Run: [TODDMain] - C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] () HKLM\...\Run: [TecoResident] - C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation) HKLM\...\Run: [SRS Premium Sound HD] - C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3008824 2012-11-29] (Synaptics Incorporated) HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [TPUReg] - C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7152640 2012-12-05] (Pegatron Corporation) HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.) HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKU\S-1-5-21-1412979160-590310332-413037454-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1822400 2014-02-20] (Valve Corporation) HKU\S-1-5-21-1412979160-590310332-413037454-1001\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung) HKU\S-1-5-21-1412979160-590310332-413037454-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-1412979160-590310332-413037454-1001\...\Run: [Amazon Cloud Player] - C:\Users\Daniel\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3140608 2014-01-14] () HKU\S-1-5-21-1412979160-590310332-413037454-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung) Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com SearchScopes: HKLM - DefaultScope {9778B1CC-91FE-4B48-ACEB-141F07789C5A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS SearchScopes: HKLM - {9778B1CC-91FE-4B48-ACEB-141F07789C5A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS SearchScopes: HKLM-x32 - DefaultScope {9778B1CC-91FE-4B48-ACEB-141F07789C5A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS SearchScopes: HKLM-x32 - {9778B1CC-91FE-4B48-ACEB-141F07789C5A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATMJS SearchScopes: HKCU - DefaultScope {9778B1CC-91FE-4B48-ACEB-141F07789C5A} URL = SearchScopes: HKCU - {9778B1CC-91FE-4B48-ACEB-141F07789C5A} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\MSC\McSnIePl64.dll (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\x2tgcs1y.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL () FF Plugin-x32: @mcafee.com/MVT - C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-12-21] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-12-21] ==================== Services (Whitelisted) ================= R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.) R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.) R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.) R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.) R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-05] (Realtek Semiconductor) S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116240 2013-01-04] (Toshiba Europe GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S2 0138861393355506mcinstcleanup; C:\WINDOWS\TEMP\013886~1.EXE -cleanup -nolog [X] ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation) R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-12-22] (DT Soft Ltd) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-23] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.) R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.) R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.) S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-23] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2012-11-29] (Synaptics Incorporated) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation) R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [113936 2013-10-15] (Oracle Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2013-08-22] (Microsoft Corporation) U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-02 16:52 - 2014-03-02 16:52 - 00021735 _____ () C:\Users\Daniel\Downloads\FRST.txt 2014-03-02 16:52 - 2014-03-02 16:52 - 00000000 ____D () C:\FRST 2014-03-02 16:48 - 2014-03-02 16:48 - 02156544 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe 2014-03-02 15:21 - 2014-03-02 15:21 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-02 15:21 - 2014-03-02 15:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Malwarebytes 2014-03-02 15:21 - 2014-03-02 15:21 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-02 15:21 - 2014-03-02 15:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-02 15:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-03-02 15:19 - 2014-03-02 15:20 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-28 14:20 - 2014-02-28 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-02-24 22:53 - 2014-02-24 22:53 - 00000000 ____D () C:\Users\Daniel\Desktop\Noten 2014-02-24 21:55 - 2014-02-24 21:55 - 00536247 _____ () C:\Users\Daniel\Desktop\Folien_Kreis_Februar_2014_Connect_Team.pptx 2014-02-24 06:17 - 2014-03-02 16:28 - 01054722 _____ () C:\WINDOWS\WindowsUpdate.log 2014-02-23 18:09 - 2014-02-23 18:12 - 64134298 _____ () C:\Users\Daniel\Desktop\Abts_GrunlagenJava_2010_EBook_FHI.zip 2014-02-23 18:08 - 2014-02-23 18:09 - 15766187 _____ () C:\Users\Daniel\Desktop\DBSG2011_CalsErsteProgrammiersprache.zip 2014-02-23 17:54 - 2014-02-23 17:54 - 00267747 _____ () C:\Users\Daniel\Desktop\Learning Agreements_Status_2014-02.xlsx 2014-02-22 16:41 - 2014-02-22 16:42 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Humble Hearts LLC 2014-02-22 16:04 - 2014-02-22 16:04 - 00001527 _____ () C:\Users\Administrator\Desktop\Giana Sisters Twisted Dreams.lnk 2014-02-22 16:01 - 2014-02-22 16:01 - 00000000 ____D () C:\Users\Daniel\Documents\Facepalm Games 2014-02-22 16:00 - 2014-02-22 19:32 - 00000000 ____D () C:\Program Files (x86)\Black Forest Games 2014-02-22 15:52 - 2014-02-22 19:33 - 00000000 ____D () C:\Program Files (x86)\Facepalm Games 2014-02-22 14:45 - 2014-02-22 14:45 - 00000000 ____D () C:\Users\Daniel\Documents\Guacamelee 2014-02-22 14:43 - 2014-02-22 19:32 - 00000000 ____D () C:\Program Files (x86)\DrinkBox Studios 2014-02-20 21:53 - 2014-02-20 21:53 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\McAfee 2014-02-20 21:51 - 2014-01-27 08:37 - 00185792 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe 2014-02-18 20:10 - 2014-03-01 17:28 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14D1FA3E-6F29-4A91-B98F-7019856BCF1B} 2014-02-16 22:48 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-02-16 22:48 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-02-16 22:48 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2014-02-16 22:48 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-02-16 22:48 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-02-16 22:48 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll 2014-02-16 22:48 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys 2014-02-16 22:48 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-02-16 22:48 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll 2014-02-16 22:48 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-02-16 22:48 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll 2014-02-16 22:48 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-02-16 22:48 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-02-16 22:48 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2014-02-16 22:48 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-02-16 22:48 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2014-02-16 22:48 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-02-16 22:48 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-02-16 22:48 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-02-16 22:48 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-02-16 22:48 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-02-16 22:48 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2014-02-16 22:48 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-02-16 22:48 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-02-16 22:48 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-02-16 22:48 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-02-16 22:48 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-02-16 22:48 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-02-16 22:48 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-02-16 22:48 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-02-16 22:48 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-02-16 22:48 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-02-16 22:48 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-02-16 22:48 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-02-16 22:48 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll 2014-02-16 22:48 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys 2014-02-16 22:48 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-02-16 22:48 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2014-02-16 22:48 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-02-16 22:48 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-02-16 22:48 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-02-16 22:48 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-02-16 22:48 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-02-16 22:48 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-02-16 22:48 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll 2014-02-16 22:48 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-02-16 22:48 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-02-16 22:48 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-02-16 22:48 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2014-02-16 22:48 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2014-02-16 22:48 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-02-16 22:48 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-02-16 22:48 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-02-16 22:48 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-02-16 22:48 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2014-02-15 01:42 - 2014-02-15 01:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-13 16:11 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-13 16:11 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-13 16:11 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-13 16:11 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-13 16:11 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-13 16:11 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-13 16:11 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-13 16:11 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-13 16:11 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-13 16:11 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-13 16:11 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-13 16:11 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-13 16:11 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-13 16:11 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-13 16:11 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-13 16:11 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-13 16:10 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-13 16:10 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-13 16:10 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-13 16:10 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-13 16:10 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-13 16:10 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-13 16:10 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-13 16:10 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-13 16:10 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-13 16:10 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-13 16:06 - 2014-02-22 20:49 - 00000000 ____D () C:\Users\Daniel\AppData\Local\DayZ 2014-02-13 16:06 - 2014-02-13 22:48 - 00000000 ____D () C:\Users\Daniel\Documents\DayZ 2014-02-13 15:19 - 2014-02-13 15:20 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\SolForge 2014-02-13 15:19 - 2014-02-13 15:19 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\backbeat 2014-02-13 15:19 - 2014-02-13 15:19 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashRpt 2014-02-13 15:10 - 2014-02-13 15:14 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-13 14:02 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-02-13 14:02 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-13 14:02 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-13 14:02 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-02-13 14:02 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-13 14:02 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-13 14:02 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-13 14:02 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-13 14:02 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-13 14:02 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-13 14:02 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-13 14:02 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-13 14:02 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-13 14:02 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-13 14:02 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-13 14:02 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-02-13 14:02 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-13 14:02 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-13 14:02 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-13 14:02 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-13 14:02 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-13 14:02 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-13 14:02 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-13 14:02 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-13 14:02 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-13 14:02 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-13 14:02 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-13 14:02 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-13 14:02 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-13 14:02 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-13 14:02 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-13 14:02 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-13 14:02 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-13 14:02 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-02-13 14:02 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-02-13 14:02 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-13 14:02 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-13 14:02 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-13 14:02 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-13 14:02 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-13 14:02 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-13 14:02 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-13 14:02 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-13 14:02 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-13 14:01 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-06 15:41 - 2014-02-16 16:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-06 15:41 - 2014-02-06 15:41 - 00000000 ____D () C:\ProgramData\Mozilla 2014-02-04 20:44 - 2014-02-04 20:44 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\LolClient 2014-02-04 19:39 - 2014-03-02 14:37 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype 2014-02-04 19:39 - 2014-03-02 14:34 - 00000000 ____D () C:\ProgramData\Skype 2014-02-04 19:39 - 2014-02-04 19:39 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-02-04 19:39 - 2014-02-04 19:39 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Skype 2014-02-04 17:18 - 2014-02-04 17:18 - 00000000 ____D () C:\Users\Daniel\Documents\VideoPad Projects 2014-02-04 17:10 - 2014-02-04 17:48 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\NCH Software 2014-02-04 17:10 - 2014-02-04 17:35 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software 2014-02-04 17:10 - 2014-02-04 17:10 - 00000000 ____D () C:\ProgramData\NCH Software 2014-02-04 17:10 - 2014-02-04 17:10 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-02-04 17:06 - 2014-02-04 17:06 - 00000000 ____D () C:\Riot Games 2014-02-01 11:57 - 2014-02-04 17:06 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin 2014-02-01 11:57 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2014-02-01 11:57 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2014-02-01 11:57 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2014-02-01 11:53 - 2014-02-22 14:42 - 00000000 ____D () C:\Users\Daniel\AppData\Local\PMB Files 2014-02-01 11:53 - 2014-02-22 14:42 - 00000000 ____D () C:\ProgramData\PMB Files 2014-02-01 11:53 - 2014-02-01 11:53 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-02-01 11:52 - 2014-02-01 11:53 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Riot Games 2014-02-01 11:43 - 2014-02-01 11:44 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Audacity 2014-02-01 11:42 - 2014-02-01 11:43 - 00000000 ____D () C:\Program Files (x86)\Audacity 2014-01-31 00:29 - 2014-01-31 00:29 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Criterion Games ==================== One Month Modified Files and Folders ======= 2014-03-02 16:52 - 2014-03-02 16:52 - 00021735 _____ () C:\Users\Daniel\Downloads\FRST.txt 2014-03-02 16:52 - 2014-03-02 16:52 - 00000000 ____D () C:\FRST 2014-03-02 16:48 - 2014-03-02 16:48 - 02156544 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe 2014-03-02 16:42 - 2014-01-24 18:13 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-03-02 16:28 - 2014-02-24 06:17 - 01054722 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-02 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-02 15:27 - 2013-12-21 14:44 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1412979160-590310332-413037454-1001 2014-03-02 15:21 - 2014-03-02 15:21 - 00001125 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-03-02 15:21 - 2014-03-02 15:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Malwarebytes 2014-03-02 15:21 - 2014-03-02 15:21 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-03-02 15:21 - 2014-03-02 15:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-02 15:20 - 2014-03-02 15:19 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-1.75.0.1300.exe 2014-03-02 14:43 - 2013-12-21 16:44 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-03-02 14:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-03-02 14:39 - 2013-10-04 06:42 - 00000000 ___RD () C:\Users\Daniel\Desktop\Verknüpfungen 2014-03-02 14:38 - 2013-12-22 20:50 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-02 14:38 - 2013-12-21 17:19 - 00000000 ____D () C:\Users\Daniel\Downloads\Installed 2014-03-02 14:37 - 2014-02-04 19:39 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype 2014-03-02 14:34 - 2014-02-04 19:39 - 00000000 ____D () C:\ProgramData\Skype 2014-03-02 14:33 - 2014-01-24 18:13 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-03-02 14:30 - 2013-12-21 16:56 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Dropbox 2014-03-02 14:30 - 2013-08-27 17:45 - 00000000 ___RD () C:\Users\Daniel\Dropbox 2014-03-02 14:29 - 2013-09-25 16:11 - 00000000 __RSD () C:\Users\Daniel\Documents\McAfee-Tresore 2014-03-01 17:28 - 2014-02-18 20:10 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{14D1FA3E-6F29-4A91-B98F-7019856BCF1B} 2014-03-01 17:11 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-03-01 17:11 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2014-03-01 17:11 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2014-03-01 16:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-02-28 14:35 - 2014-01-30 19:56 - 00000000 ____D () C:\Users\Daniel\Desktop\BMW_FitFuersPraktikum 2014-02-28 14:20 - 2014-02-28 14:20 - 00000000 ____D () C:\Users\Public\Documents\CrashDump 2014-02-25 20:11 - 2013-04-08 01:04 - 00000000 ____D () C:\Program Files\Common Files\mcafee 2014-02-24 22:53 - 2014-02-24 22:53 - 00000000 ____D () C:\Users\Daniel\Desktop\Noten 2014-02-24 21:55 - 2014-02-24 21:55 - 00536247 _____ () C:\Users\Daniel\Desktop\Folien_Kreis_Februar_2014_Connect_Team.pptx 2014-02-24 19:07 - 2013-12-23 11:12 - 00000000 ____D () C:\Users\Daniel 2014-02-24 19:06 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-02-24 18:51 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-02-24 06:31 - 2014-01-06 16:04 - 00000000 ____D () C:\Users\Daniel\Desktop\Festplatte !!! 2014-02-23 18:12 - 2014-02-23 18:09 - 64134298 _____ () C:\Users\Daniel\Desktop\Abts_GrunlagenJava_2010_EBook_FHI.zip 2014-02-23 18:09 - 2014-02-23 18:08 - 15766187 _____ () C:\Users\Daniel\Desktop\DBSG2011_CalsErsteProgrammiersprache.zip 2014-02-23 17:54 - 2014-02-23 17:54 - 00267747 _____ () C:\Users\Daniel\Desktop\Learning Agreements_Status_2014-02.xlsx 2014-02-22 20:49 - 2014-02-13 16:06 - 00000000 ____D () C:\Users\Daniel\AppData\Local\DayZ 2014-02-22 20:49 - 2014-01-05 19:14 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mp3tag 2014-02-22 19:33 - 2014-02-22 15:52 - 00000000 ____D () C:\Program Files (x86)\Facepalm Games 2014-02-22 19:32 - 2014-02-22 16:00 - 00000000 ____D () C:\Program Files (x86)\Black Forest Games 2014-02-22 19:32 - 2014-02-22 14:43 - 00000000 ____D () C:\Program Files (x86)\DrinkBox Studios 2014-02-22 19:28 - 2013-12-21 18:35 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-02-22 19:27 - 2013-12-21 18:35 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-02-22 19:18 - 2013-12-21 14:36 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VirtualStore 2014-02-22 19:06 - 2013-08-30 12:17 - 00000000 ____D () C:\Users\Daniel\Documents\My Games 2014-02-22 16:42 - 2014-02-22 16:41 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Humble Hearts LLC 2014-02-22 16:04 - 2014-02-22 16:04 - 00001527 _____ () C:\Users\Administrator\Desktop\Giana Sisters Twisted Dreams.lnk 2014-02-22 16:01 - 2014-02-22 16:01 - 00000000 ____D () C:\Users\Daniel\Documents\Facepalm Games 2014-02-22 14:45 - 2014-02-22 14:45 - 00000000 ____D () C:\Users\Daniel\Documents\Guacamelee 2014-02-22 14:42 - 2014-02-01 11:53 - 00000000 ____D () C:\Users\Daniel\AppData\Local\PMB Files 2014-02-22 14:42 - 2014-02-01 11:53 - 00000000 ____D () C:\ProgramData\PMB Files 2014-02-20 22:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-02-20 21:53 - 2014-02-20 21:53 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\McAfee 2014-02-20 21:51 - 2013-12-21 17:45 - 00000000 ____D () C:\Program Files (x86)\McAfee 2014-02-20 21:51 - 2013-04-08 01:04 - 00000000 ____D () C:\ProgramData\McAfee 2014-02-20 21:51 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-02-20 21:38 - 2013-12-21 14:38 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-20 21:38 - 2013-12-21 14:38 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-02-20 21:37 - 2013-08-22 15:44 - 00371160 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-02-20 21:36 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-02-20 21:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-02-20 21:35 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism 2014-02-20 21:35 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism 2014-02-18 19:00 - 2013-12-23 11:04 - 00000000 ___DC () C:\WINDOWS\Panther 2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-16 16:19 - 2014-02-06 15:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-15 02:31 - 2013-12-26 11:30 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Amazon Cloud Player 2014-02-15 01:42 - 2014-02-15 01:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-14 21:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-14 21:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-14 21:15 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-13 22:48 - 2014-02-13 16:06 - 00000000 ____D () C:\Users\Daniel\Documents\DayZ 2014-02-13 15:20 - 2014-02-13 15:19 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\SolForge 2014-02-13 15:19 - 2014-02-13 15:19 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\backbeat 2014-02-13 15:19 - 2014-02-13 15:19 - 00000000 ____D () C:\Users\Daniel\AppData\Local\CrashRpt 2014-02-13 15:14 - 2014-02-13 15:10 - 00000000 ____D () C:\ProgramData\Package Cache 2014-02-06 15:41 - 2014-02-06 15:41 - 00000000 ____D () C:\ProgramData\Mozilla 2014-02-06 13:16 - 2014-02-13 14:02 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-13 14:02 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-13 14:02 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-13 14:02 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-13 14:02 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-13 14:02 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-13 14:02 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-13 14:02 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-06 11:49 - 2014-02-13 14:02 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-13 14:02 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-13 14:02 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-13 14:02 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-13 14:02 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-13 14:02 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-13 14:02 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-06 11:11 - 2014-02-13 14:02 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-13 14:02 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-13 14:02 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-13 14:02 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-13 14:02 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-13 14:02 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-13 14:02 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-13 14:02 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-06 10:47 - 2014-02-13 14:02 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-13 14:02 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-13 14:02 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-06 10:25 - 2014-02-13 14:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-06 10:24 - 2014-02-13 14:02 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-06 10:22 - 2014-02-13 14:02 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-13 14:02 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-13 14:02 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-13 14:02 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-13 14:02 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-13 14:02 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-13 14:02 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-13 14:02 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-13 14:02 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-04 20:44 - 2014-02-04 20:44 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\LolClient 2014-02-04 19:39 - 2014-02-04 19:39 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-02-04 19:39 - 2014-02-04 19:39 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Skype 2014-02-04 17:48 - 2014-02-04 17:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\NCH Software 2014-02-04 17:35 - 2014-02-04 17:10 - 00000000 ____D () C:\WINDOWS\System32\Tasks\NCH Software 2014-02-04 17:23 - 2013-12-22 20:52 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-02-04 17:22 - 2013-12-22 20:52 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\DVDVideoSoft 2014-02-04 17:18 - 2014-02-04 17:18 - 00000000 ____D () C:\Users\Daniel\Documents\VideoPad Projects 2014-02-04 17:10 - 2014-02-04 17:10 - 00000000 ____D () C:\ProgramData\NCH Software 2014-02-04 17:10 - 2014-02-04 17:10 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-02-04 17:06 - 2014-02-04 17:06 - 00000000 ____D () C:\Riot Games 2014-02-04 17:06 - 2014-02-01 11:57 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin 2014-02-04 15:30 - 2013-12-23 13:07 - 00000000 __RDO () C:\Users\Daniel\SkyDrive 2014-02-01 11:53 - 2014-02-01 11:53 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-02-01 11:53 - 2014-02-01 11:52 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Riot Games 2014-02-01 11:44 - 2014-02-01 11:43 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Audacity 2014-02-01 11:43 - 2014-02-01 11:42 - 00000000 ____D () C:\Program Files (x86)\Audacity 2014-02-01 11:25 - 2013-10-30 15:35 - 00000000 ____D () C:\Users\Daniel\.VirtualBox 2014-01-31 00:29 - 2014-01-31 00:29 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Criterion Games ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-16 12:33 ==================== End Of Log ============================ --- --- --- --- --- --- --- --- --- --- --- --- Ich hoffe ich habe alles richtig gemacht. Geändert von cheqqe (03.03.2014 um 10:57 Uhr) |
|
04.03.2014, 09:34
| #4 |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware hat 5 Funde. Funde löschen, dann is alles gut 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.03.2014, 12:28
| #5 |
| | Malwarebytes Anti-Malware hat 5 Funde. Danke für die schnelle Antwort. Also hab ich nichts mehr zu befürchten? |
|
05.03.2014, 11:42
| #6 |
| /// the machine /// TB-Ausbilder | Malwarebytes Anti-Malware hat 5 Funde. nö
__________________ --> Malwarebytes Anti-Malware hat 5 Funde. |
|
| Themen zu Malwarebytes Anti-Malware hat 5 Funde. |
| achtung, angst, anti, anti-malware, bereits, forum, fragen, freude, funde, gemeldet, heute, laufe, laufen, mail, malewarebytes, malwarebytes, malwarebytes anti-malware, mcafee, phishing, pup.optional.installcore, pup.optional.opencandy, pup.optional.softonic |
Linear-Darstellung
