Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
AVIRA Werbelink

AVIRA Werbelink


Plagegeister aller Art und deren Bekämpfung: AVIRA Werbelink

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 20.03.2014, 10:53   #1
ruedens
 
AVIRA Werbelink - Standard

AVIRA Werbelink


Liebes TB Team,

ich habe seit heute morgen folgendes Problem: Horizontal gesehen mittig-rechts, vertikal gesehen mittig verändert sich die Maus zu einem Handsymbol, und wenn man dort klickt öffnet sich folgender Link:
hxxp://www.avira.com/de/sticky-password-lp?x-a-source=IPM&x-a-medium=2151&x-a-version=2765&x-a-source=IPM&x-a-medium=2151&x-a-version=2765&x-a-item=unknown
Das Fenster ist ansonsten "unsichtbar", und legt sich über alle Fenster, die an der Stelle offen sind.

Hannahh_H hat gestern Ähnliches berichtet:

http://www.trojaner-board.de/151249-...bewebsite.html

Ich nutze Windows 7 Ultimate (SP1) mit 64 bit und AVIRA Free Antivirus.
Hier die FRST.txt & Addition.txt, die ich heute gemacht habe:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Peer (administrator) on PEER-PC on 20-03-2014 10:33:22
Running from C:\Users\Peer\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Peer\AppData\Roaming\Spotify\spotify.exe
(Dropbox, Inc.) C:\Users\Peer\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
() C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12666984 2011-08-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKU\S-1-5-21-2273563651-1709360000-3174132428-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2273563651-1709360000-3174132428-1000\...\Run: [Spotify Web Helper] - C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-17] (Spotify Ltd)
HKU\S-1-5-21-2273563651-1709360000-3174132428-1000\...\Run: [Spotify] - C:\Users\Peer\AppData\Roaming\Spotify\spotify.exe [6118400 2014-01-17] (Spotify Ltd)
HKU\S-1-5-21-2273563651-1709360000-3174132428-1000\...\MountPoints2: {fe53edc8-fd9c-11e1-8541-806e6f6e6963} - E:\ASRSetup.exe
Startup: C:\Users\Peer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Peer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=hp&babsrc=lnkry_nt
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD35A674CBC91CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=484215fa-bee8-4367-bf08-cc407dc3cfae&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Peer\AppData\Roaming\Mozilla\Firefox\Profiles\4mhw09zi.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Peer\AppData\Roaming\Mozilla\Firefox\Profiles\4mhw09zi.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Peer\AppData\Roaming\Mozilla\Firefox\Profiles\4mhw09zi.default\Extensions\ich@maltegoetz.de [2014-03-18]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Peer\AppData\Roaming\Mozilla\Firefox\Profiles\4mhw09zi.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF Extension: Adblock Plus - C:\Users\Peer\AppData\Roaming\Mozilla\Firefox\Profiles\4mhw09zi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-13]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-07] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-09-14] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-13] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-09-14] ()
R3 RDID1117; C:\Windows\System32\Drivers\rdwm1117.sys [268672 2011-02-18] (Roland Corporation)
R3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 10:33 - 2014-03-20 10:33 - 00013239 _____ () C:\Users\Peer\Desktop\FRST.txt
2014-03-20 10:33 - 2014-03-20 10:33 - 00000000 ____D () C:\FRST
2014-03-20 10:32 - 2014-03-20 10:32 - 02157056 _____ (Farbar) C:\Users\Peer\Desktop\FRST64.exe
2014-03-20 09:22 - 2014-03-20 09:22 - 00000000 ____H () C:\ProgramData\cm-lock
2014-03-18 18:39 - 2014-03-19 16:41 - 00000000 ____D () C:\Users\Peer\Desktop\prag stuff
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\Users\Peer\Documents\Fax
2014-03-18 12:41 - 2014-03-19 19:47 - 09961524 _____ () C:\Users\Peer\Desktop\all these bitches4.reason
2014-03-18 03:00 - 2014-03-18 03:12 - 08388660 _____ () C:\Users\Peer\Desktop\all these bitches3.reason
2014-03-17 13:01 - 2014-03-17 13:02 - 20230372 _____ () C:\Users\Peer\Desktop\Khalil2_2.wav
2014-03-17 11:51 - 2014-03-17 12:59 - 08912948 _____ () C:\Users\Peer\Desktop\Khalil2_2.reason
2014-03-16 17:37 - 2014-03-16 17:43 - 00000000 ____D () C:\Users\Peer\Desktop\Entourage
2014-03-15 21:19 - 2014-03-16 15:14 - 08388660 _____ () C:\Users\Peer\Desktop\all these bitches2.reason
2014-03-15 17:54 - 2014-03-15 17:54 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\OpenOffice
2014-03-15 17:53 - 2014-03-15 17:53 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-15 17:53 - 2014-03-15 17:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Peer\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-03-15 16:54 - 2014-03-16 18:05 - 02621492 _____ () C:\Users\Peer\Desktop\g unniiiitt.reason
2014-03-15 15:38 - 2014-03-15 15:39 - 163606685 _____ () C:\Users\Peer\Desktop\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-03-14 15:09 - 2014-03-14 15:09 - 41208296 _____ () C:\Users\Peer\Desktop\Highway QCs - Nobody Knows YT.wav
2014-03-14 15:08 - 2014-03-14 15:09 - 35190212 _____ () C:\Users\Peer\Desktop\361 - keep it goin wav.wav
2014-03-14 10:30 - 2014-03-14 11:47 - 00000000 ____D () C:\Users\Peer\Desktop\STBB
2014-03-12 11:46 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 11:46 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 11:46 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 11:46 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 11:46 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 11:46 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 11:46 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 11:46 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 11:46 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 11:46 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 11:46 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 11:46 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 11:46 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 11:46 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 11:46 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 11:46 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 11:46 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 11:46 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 11:46 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 11:46 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 11:46 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 11:46 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 11:46 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 11:46 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 11:46 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 11:46 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 11:46 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 11:46 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 11:46 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 11:46 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 11:46 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 11:46 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 11:46 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 11:46 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 11:46 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 11:46 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 11:46 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 11:46 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 11:46 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 11:46 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 11:46 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 11:46 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 11:46 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 11:46 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 11:45 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 11:45 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 11:45 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 11:45 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 21:15 - 2014-03-11 21:15 - 00000995 _____ () C:\Users\Peer\Desktop\SopCast.lnk
2014-03-11 21:15 - 2014-03-11 21:14 - 05442093 _____ () C:\Users\Peer\Downloads\Setup-SopCast-3.8.3-2013-6-26.exe
2014-03-11 21:09 - 2014-03-11 21:15 - 00000000 ____D () C:\Program Files (x86)\SopCast
2014-03-11 21:09 - 2014-03-11 21:09 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2014-03-11 13:36 - 2014-03-15 19:17 - 07864372 _____ () C:\Users\Peer\Desktop\all these bitches.reason
2014-03-04 14:31 - 2014-03-04 14:32 - 23224444 _____ () C:\Users\Peer\Desktop\Document dance.wav
2014-03-03 22:50 - 2014-03-04 00:11 - 21337468 _____ () C:\Users\Peer\Desktop\Document dance2.wav
2014-03-03 16:47 - 2014-03-06 21:01 - 07340084 _____ () C:\Users\Peer\Desktop\Document dance2.reason
2014-03-03 12:17 - 2014-03-03 12:17 - 00003072 _____ () C:\Windows\System32\Tasks\{B1B37C37-7174-497F-BE4D-53B04E2415DE}
2014-02-28 14:50 - 2014-03-03 16:31 - 03407924 _____ () C:\Users\Peer\Desktop\Document dance.reason
2014-02-28 09:52 - 2014-03-03 12:18 - 00000073 _____ () C:\Users\Peer\Desktop\URO.txt
2014-02-26 18:44 - 2014-02-27 14:08 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 17:49 - 2014-02-26 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-20 10:33 - 2014-03-20 10:33 - 00013239 _____ () C:\Users\Peer\Desktop\FRST.txt
2014-03-20 10:33 - 2014-03-20 10:33 - 00000000 ____D () C:\FRST
2014-03-20 10:32 - 2014-03-20 10:32 - 02157056 _____ (Farbar) C:\Users\Peer\Desktop\FRST64.exe
2014-03-20 10:29 - 2011-04-12 08:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-03-20 10:29 - 2011-04-12 08:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-03-20 10:29 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-20 10:27 - 2012-09-13 16:23 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\Skype
2014-03-20 10:26 - 2012-09-13 15:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-20 10:26 - 2011-10-11 20:59 - 00070564 _____ () C:\Windows\setupact.log
2014-03-20 10:17 - 2013-06-04 15:23 - 00000064 __RSH () C:\Windows\system32\Drivers\WUDFRd.winsecurity
2014-03-20 09:45 - 2013-06-14 12:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-20 09:44 - 2013-06-04 15:23 - 00000064 __RSH () C:\Windows\system32\Drivers\USBSTOR.winsecurity
2014-03-20 09:29 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 09:29 - 2009-07-14 05:45 - 00021472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 09:26 - 2012-09-13 14:54 - 01476554 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 09:23 - 2012-09-14 01:33 - 00000000 ___RD () C:\Users\Peer\Dropbox
2014-03-20 09:23 - 2012-09-14 01:28 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\Dropbox
2014-03-20 09:23 - 2012-09-13 15:48 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\Spotify
2014-03-20 09:22 - 2014-03-20 09:22 - 00000000 ____H () C:\ProgramData\cm-lock
2014-03-20 09:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 19:47 - 2014-03-18 12:41 - 09961524 _____ () C:\Users\Peer\Desktop\all these bitches4.reason
2014-03-19 16:41 - 2014-03-18 18:39 - 00000000 ____D () C:\Users\Peer\Desktop\prag stuff
2014-03-19 15:12 - 2013-11-07 18:58 - 00000000 ____D () C:\Users\Peer\Desktop\Kongress
2014-03-18 18:31 - 2014-03-18 18:31 - 00000000 ____D () C:\Users\Peer\Documents\Fax
2014-03-18 17:09 - 2012-10-04 23:43 - 590438885 _____ () C:\Windows\MEMORY.DMP
2014-03-18 17:09 - 2012-10-04 23:43 - 00000000 ____D () C:\Windows\Minidump
2014-03-18 16:39 - 2012-09-17 15:27 - 00000000 ____D () C:\Users\Peer\AppData\Local\Last.fm
2014-03-18 13:04 - 2013-08-14 17:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 13:03 - 2011-10-11 19:58 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 03:12 - 2014-03-18 03:00 - 08388660 _____ () C:\Users\Peer\Desktop\all these bitches3.reason
2014-03-18 01:01 - 2012-09-13 15:48 - 00000000 ____D () C:\Users\Peer\AppData\Local\Spotify
2014-03-17 17:14 - 2012-10-26 15:20 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\mIRC
2014-03-17 16:24 - 2012-10-26 15:20 - 00000000 ____D () C:\Program Files (x86)\mIRC
2014-03-17 13:02 - 2014-03-17 13:01 - 20230372 _____ () C:\Users\Peer\Desktop\Khalil2_2.wav
2014-03-17 12:59 - 2014-03-17 11:51 - 08912948 _____ () C:\Users\Peer\Desktop\Khalil2_2.reason
2014-03-16 23:56 - 2012-10-09 15:48 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\vlc
2014-03-16 21:35 - 2013-06-05 01:22 - 29360180 _____ () C:\Users\Peer\Desktop\Document 1.reason
2014-03-16 18:05 - 2014-03-15 16:54 - 02621492 _____ () C:\Users\Peer\Desktop\g unniiiitt.reason
2014-03-16 17:43 - 2014-03-16 17:37 - 00000000 ____D () C:\Users\Peer\Desktop\Entourage
2014-03-16 15:14 - 2014-03-15 21:19 - 08388660 _____ () C:\Users\Peer\Desktop\all these bitches2.reason
2014-03-16 12:40 - 2012-09-13 15:20 - 00115304 _____ () C:\Users\Peer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-16 12:24 - 2009-07-14 05:45 - 00444440 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 19:17 - 2014-03-11 13:36 - 07864372 _____ () C:\Users\Peer\Desktop\all these bitches.reason
2014-03-15 17:54 - 2014-03-15 17:54 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\OpenOffice
2014-03-15 17:53 - 2014-03-15 17:53 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-15 17:53 - 2014-03-15 17:53 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-03-15 17:45 - 2014-03-15 17:45 - 00000000 ____D () C:\Users\Peer\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-03-15 15:39 - 2014-03-15 15:38 - 163606685 _____ () C:\Users\Peer\Desktop\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-03-14 15:09 - 2014-03-14 15:09 - 41208296 _____ () C:\Users\Peer\Desktop\Highway QCs - Nobody Knows YT.wav
2014-03-14 15:09 - 2014-03-14 15:08 - 35190212 _____ () C:\Users\Peer\Desktop\361 - keep it goin wav.wav
2014-03-14 11:47 - 2014-03-14 10:30 - 00000000 ____D () C:\Users\Peer\Desktop\STBB
2014-03-11 21:15 - 2014-03-11 21:15 - 00000995 _____ () C:\Users\Peer\Desktop\SopCast.lnk
2014-03-11 21:15 - 2014-03-11 21:09 - 00000000 ____D () C:\Program Files (x86)\SopCast
2014-03-11 21:14 - 2014-03-11 21:15 - 05442093 _____ () C:\Users\Peer\Downloads\Setup-SopCast-3.8.3-2013-6-26.exe
2014-03-11 21:09 - 2014-03-11 21:09 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2014-03-11 18:46 - 2013-06-14 12:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-11 18:46 - 2012-09-14 01:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-11 18:46 - 2012-09-14 01:01 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-06 21:01 - 2014-03-03 16:47 - 07340084 _____ () C:\Users\Peer\Desktop\Document dance2.reason
2014-03-05 02:40 - 2012-09-15 20:55 - 00000000 ____D () C:\Users\Peer\AppData\Roaming\Audacity
2014-03-04 14:32 - 2014-03-04 14:31 - 23224444 _____ () C:\Users\Peer\Desktop\Document dance.wav
2014-03-04 00:11 - 2014-03-03 22:50 - 21337468 _____ () C:\Users\Peer\Desktop\Document dance2.wav
2014-03-03 17:05 - 2012-11-20 21:09 - 00000000 ____D () C:\Users\Peer\Desktop\Samples for tha Peer
2014-03-03 16:31 - 2014-02-28 14:50 - 03407924 _____ () C:\Users\Peer\Desktop\Document dance.reason
2014-03-03 12:18 - 2014-02-28 09:52 - 00000073 _____ () C:\Users\Peer\Desktop\URO.txt
2014-03-03 12:17 - 2014-03-03 12:17 - 00003072 _____ () C:\Windows\System32\Tasks\{B1B37C37-7174-497F-BE4D-53B04E2415DE}
2014-03-03 11:38 - 2012-09-14 18:21 - 00045283 _____ () C:\Windows\DirectX.log
2014-03-01 07:05 - 2014-03-12 11:46 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 11:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 11:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 11:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 11:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 11:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 11:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 11:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 11:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 11:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 11:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 11:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 11:46 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 11:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 11:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 11:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 11:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 11:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 11:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 11:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 11:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 11:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 11:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 11:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 11:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 11:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 11:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 11:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 11:46 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 11:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 11:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 11:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 11:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 11:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 11:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 11:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 11:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 11:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 11:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 11:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 09:34 - 2012-12-04 18:04 - 00000000 ____D () C:\Users\Peer\Desktop\Programme
2014-02-28 09:22 - 2012-09-13 15:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 14:08 - 2014-02-26 18:44 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 12:38 - 2010-11-21 04:47 - 00189470 _____ () C:\Windows\PFRO.log
2014-02-26 17:49 - 2014-02-26 17:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-26 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\Peer\AppData\Local\Temp\AskSLib.dll
C:\Users\Peer\AppData\Local\Temp\avgnt.exe
C:\Users\Peer\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Peer\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\Peer\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Peer\AppData\Local\Temp\Last.fm-1.5.4.27091.exe
C:\Users\Peer\AppData\Local\Temp\Last.fm-2.1.30.exe
C:\Users\Peer\AppData\Local\Temp\Last.fm-2.1.32.exe
C:\Users\Peer\AppData\Local\Temp\mirc727.exe
C:\Users\Peer\AppData\Local\Temp\ose00000.exe
C:\Users\Peer\AppData\Local\Temp\ose00002.exe
C:\Users\Peer\AppData\Local\Temp\patchw32.dll
C:\Users\Peer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Peer\AppData\Local\Temp\tmpD779.exe
C:\Users\Peer\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Peer\AppData\Local\Temp\WinampPluginSetup_2.1.0.9.exe
C:\Users\Peer\AppData\Local\Temp\WmpPluginSetup_2.1.0.6.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 17:24

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Peer at 2014-03-20 10:33:52
Running from C:\Users\Peer\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Reader X (10.1.5) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 2.5.684.213 - Advanced Micro Devices Inc.) Hidden
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2011.0707.2346.40825 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.60707.2331 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0707.2346.40825 - Ihr Firmenname) Hidden
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{541D3A3F-1FFC-9EB6-6C77-75809AAB87AE}) (Version: 3.0.833.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Authorizer 1.0.2 (HKLM-x32\...\Authorizer_is1) (Version: 1.0.2 - Propellerhead Software AB)
Authorizer 2.5.1 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.5.1 - Propellerhead Software AB)
Authorizer Ignition Key Support (Version: 1.0.5.0 - Propellerhead Software AB) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4689 - APN, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0707.2346.40825 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0707.2346.40825 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0707.2346.40825 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help English (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help French (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help German (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0707.2345.40825 - ATI) Hidden
ccc-utility64 (Version: 2011.0707.2346.40825 - ATI) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Command & Conquer™ Alarmstufe Rot 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version:  - Codemasters)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version:  - Stripf Software)
HydraVision (x32 Version: 4.2.208.0 - ATI Technologies Inc.) Hidden
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Last.fm Scrobbler 2.1.32 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.27 - mIRC Co. Ltd.)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
QUAD-CAPTURE-Treiber (HKLM\...\RolandRDID0117) (Version:  - Roland Corporation)
Rapture3D 2.4.11 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6433 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Reason 6.0.2 (HKLM\...\Reason6.0_64_is1) (Version: 6.0.2 - Propellerhead Software AB)
Reason 7.0.1 (HKLM\...\Reason7.0_64_is1) (Version: 7.0.1 - Propellerhead Software AB)
Shutdown Timer (HKLM\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Shutdown Timer (HKLM-x32\...\{DC6B4110-394D-45B9-A677-BA495D84CA63}) (Version: 3.1 - Sinvise Systems)
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

11-03-2014 12:15:14 Windows Update
13-03-2014 01:57:57 Windows Update
15-03-2014 16:45:24 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
15-03-2014 16:46:57 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
15-03-2014 16:52:51 OpenOffice 4.0.1 wird installiert
18-03-2014 10:03:06 Windows Update
18-03-2014 12:02:38 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {CB5F187A-46F9-45E1-B135-7DCB83F44E3F} - System32\Tasks\{B1B37C37-7174-497F-BE4D-53B04E2415DE} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsMain
Task: {ECBE3973-4208-4166-A8C3-57B274B2BEB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-07-07 22:36 - 2011-07-07 22:36 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-07-07 22:44 - 2011-07-07 22:44 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-24 22:35 - 2014-01-17 16:49 - 00603648 _____ () C:\Users\Peer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-08-05 13:05 - 2013-08-05 13:01 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 11:49 - 2011-03-04 11:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2012-09-13 15:48 - 2014-01-17 16:49 - 36967424 _____ () C:\Users\Peer\AppData\Roaming\Spotify\Data\libcef.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Peer\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-11 18:46 - 2014-03-11 18:46 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2013-09-24 22:35 - 2014-01-17 16:49 - 00887808 _____ () C:\Users\Peer\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-24 22:35 - 2014-01-17 16:49 - 00109568 _____ () C:\Users\Peer\AppData\Roaming\Spotify\Data\libegl.dll
2013-01-22 22:56 - 2013-01-22 13:05 - 00608256 _____ () C:\Program Files (x86)\Last.fm\unicorn.dll
2013-01-22 22:56 - 2013-01-22 13:04 - 00032768 _____ () C:\Program Files (x86)\Last.fm\logger.dll
2013-01-22 22:56 - 2013-01-22 13:04 - 00354304 _____ () C:\Program Files (x86)\Last.fm\lastfm.dll
2013-01-22 22:56 - 2013-01-22 13:05 - 00121856 _____ () C:\Program Files (x86)\Last.fm\listener.dll
2013-01-22 22:56 - 2013-01-22 13:04 - 00088576 _____ () C:\Program Files (x86)\Last.fm\lastfm_fingerprint.dll
2013-01-22 22:56 - 2013-01-18 13:01 - 01478144 _____ () C:\Program Files (x86)\Last.fm\libsamplerate-0.dll
2012-09-17 15:27 - 2012-04-28 10:15 - 02320776 _____ () C:\Program Files (x86)\Last.fm\libfftw3f-3.dll
2013-01-22 22:56 - 2013-01-18 12:37 - 00302592 _____ () C:\Program Files (x86)\Last.fm\avformat-54.dll
2013-01-22 22:56 - 2013-01-18 12:37 - 02000384 _____ () C:\Program Files (x86)\Last.fm\avcodec-54.dll
2013-01-22 22:56 - 2013-01-18 12:37 - 00286720 _____ () C:\Program Files (x86)\Last.fm\avutil-52.dll
2013-01-22 22:56 - 2013-01-18 12:37 - 00140800 _____ () C:\Program Files (x86)\Last.fm\swresample-0.dll
2013-01-22 22:56 - 2013-01-18 11:39 - 00302592 _____ () C:\Program Files (x86)\Last.fm\phonon.dll
2013-01-22 22:56 - 2013-01-18 11:49 - 00182784 _____ () C:\Program Files (x86)\Last.fm\plugins\phonon_backend\phonon_vlc.dll
2013-01-22 22:56 - 2012-10-15 20:27 - 00111616 _____ () C:\Program Files (x86)\Last.fm\libvlc.dll
2013-01-22 22:56 - 2012-10-15 20:28 - 02286592 _____ () C:\Program Files (x86)\Last.fm\libvlccore.dll
2013-01-22 22:56 - 2012-10-15 20:28 - 00049664 _____ () C:\Program Files (x86)\Last.fm\plugins\audio_output\libaout_directx_plugin.dll
2014-02-26 17:49 - 2014-02-26 17:49 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-26 18:35 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-02-26 18:35 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-04-23 17:30 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-09-13 15:53 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-13 15:53 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-09-13 15:53 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-09-13 15:53 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-09-13 15:53 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:CM_282fe0ff5ae3d8fd33a0ec7191a713f67bc49e9bece0f982346ab2b5c80fd6d3
AlternateDataStreams: C:\Windows:CM_bb3fa605eb62a80cd84bc0449ae44fd611a23cf1a9c89a2c7a28b13fb101f6c3

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/20/2014 09:23:55 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2014 06:44:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/19/2014 06:44:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="x86",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (03/19/2014 11:45:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 05:11:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 03:31:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 01:08:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 11:00:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2014 01:41:17 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 27.0.1.5156, Zeitstempel: 0x52fc0faa
Name des fehlerhaften Moduls: xul.dll, Version: 27.0.1.5156, Zeitstempel: 0x52fc0f79
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001560c7
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (03/18/2014 01:01:07 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/20/2014 00:29:53 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/19/2014 11:25:10 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (03/19/2014 11:25:10 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (03/19/2014 11:25:09 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (03/19/2014 11:25:09 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (03/19/2014 11:25:08 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (03/19/2014 11:50:03 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (03/19/2014 02:38:30 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/18/2014 05:09:28 PM) (Source: BugCheck) (User: )
Description: 0x00000116 (0xfffffa800a552010, 0xfffff88006e429c8, 0x0000000000000000, 0x0000000000000002)C:\Windows\MEMORY.DMP

Error: (03/18/2014 05:09:28 PM) (Source: BugCheck) (User: )
Description: 


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 32%
Total physical RAM: 8175.24 MB
Available physical RAM: 5520.89 MB
Total Pagefile: 16348.66 MB
Available Pagefile: 13356.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:247.82 GB) (Free:70.85 GB) NTFS
Drive d: () (Fixed) (Total:683.59 GB) (Free:589.98 GB) NTFS
Drive g: (CODEMETER) (Fixed) (Total:0.04 GB) (Free:0 GB) FAT32
Drive i: (REB 24 bit) (CDROM) (Total:4.06 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C8239595)

Partition: GPT Partition Type.

==================== End Of Log ============================
Ich hoffe sehr, dass ihr mir weiterhelfen könnt!

Beste Grüße
rued
Geändert von ruedens (20.03.2014 um 10:58 Uhr)

Alt 20.03.2014, 11:03   #2
schrauber
/// the machine
/// TB-Ausbilder
 
AVIRA Werbelink - Standard

AVIRA Werbelink


Hi,

kannste mir davon mal einen Screenshot machen?
__________________

__________________
Alt 20.03.2014, 11:38   #3
ruedens
 
AVIRA Werbelink - Standard

AVIRA Werbelink


Hej,

danke für die schnelle Antwort! Auf dem Screenie war leider nichts zu sehen, da der Bereich, in dem der Link war nicht sichtbar war. Jetzt wollte ich das ganze mit Irfanview machen, damit man wenigstens den Mauszeiger sehen kann, und in dem Moment ist das Ding an die "übliche" AVIRA Werbestelle unten rechts verrückt (Bild von dem Ding im Anhang).
Scheinbar wieder ein grober Fehler seitens AVIRA.
Das Problem scheint gerade im übrigen relativ viele Leute zu betreffen, die AVIRA FB Seite ist voll von Beschwerden.
__________________
Angehängte Grafiken
Dateityp: png avira werbelink.png (91,1 KB, 222x aufgerufen)

Alt 20.03.2014, 12:13   #4
schrauber
/// the machine
/// TB-Ausbilder
 
AVIRA Werbelink - Standard

AVIRA Werbelink


Jep, Avira problem. Wieder ein Ding mehr auf der ellenlangen Liste die gegen Avira spricht
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu AVIRA Werbelink
0x00000116, 4d36e972-e325-11ce-bfc1-08002be10318, adobe, antivir, antivirus, avira, bonjour, branding, browser, defender, excel, fehler, firefox, flash player, homepage, installation, maus, mozilla, photoshop, problem, realtek, registry, scan, services.exe, software, spotify web helper, svchost.exe, system, windows


« Bundestrojaner - Ja oder Nein | 1 mb nicht formatierbar, immer wieder hängt sich norten auf, oder browser »


Ähnliche Themen: AVIRA Werbelink


  1. Abstürzen einige Minuten nach Start, Bildschirm schwarz, kurzer Surrton, Avira Meldung: avira.systray.exe ungültiges Bild
    Plagegeister aller Art und deren Bekämpfung - 26.09.2015 (5)
  2. Windows 7, Trojaner von Avira geblockt + entfernt, Malwarebytes möglicher Fund aber von Avira geblockt
    Log-Analyse und Auswertung - 13.05.2015 (13)
  3. Avira Sicherheitshinweis
    Plagegeister aller Art und deren Bekämpfung - 28.04.2015 (5)
  4. Virus als Avira getarnt? - "C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /showMiniGui
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (3)
  5. Avira findet TR/Swrort.A.10259 in chrome.exe | Avira: This is a known false alarm which was fixed with VDF version 7.11.163.82
    Plagegeister aller Art und deren Bekämpfung - 23.07.2014 (3)
  6. C:\program files (x86)\avira\my avira\avira.oe.systray.exe gruppenrichtlienie geblockt
    Log-Analyse und Auswertung - 26.06.2014 (5)
  7. Avira blockiert?
    Plagegeister aller Art und deren Bekämpfung - 14.01.2014 (10)
  8. Virus TR/ATRAPS.Gen2 durch Avira entdeckt. Keine Lösung durch Avira
    Log-Analyse und Auswertung - 29.10.2013 (3)
  9. Win7; Avira-Fund:TR/Mevade.A.95 (143 Virenfunde laut Avira)
    Log-Analyse und Auswertung - 06.10.2013 (11)
  10. Avira Vollversion
    Überwachung, Datenschutz und Spam - 18.09.2013 (2)
  11. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  12. TR/ATRAPSGEN2-Meldungen erschienen auf meinem PC und nun ist AVIRA-Regenschirm auf Symbol von Avira Free Antivirus eingeklappt
    Log-Analyse und Auswertung - 27.09.2012 (5)
  13. Avira Spurenblocker
    Antiviren-, Firewall- und andere Schutzprogramme - 24.08.2012 (10)
  14. Avira Einstellungen
    Antiviren-, Firewall- und andere Schutzprogramme - 22.07.2011 (1)
  15. System hängt, Avira & Malwarebytes crash nach Trojanerfund durch Avira
    Plagegeister aller Art und deren Bekämpfung - 24.03.2010 (56)
  16. Avira 9
    Antiviren-, Firewall- und andere Schutzprogramme - 29.03.2009 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema AVIRA Werbelink - Liebes TB Team, ich habe seit heute morgen folgendes Problem: Horizontal gesehen mittig-rechts, vertikal gesehen mittig verändert sich die Maus zu einem Handsymbol, und wenn man dort klickt öffnet sich - AVIRA Werbelink...
Archiv
Du betrachtest: AVIRA Werbelink auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131