| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC kürzlich bereinigt und schon wieder MalwareWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.03.2014, 00:08
| #1 |
 |  PC kürzlich bereinigt und schon wieder Malware Hallo, erst vor kurzer Zeit wurde der PC von Schrauber bereinigt und jetzt habe ich mir wieder Malware eingefangen. Obwohl ich alle Ratschläge von Schrauber befolgt habe, hat sich etwas auf dem Computer eingenistet.  Ich habe keine Ahnung, wie das passieren konnte.Da ich regelmäßig den Computer scanne, hatte Search & Destroy Alarm geschlagen. Avast hat nichts gefunden. Search & Destroy: Code:
ATTFilter Search results from Spybot - Search & Destroy
28.03.2014 23:46:47
Scan took 00:26:09.
11 items found.
Somoto.BetterInstaller: [SBI $B8A7F4F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdp
Somoto.BetterInstaller: [SBI $B8A7F4F7] Root class (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdp
MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-5302519-908166271-969323471-1002\Software\Microsoft\DirectInput\MostRecentApplication\Name
MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-5302519-908166271-969323471-1002\Software\Microsoft\DirectInput\MostRecentApplication\Id
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-5302519-908166271-969323471-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-5302519-908166271-969323471-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)
Cache: [SBI $49804B54] Browser: Cache (50) (Browser: Cache, nothing done)
Verlauf: [SBI $49804B54] Browser: History (10) (Browser: History, nothing done)
--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---
2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2014-03-11 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-03-26 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-03-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-03-26 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-03-26 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by irmhov1 (administrator) on IRMHOV on 28-03-2014 23:57:49
Running from C:\Users\irmhov1\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Microsoft Corporation) C:\Windows\system32\prevhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-27] (AVAST Software)
HKLM-x32\...\Run: [Ulead AutoDetector v2] - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [95504 2007-08-02] (Ulead Systems, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-5302519-908166271-969323471-1002\...\Run: [Driver Restore] - C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [3988856 2013-09-19] (PC Drivers Headquarters)
HKU\S-1-5-21-5302519-908166271-969323471-1002\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-5302519-908166271-969323471-1002\...\Run: [WinPatrol] - C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [527936 2014-03-17] (BillP Studios)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKCU - {FE288B81-F739-409D-8A64-81FB9F33CE22} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FireFox:
========
FF ProfilePath: C:\Users\irmhov1\AppData\Roaming\Mozilla\Firefox\Profiles\gxnjo8ee.default
FF DefaultSearchEngine: Ixquick HTTPS - Deutsch
FF SelectedSearchEngine: Ixquick HTTPS - Deutsch
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\irmhov1\AppData\Roaming\Mozilla\Firefox\Profiles\gxnjo8ee.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\irmhov1\AppData\Roaming\Mozilla\Firefox\Profiles\gxnjo8ee.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-11]
FF Extension: NoScript - C:\Users\irmhov1\AppData\Roaming\Mozilla\Firefox\Profiles\gxnjo8ee.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-11]
FF Extension: Adblock Plus - C:\Users\irmhov1\AppData\Roaming\Mozilla\Firefox\Profiles\gxnjo8ee.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-27]
Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-27]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-27] (AVAST Software)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-03-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-27] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-03-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-28 23:57 - 2014-03-28 23:57 - 00011650 _____ () C:\Users\irmhov1\Desktop\FRST.txt
2014-03-28 21:49 - 2014-03-28 21:49 - 02157056 _____ (Farbar) C:\Users\irmhov1\Desktop\FRST64.exe
2014-03-28 19:56 - 2012-07-26 06:26 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140328-195615.backup
2014-03-28 19:06 - 2014-03-28 19:06 - 04864896 _____ (Gougelet Pierre-e ) C:\Users\irmhov1\Downloads\XnView-win.exe
2014-03-28 19:04 - 2014-03-28 19:05 - 31429160 _____ (Any-Video-Converter.com ) C:\Users\irmhov1\Downloads\avc-free.exe
2014-03-28 19:04 - 2014-03-28 19:04 - 11617048 _____ () C:\Users\irmhov1\Downloads\YTD471Setup.exe
2014-03-28 18:44 - 2014-03-28 22:40 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-28 16:24 - 2014-03-28 16:24 - 00000000 _____ () C:\Users\irmhov1\Sti_Trace.log
2014-03-27 23:37 - 2014-03-28 18:43 - 00000204 _____ () C:\Windows\ulead32.ini
2014-03-27 23:33 - 2014-03-27 23:33 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-03-27 23:33 - 1995-10-27 04:55 - 00087328 ____N (Twain Working Group) C:\Windows\TWAIN.DLL
2014-03-27 23:33 - 1995-09-15 02:51 - 00069632 ____N (Twain Working Group) C:\Windows\TWUNK_32.EXE
2014-03-27 23:33 - 1995-09-15 02:51 - 00048560 ____N (Twain Working Group) C:\Windows\TWUNK_16.EXE
2014-03-27 23:21 - 2014-03-27 23:21 - 00000000 ____D () C:\Windows\de
2014-03-27 23:20 - 2014-03-27 23:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-27 22:47 - 2014-03-27 23:29 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Windows Live
2014-03-27 22:47 - 2014-03-27 22:47 - 00000000 ___RD () C:\Users\irmhov1\OneDrive
2014-03-27 22:47 - 2014-03-27 22:47 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-27 22:47 - 2014-03-27 22:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-03-27 22:45 - 2014-03-27 22:45 - 01245376 _____ (Microsoft Corporation) C:\Users\irmhov1\Downloads\wlsetup-web.exe
2014-03-27 21:55 - 2014-03-27 21:55 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Ulead Systems
2014-03-27 21:49 - 2014-03-27 21:52 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-03-27 21:49 - 2014-03-27 21:49 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-03-27 21:29 - 2014-03-27 21:29 - 00000000 ____D () C:\Users\Public\Documents\Poser 9 Content
2014-03-27 20:35 - 2014-03-27 20:35 - 15948351 _____ () C:\Users\irmhov1\Downloads\wings-x64-1.5.2.exe
2014-03-27 20:27 - 2014-03-27 20:27 - 05290664 _____ (Canneverbe Limited ) C:\Users\irmhov1\Downloads\cdbxp_setup_4.5.3.4643.exe
2014-03-27 20:23 - 2014-03-27 20:23 - 01950720 _____ () C:\Users\irmhov1\Downloads\adwcleaner.exe
2014-03-27 20:19 - 2014-03-27 20:19 - 01110476 _____ () C:\Users\irmhov1\Downloads\7z920.exe
2014-03-27 20:11 - 2014-03-28 22:40 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-27 20:11 - 2014-03-27 20:11 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-27 20:11 - 2014-03-27 20:11 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-27 20:11 - 2014-03-27 20:11 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\AVAST Software
2014-03-27 20:11 - 2014-03-27 20:11 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-27 19:53 - 2014-03-27 19:54 - 88551496 _____ (AVAST Software) C:\Users\irmhov1\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-03-27 17:59 - 2014-03-27 18:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 17:58 - 2014-03-27 17:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-27 17:58 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-27 17:58 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-27 17:54 - 2014-03-27 17:55 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\irmhov1\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-26 17:01 - 2014-03-26 17:00 - 00700980 _____ () C:\Users\irmhov1\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-03-26 16:58 - 2014-03-26 16:58 - 00526323 _____ () C:\Users\irmhov1\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-26 16:54 - 2014-03-26 16:54 - 00536595 _____ () C:\Users\irmhov1\Downloads\noscript-2.6.8.18.zip
2014-03-26 12:52 - 2014-03-26 13:03 - 00000000 ____D () C:\AdwCleaner
2014-03-26 09:47 - 2014-03-26 09:47 - 24361353 _____ () C:\Users\irmhov1\Downloads\MicrosoftSecurityEssentials-4.4.zip
2014-03-25 23:15 - 2014-03-27 20:31 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-03-25 23:15 - 2014-03-25 23:15 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Canneverbe Limited
2014-03-25 23:15 - 2014-03-25 23:15 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-25 21:43 - 2014-03-25 21:43 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Wings3D
2014-03-25 21:40 - 2014-03-27 20:39 - 00000000 ____D () C:\Program Files\wings3d_1.5.2
2014-03-25 21:20 - 2014-03-25 21:20 - 00000000 ____D () C:\ProgramData\Poser
2014-03-25 21:14 - 2014-03-25 21:14 - 00000000 ____D () C:\Users\irmhov1\Documents\Poser 9 Content
2014-03-25 20:51 - 2014-03-25 20:51 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Poser
2014-03-25 20:41 - 2014-03-27 21:29 - 00000000 ____D () C:\Users\irmhov1\Documents\Progis
2014-03-25 20:23 - 2014-03-25 20:23 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-03-25 20:23 - 2014-03-25 20:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-25 19:25 - 2014-03-25 19:25 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-03-24 22:48 - 2014-03-24 22:48 - 07131335 _____ () C:\Users\irmhov1\Downloads\XnView-win.zip
2014-03-24 21:54 - 2014-03-27 20:24 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-23 20:29 - 2014-03-23 20:29 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 20:27 - 2014-03-23 20:29 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Adobe
2014-03-23 12:35 - 2014-03-23 13:03 - 00000000 ____D () C:\Users\irmhov1\Desktop\Daten_irmhov
2014-03-21 20:42 - 2014-03-21 20:42 - 00000000 ____D () C:\Users\irmhov1\Documents\Tools
2014-03-21 20:16 - 2014-03-27 17:44 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-21 20:16 - 2014-03-23 20:10 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-03-21 20:16 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-03-21 20:16 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-03-21 19:56 - 2014-03-27 17:41 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-21 19:56 - 2014-03-21 19:56 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\WinPatrol
2014-03-21 19:56 - 2014-03-21 19:56 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-03-21 19:27 - 2014-03-21 19:27 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Avg2014
2014-03-21 17:33 - 2014-03-28 23:57 - 00000000 ____D () C:\FRST
2014-03-21 16:32 - 2014-03-21 16:32 - 01066536 _____ (BillP Studios) C:\Users\irmhov1\Downloads\wpsetup.exe
2014-03-21 16:10 - 2014-03-21 16:10 - 04095448 _____ (BrightFort LLC ) C:\Users\irmhov1\Downloads\spywareblastersetup50.exe
2014-03-21 16:07 - 2014-03-21 16:07 - 00448512 _____ (OldTimer Tools) C:\Users\irmhov1\Downloads\TFC.exe
2014-03-21 10:03 - 2014-03-21 10:03 - 00000241 _____ () C:\Windows\Brpfx04a.ini
2014-03-21 10:03 - 2014-03-21 10:03 - 00000093 _____ () C:\Windows\brpcfx.ini
2014-03-21 10:02 - 2014-03-21 10:02 - 00000050 _____ () C:\Windows\system32\bridf08b.dat
2014-03-21 10:01 - 2014-03-21 10:01 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-03-21 10:01 - 2008-10-17 20:04 - 00179712 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrfxDA5b.dll
2014-03-21 10:01 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2014-03-21 10:01 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2014-03-21 10:01 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2014-03-21 10:01 - 2007-12-13 22:16 - 00003072 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2014-03-21 10:01 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\Windows\SysWOW64\BroSNMP.dll
2014-03-21 10:01 - 2003-11-28 18:57 - 00000000 _____ () C:\Windows\brdfxspd.dat
2014-03-21 10:00 - 2014-03-21 10:00 - 00000000 ____D () C:\Users\irmhov1\Downloads\mflpro
2014-03-21 10:00 - 2014-03-21 10:00 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\InstallShield
2014-03-21 09:59 - 2014-03-21 10:00 - 45949032 _____ (A.I.SOFT,INC.) C:\Users\irmhov1\Downloads\MFC-250C-inst-win8-A1.EXE
2014-03-21 09:51 - 2014-03-21 09:51 - 00000000 ____D () C:\ProgramData\Brother
2014-03-20 21:26 - 2014-03-20 21:27 - 53904525 _____ () C:\Users\irmhov1\Downloads\blender-2.70-windows64.exe
2014-03-20 19:25 - 2014-03-21 07:17 - 00000000 ____D () C:\Users\irmhov1\Downloads\Drucker_Treiber_Win 8
2014-03-20 19:10 - 2014-03-20 19:10 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-19 00:22 - 2014-03-19 00:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-19 00:22 - 2014-03-19 00:22 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Skype
2014-03-18 23:57 - 2014-03-18 23:57 - 21987424 _____ (Mozilla) C:\Users\irmhov1\Downloads\Thunderbird Setup 24.4.0.exe
2014-03-16 19:30 - 2014-03-16 19:30 - 00000000 ___RD () C:\Users\irmhov1\AppData\Roaming\Brother
2014-03-15 23:11 - 2014-03-19 11:04 - 00000000 ____D () C:\Windows\ERUNT
2014-03-14 15:09 - 2014-03-28 18:41 - 00429392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 13:29 - 2014-02-23 09:12 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 13:29 - 2014-02-23 09:11 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 13:29 - 2014-02-23 07:53 - 14358016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 13:29 - 2014-02-23 07:53 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 13:29 - 2013-10-25 08:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-13 13:29 - 2013-10-24 23:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-13 13:28 - 2014-02-23 09:13 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 13:28 - 2014-02-23 09:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 13:28 - 2014-02-23 09:13 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-03-13 13:28 - 2014-02-23 09:13 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-03-13 13:28 - 2014-02-23 09:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 13:28 - 2014-02-23 09:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 13:28 - 2014-02-23 09:12 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 13:28 - 2014-02-23 09:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 13:28 - 2014-02-23 07:54 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 13:28 - 2014-02-23 07:54 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 13:28 - 2014-02-23 07:54 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 13:28 - 2014-02-23 07:53 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 13:28 - 2014-02-23 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 13:28 - 2014-02-23 07:31 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 13:28 - 2014-02-23 05:06 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-03-13 13:28 - 2014-02-08 05:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 13:28 - 2013-12-07 07:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-13 13:28 - 2013-12-07 06:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-13 13:27 - 2014-02-06 00:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 13:27 - 2014-02-06 00:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 13:27 - 2014-01-31 01:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 13:27 - 2014-01-31 01:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 15:56 - 2014-03-27 17:59 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Malwarebytes
2014-03-12 15:55 - 2014-03-27 17:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-12 15:55 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-12 11:43 - 2014-03-12 11:43 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\TuneUp Software
2014-03-12 11:42 - 2014-03-21 19:27 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-12 11:42 - 2014-03-12 11:42 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\MFAData
2014-03-11 19:04 - 2014-03-28 19:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-11 19:04 - 2014-03-11 19:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-11 19:04 - 2014-03-11 19:04 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-11 19:04 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-03-11 19:02 - 2014-03-11 19:02 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\irmhov1\Downloads\spybot-2.2.exe
2014-03-11 18:47 - 2014-03-11 18:47 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Downloaded Installations
2014-03-11 15:02 - 2014-03-27 21:55 - 00000000 ____D () C:\Users\irmhov1\Desktop\Verknüpfungen
2014-03-11 14:12 - 2014-03-11 14:12 - 00002708 _____ () C:\Users\irmhov1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Restore.lnk
2014-03-11 13:36 - 2014-03-11 13:36 - 02002656 _____ (Driver Restore) C:\Users\irmhov1\Downloads\DriverRestore.exe
2014-03-11 11:39 - 2014-03-11 11:39 - 24490112 _____ (Mozilla) C:\Users\irmhov1\Downloads\Firefox_Setup_27.0.1.exe
2014-03-11 00:44 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-11 00:44 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-11 00:44 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-03-11 00:44 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-11 00:44 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-03-11 00:44 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-11 00:44 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-11 00:44 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-11 00:41 - 2014-03-21 10:02 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-03-11 00:41 - 2014-03-21 10:02 - 00000027 _____ () C:\Windows\BRPP2KA.INI
2014-03-09 23:07 - 2014-03-09 23:07 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Macromedia
2014-03-09 21:19 - 2014-03-24 20:10 - 00000000 ____D () C:\Users\irmhov1\dwhelper
2014-03-09 20:03 - 2014-03-26 23:36 - 00000000 ____D () C:\Users\irmhov1\Documents\Loads
2014-03-09 20:00 - 2014-03-09 20:00 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Mozilla
2014-03-09 20:00 - 2014-03-09 20:00 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Mozilla
2014-03-09 20:00 - 2014-03-09 20:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 17:58 - 2014-03-09 17:58 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Google
2014-03-09 17:15 - 2014-03-09 17:15 - 00000000 ____D () C:\ProgramData\Google
2014-03-09 11:01 - 2013-12-09 01:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-09 11:01 - 2013-12-09 00:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-09 11:01 - 2013-12-05 00:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-09 11:01 - 2013-12-05 00:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-09 11:01 - 2013-11-27 01:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-09 11:01 - 2013-11-26 00:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-09 11:01 - 2013-11-01 06:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-09 11:00 - 2013-12-05 00:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-09 11:00 - 2013-12-05 00:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-09 11:00 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-03-09 11:00 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-03-09 11:00 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-03-09 11:00 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-03-09 11:00 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-03-09 11:00 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-03-09 11:00 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-03-09 11:00 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-09 11:00 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-09 11:00 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-09 11:00 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
==================== One Month Modified Files and Folders =======
2014-03-28 23:57 - 2014-03-28 23:57 - 00011650 _____ () C:\Users\irmhov1\Desktop\FRST.txt
2014-03-28 23:57 - 2014-03-21 17:33 - 00000000 ____D () C:\FRST
2014-03-28 23:35 - 2013-03-27 17:18 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Skype
2014-03-28 23:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-28 22:41 - 2013-06-27 19:16 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Google
2014-03-28 22:41 - 2013-06-27 19:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-28 22:40 - 2014-03-28 18:44 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-03-28 22:40 - 2014-03-27 20:11 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-28 22:40 - 2012-11-08 14:34 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-03-28 22:40 - 2012-11-08 14:34 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-03-28 22:40 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-28 22:39 - 2013-02-19 11:49 - 00003588 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-5302519-908166271-969323471-1002
2014-03-28 22:34 - 2014-01-26 16:01 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-28 22:34 - 2013-02-22 18:23 - 00000288 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-28 22:34 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-28 21:49 - 2014-03-28 21:49 - 02157056 _____ (Farbar) C:\Users\irmhov1\Desktop\FRST64.exe
2014-03-28 21:12 - 2013-02-19 11:42 - 00000000 ____D () C:\Users\irmhov1
2014-03-28 19:53 - 2014-03-11 19:04 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-28 19:06 - 2014-03-28 19:06 - 04864896 _____ (Gougelet Pierre-e ) C:\Users\irmhov1\Downloads\XnView-win.exe
2014-03-28 19:05 - 2014-03-28 19:04 - 31429160 _____ (Any-Video-Converter.com ) C:\Users\irmhov1\Downloads\avc-free.exe
2014-03-28 19:04 - 2014-03-28 19:04 - 11617048 _____ () C:\Users\irmhov1\Downloads\YTD471Setup.exe
2014-03-28 18:43 - 2014-03-27 23:37 - 00000204 _____ () C:\Windows\ulead32.ini
2014-03-28 18:41 - 2014-03-14 15:09 - 00429392 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-28 18:07 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\registration
2014-03-28 17:58 - 2013-02-19 11:42 - 01496093 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 16:33 - 2013-02-23 10:03 - 00000000 ____D () C:\Users\irmhov1\Documents\Outlook-Dateien
2014-03-28 16:24 - 2014-03-28 16:24 - 00000000 _____ () C:\Users\irmhov1\Sti_Trace.log
2014-03-28 09:30 - 2012-11-08 13:51 - 01492356 _____ () C:\Windows\PFRO.log
2014-03-27 23:39 - 2013-02-19 11:43 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\VirtualStore
2014-03-27 23:33 - 2014-03-27 23:33 - 00000000 ____D () C:\Program Files (x86)\Ulead Systems
2014-03-27 23:33 - 2012-11-09 09:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-27 23:29 - 2014-03-27 22:47 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Windows Live
2014-03-27 23:21 - 2014-03-27 23:21 - 00000000 ____D () C:\Windows\de
2014-03-27 23:20 - 2014-03-27 23:20 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-27 23:20 - 2012-11-09 10:08 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-03-27 23:19 - 2012-11-09 10:07 - 00001726 _____ () C:\Windows\DirectX.log
2014-03-27 23:02 - 2013-02-22 17:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-27 23:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-27 22:47 - 2014-03-27 22:47 - 00000000 ___RD () C:\Users\irmhov1\OneDrive
2014-03-27 22:47 - 2014-03-27 22:47 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-03-27 22:47 - 2014-03-27 22:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2014-03-27 22:45 - 2014-03-27 22:45 - 01245376 _____ (Microsoft Corporation) C:\Users\irmhov1\Downloads\wlsetup-web.exe
2014-03-27 21:55 - 2014-03-27 21:55 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Ulead Systems
2014-03-27 21:55 - 2014-03-11 15:02 - 00000000 ____D () C:\Users\irmhov1\Desktop\Verknüpfungen
2014-03-27 21:52 - 2014-03-27 21:49 - 00000000 ____D () C:\ProgramData\Ulead Systems
2014-03-27 21:49 - 2014-03-27 21:49 - 00000000 ____D () C:\Program Files (x86)\Corel
2014-03-27 21:29 - 2014-03-27 21:29 - 00000000 ____D () C:\Users\Public\Documents\Poser 9 Content
2014-03-27 21:29 - 2014-03-25 20:41 - 00000000 ____D () C:\Users\irmhov1\Documents\Progis
2014-03-27 20:39 - 2014-03-25 21:40 - 00000000 ____D () C:\Program Files\wings3d_1.5.2
2014-03-27 20:35 - 2014-03-27 20:35 - 15948351 _____ () C:\Users\irmhov1\Downloads\wings-x64-1.5.2.exe
2014-03-27 20:33 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-27 20:31 - 2014-03-25 23:15 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-03-27 20:27 - 2014-03-27 20:27 - 05290664 _____ (Canneverbe Limited ) C:\Users\irmhov1\Downloads\cdbxp_setup_4.5.3.4643.exe
2014-03-27 20:24 - 2014-03-24 21:54 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-27 20:23 - 2014-03-27 20:23 - 01950720 _____ () C:\Users\irmhov1\Downloads\adwcleaner.exe
2014-03-27 20:19 - 2014-03-27 20:19 - 01110476 _____ () C:\Users\irmhov1\Downloads\7z920.exe
2014-03-27 20:11 - 2014-03-27 20:11 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-27 20:11 - 2014-03-27 20:11 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-27 20:11 - 2014-03-27 20:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-27 20:11 - 2014-03-27 20:11 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\AVAST Software
2014-03-27 20:11 - 2014-03-27 20:11 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-27 20:09 - 2013-06-27 20:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-27 19:54 - 2014-03-27 19:53 - 88551496 _____ (AVAST Software) C:\Users\irmhov1\Downloads\avast_free_antivirus_setup_9.0.2016.exe
2014-03-27 19:23 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-03-27 19:22 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI(15)
2014-03-27 19:22 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-03-27 18:00 - 2014-03-27 17:59 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-27 17:59 - 2014-03-27 17:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-03-27 17:59 - 2014-03-12 15:56 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Malwarebytes
2014-03-27 17:59 - 2014-03-12 15:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-27 17:55 - 2014-03-27 17:54 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\irmhov1\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-27 17:49 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-27 17:44 - 2014-03-21 20:16 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-27 17:44 - 2013-03-27 21:12 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\vlc
2014-03-27 17:41 - 2014-03-21 19:56 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-27 17:41 - 2013-02-22 18:02 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-26 23:36 - 2014-03-09 20:03 - 00000000 ____D () C:\Users\irmhov1\Documents\Loads
2014-03-26 17:00 - 2014-03-26 17:01 - 00700980 _____ () C:\Users\irmhov1\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-03-26 16:58 - 2014-03-26 16:58 - 00526323 _____ () C:\Users\irmhov1\Downloads\web_of_trust_wot-20131118-fx.zip
2014-03-26 16:54 - 2014-03-26 16:54 - 00536595 _____ () C:\Users\irmhov1\Downloads\noscript-2.6.8.18.zip
2014-03-26 13:03 - 2014-03-26 12:52 - 00000000 ____D () C:\AdwCleaner
2014-03-26 09:47 - 2014-03-26 09:47 - 24361353 _____ () C:\Users\irmhov1\Downloads\MicrosoftSecurityEssentials-4.4.zip
2014-03-25 23:15 - 2014-03-25 23:15 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Canneverbe Limited
2014-03-25 23:15 - 2014-03-25 23:15 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-25 21:43 - 2014-03-25 21:43 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Wings3D
2014-03-25 21:20 - 2014-03-25 21:20 - 00000000 ____D () C:\ProgramData\Poser
2014-03-25 21:14 - 2014-03-25 21:14 - 00000000 ____D () C:\Users\irmhov1\Documents\Poser 9 Content
2014-03-25 20:51 - 2014-03-25 20:51 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Poser
2014-03-25 20:23 - 2014-03-25 20:23 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-03-25 20:23 - 2014-03-25 20:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-25 19:25 - 2014-03-25 19:25 - 00000000 ____D () C:\Program Files\Microsoft Sync Framework
2014-03-24 22:48 - 2014-03-24 22:48 - 07131335 _____ () C:\Users\irmhov1\Downloads\XnView-win.zip
2014-03-24 20:10 - 2014-03-09 21:19 - 00000000 ____D () C:\Users\irmhov1\dwhelper
2014-03-23 20:29 - 2014-03-23 20:29 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-23 20:29 - 2014-03-23 20:27 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Adobe
2014-03-23 20:10 - 2014-03-21 20:16 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-03-23 13:03 - 2014-03-23 12:35 - 00000000 ____D () C:\Users\irmhov1\Desktop\Daten_irmhov
2014-03-21 20:42 - 2014-03-21 20:42 - 00000000 ____D () C:\Users\irmhov1\Documents\Tools
2014-03-21 19:56 - 2014-03-21 19:56 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\WinPatrol
2014-03-21 19:56 - 2014-03-21 19:56 - 00000000 ____D () C:\Program Files (x86)\BillP Studios
2014-03-21 19:27 - 2014-03-21 19:27 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Avg2014
2014-03-21 19:27 - 2014-03-12 11:42 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-21 16:32 - 2014-03-21 16:32 - 01066536 _____ (BillP Studios) C:\Users\irmhov1\Downloads\wpsetup.exe
2014-03-21 16:10 - 2014-03-21 16:10 - 04095448 _____ (BrightFort LLC ) C:\Users\irmhov1\Downloads\spywareblastersetup50.exe
2014-03-21 16:07 - 2014-03-21 16:07 - 00448512 _____ (OldTimer Tools) C:\Users\irmhov1\Downloads\TFC.exe
2014-03-21 10:03 - 2014-03-21 10:03 - 00000241 _____ () C:\Windows\Brpfx04a.ini
2014-03-21 10:03 - 2014-03-21 10:03 - 00000093 _____ () C:\Windows\brpcfx.ini
2014-03-21 10:02 - 2014-03-21 10:02 - 00000050 _____ () C:\Windows\system32\bridf08b.dat
2014-03-21 10:02 - 2014-03-11 00:41 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-03-21 10:02 - 2014-03-11 00:41 - 00000027 _____ () C:\Windows\BRPP2KA.INI
2014-03-21 10:02 - 2012-07-26 08:21 - 00032876 _____ () C:\Windows\setupact.log
2014-03-21 10:01 - 2014-03-21 10:01 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-03-21 10:00 - 2014-03-21 10:00 - 00000000 ____D () C:\Users\irmhov1\Downloads\mflpro
2014-03-21 10:00 - 2014-03-21 10:00 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\InstallShield
2014-03-21 10:00 - 2014-03-21 09:59 - 45949032 _____ (A.I.SOFT,INC.) C:\Users\irmhov1\Downloads\MFC-250C-inst-win8-A1.EXE
2014-03-21 09:51 - 2014-03-21 09:51 - 00000000 ____D () C:\ProgramData\Brother
2014-03-21 07:17 - 2014-03-20 19:25 - 00000000 ____D () C:\Users\irmhov1\Downloads\Drucker_Treiber_Win 8
2014-03-20 21:27 - 2014-03-20 21:26 - 53904525 _____ () C:\Users\irmhov1\Downloads\blender-2.70-windows64.exe
2014-03-20 19:10 - 2014-03-20 19:10 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2014-03-20 19:10 - 2013-02-19 11:58 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Lenovo
2014-03-19 11:04 - 2014-03-15 23:11 - 00000000 ____D () C:\Windows\ERUNT
2014-03-19 00:22 - 2014-03-19 00:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-19 00:22 - 2014-03-19 00:22 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Skype
2014-03-19 00:22 - 2013-03-27 17:18 - 00000000 ____D () C:\ProgramData\Skype
2014-03-19 00:19 - 2012-07-26 09:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-03-18 23:57 - 2014-03-18 23:57 - 21987424 _____ (Mozilla) C:\Users\irmhov1\Downloads\Thunderbird Setup 24.4.0.exe
2014-03-18 22:01 - 2013-11-22 17:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 21:59 - 2012-11-09 09:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 15:20 - 2013-02-22 17:42 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Microsoft Help
2014-03-16 19:30 - 2014-03-16 19:30 - 00000000 ___RD () C:\Users\irmhov1\AppData\Roaming\Brother
2014-03-15 02:13 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-03-14 12:27 - 2013-02-19 11:44 - 00000000 ___RD () C:\Users\irmhov1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-14 12:27 - 2013-02-19 11:44 - 00000000 ___RD () C:\Users\irmhov1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-14 12:21 - 2013-03-17 09:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 12:21 - 2013-03-17 09:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 11:35 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 11:35 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-14 11:35 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-14 11:35 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-14 11:34 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-12 12:08 - 2013-02-22 18:23 - 00000000 ____D () C:\Windows\AutoKMS
2014-03-12 11:43 - 2014-03-12 11:43 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\TuneUp Software
2014-03-12 11:42 - 2014-03-12 11:42 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\MFAData
2014-03-12 10:46 - 2013-02-22 18:23 - 00002898 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-11 19:17 - 2014-03-11 19:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-11 19:04 - 2014-03-11 19:04 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-03-11 19:02 - 2014-03-11 19:02 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\irmhov1\Downloads\spybot-2.2.exe
2014-03-11 18:47 - 2014-03-11 18:47 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Downloaded Installations
2014-03-11 14:12 - 2014-03-11 14:12 - 00002708 _____ () C:\Users\irmhov1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Restore.lnk
2014-03-11 13:41 - 2013-02-19 18:04 - 00000000 ____D () C:\ProgramData\UAB
2014-03-11 13:36 - 2014-03-11 13:36 - 02002656 _____ (Driver Restore) C:\Users\irmhov1\Downloads\DriverRestore.exe
2014-03-11 11:41 - 2013-09-13 20:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-11 11:39 - 2014-03-11 11:39 - 24490112 _____ (Mozilla) C:\Users\irmhov1\Downloads\Firefox_Setup_27.0.1.exe
2014-03-11 10:26 - 2012-07-26 06:26 - 00000167 _____ () C:\Windows\win.ini
2014-03-11 00:26 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\SysWOW64\MSDRM
2014-03-11 00:26 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\MSDRM
2014-03-11 00:24 - 2012-07-26 06:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-03-10 18:11 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-09 23:07 - 2014-03-09 23:07 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Macromedia
2014-03-09 20:00 - 2014-03-09 20:00 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Mozilla
2014-03-09 20:00 - 2014-03-09 20:00 - 00000000 ____D () C:\Users\irmhov1\AppData\Local\Mozilla
2014-03-09 20:00 - 2014-03-09 20:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-09 17:58 - 2014-03-09 17:58 - 00000000 ____D () C:\Users\irmhov1\AppData\Roaming\Google
2014-03-09 17:15 - 2014-03-09 17:15 - 00000000 ____D () C:\ProgramData\Google
2014-03-05 09:26 - 2014-03-27 17:58 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-27 17:58 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-12 15:55 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-04 23:52 - 2013-02-27 23:03 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 23:52 - 2013-02-27 23:03 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\irmhov1\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-28 10:14
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by irmhov1 at 2014-03-28 23:58:17
Running from C:\Users\irmhov1\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{1AB4D394-B72C-86E8-4D58-27147BC4071E}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Brother MFL-Pro Suite MFC-250C (HKLM-x32\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4643 - CDBurnerXP)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3111_44883 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.3124 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4125.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DC4BC0CC-A928-4C48-BA40-AC24784F46E5}) (Version: - Microsoft)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Driver Restore (HKLM-x32\...\{273130E8-117C-4237-A0FA-83EBBF11E051}) (Version: 8.1 - Driver Restore)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{0A844D8F-A965-11E2-9E77-B8AC6F98CCE3}) (Version: 7.1.1.1580 - Google)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Poser 9 (HKLM-x32\...\Poser 9_is1) (Version: 9.0.0 - Smith Micro Software, Inc.)
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Ulead PhotoImpact 11 (HKLM-x32\...\{C8550C86-A712-4219-AD4C-038C9FD1D149}) (Version: 11.0 - Ulead System)
Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 1.00.0000 - Corel)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{99A0DB9A-71FC-4F98-BC1F-78A18195C677}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AA82E2E-7DB7-4C70-910C-BBB657A6B3A5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{EBD18DE5-BC84-4B57-9A30-097044871F9A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{64D96F30-CF4C-4CCE-AAF2-F8909348BF35}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{9F6507AC-7D8F-46C1-B90F-59C7828E0E0D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{A9C4BE58-07E0-473D-AE68-ECBA13FBF77E}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DDDC32A5-9528-4771-B91A-97A8E1D7957B}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 64-Bit Edition (HKLM\...\{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{6164E0E5-C903-488C-93AF-1B7AF7EBC331}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BEA3259E-14B5-4D89-87FF-ED9F1D0D81C8}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{BE1D254A-E5CD-4E76-9BE8-7B2E5FDBA6AF}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{04DED3FB-DDB2-4C1E-A057-2A1FB97BE42D}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A82E26EF-680E-427D-B7D0-FD7997DDC217}) (Version: - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Wings 3D 1.5.2 (HKLM-x32\...\Wings 3D 1.5.2) (Version: - )
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.5.2014 - BillP Studios)
==================== Restore Points =========================
19-03-2014 10:04:48 Ende der Bereinigung
19-03-2014 22:43:43 Wiederherstellungsvorgang
21-03-2014 09:01:17 Installiert MFL-Pro Suite
23-03-2014 19:42:05 Nach Installation von Flashplayer
25-03-2014 18:15:40 Vor Installation von Programmen
25-03-2014 19:28:05 Nach Installation von MS Office 2010
27-03-2014 16:37:26 Wiederherstellungsvorgang
27-03-2014 19:42:10 Nach Install 7zip, cdburner xp, wings 3d
27-03-2014 20:59:04 Nach Install Poser 9, Photoimpact x3
27-03-2014 22:40:56 Nach Install MovieMaker, GifAnimator
28-03-2014 16:52:40 Wiederherstellungsvorgang
==================== Hosts content: ==========================
2012-07-26 06:26 - 2014-03-28 19:56 - 00450709 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {0161B12A-62C8-4BB9-AD73-F01819F3A096} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2EF21996-DDA0-4389-ACB5-87ACC9F5E2F1} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters)
Task: {34512CA5-478D-4A44-86CA-73AB0D72C44F} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters)
Task: {5FE25911-673F-4BE7-A378-307F8CEE59DE} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files (x86)\Driver Restore\Driver Restore\DriverRestore.exe [2013-09-19] (PC Drivers Headquarters)
Task: {6FBD2DB8-0ED2-489E-BFC9-AEB6EDACC291} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-27] (AVAST Software)
Task: {86AC3A12-D548-429B-B2EB-A1BE11B4C690} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AADFCB49-0F35-46BC-B302-3A597F6510CF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {AE8D75F3-525B-4D43-9856-9BDD49013223} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CBABF4B4-16C2-4828-BB38-81FBC5692A2E} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
==================== Loaded Modules (whitelisted) =============
2012-08-06 13:09 - 2012-08-06 13:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2012-11-09 15:36 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-13 18:53 - 2014-03-13 18:53 - 00208384 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\1f2a69606066f6659f281e39acb384a3\XPBurnComponent.ni.dll
2013-09-19 10:10 - 2013-09-19 10:10 - 00653704 _____ () C:\Program Files (x86)\Driver Restore\Driver Restore\ThemePack.DriverRestore.dll
2013-09-19 09:31 - 2013-09-19 09:31 - 00412064 _____ () C:\Program Files (x86)\Driver Restore\Driver Restore\Agent.Communication.XmlSerializers.dll
2014-03-21 10:01 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2012-08-06 13:08 - 2012-08-06 13:08 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-06 12:54 - 2012-08-06 12:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-28 21:52 - 2014-03-28 21:52 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032801\algo.dll
2014-03-11 19:04 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-11 19:04 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-11 19:04 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-11 19:04 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-03-11 19:04 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-03-21 19:56 - 2014-02-18 04:46 - 00643948 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2012-11-09 15:34 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-03-21 10:01 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-03-27 20:11 - 2014-03-27 20:11 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-27 21:52 - 2005-01-04 17:05 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2014-03-11 11:41 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\ProgramData\Temp:E79D0966
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: VGA Single Chip
Description: VGA Single Chip
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/28/2014 07:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1640) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU0000B.log.
Error: (03/28/2014 06:43:34 PM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Nach Install MovieMaker, GifAnimator). Zusätzliche Informationen: 0xc0000022.
Error: (03/28/2014 05:22:44 PM) (Source: MsiInstaller) (User: irmhov)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.
Error: (03/27/2014 11:41:08 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary ihkjktiz.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/27/2014 09:59:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary ihkjktiz.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/27/2014 09:43:19 PM) (Source: MsiInstaller) (User: irmhov)
Description: Produkt: Ulead PhotoImpact X3 -- Diese Installation kann nicht durch direktes Laden des MSI-Pakets ausgeführt werden. Sie müssen Setup.exe ausführen.
Error: (03/27/2014 08:42:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary ihkjktiz.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (03/27/2014 06:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1632) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU00027.log.
Error: (03/26/2014 09:51:39 AM) (Source: Microsoft Security Client Setup) (User: irmhov)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (03/25/2014 08:56:51 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.2.9200.16628 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 5b0
Startzeit: 01cf485f487345d5
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 97216024-b457-11e3-8044-d43d7e2fdc19
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (03/28/2014 10:34:58 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.54192.168.137.0255.255.255.0
Error: (03/28/2014 10:34:58 PM) (Source: ipnathlp) (User: )
Description:
Error: (03/28/2014 10:34:22 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (03/28/2014 10:34:22 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 28.03.2014 um 22:02:05 unerwartet heruntergefahren.
Error: (03/28/2014 10:34:11 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (03/28/2014 06:43:19 PM) (Source: ipnathlp) (User: )
Description: 192.168.178.54192.168.137.0255.255.255.0
Error: (03/28/2014 06:43:19 PM) (Source: ipnathlp) (User: )
Description:
Error: (03/28/2014 06:42:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (03/28/2014 06:41:23 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0
Error: (03/28/2014 05:58:20 PM) (Source: DCOM) (User: irmhov)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Microsoft Office Sessions:
=========================
Error: (03/28/2014 07:00:00 PM) (Source: ESENT)(User: )
Description: svchost1640SRUJet: C:\Windows\system32\SRU\SRU0000B.log-1811 (0xfffff8ed)
Error: (03/28/2014 06:43:34 PM) (Source: System Restore)(User: )
Description: Nach Install MovieMaker, GifAnimator0xc0000022
Error: (03/28/2014 05:22:44 PM) (Source: MsiInstaller)(User: irmhov)
Description: Produkt: Google Earth -- Fehler 1730.Sie benötigen Administratorrechte, um diese Anwendung zu entfernen. Melden Sie sich zum Entfernen der Anwendung als Administrator an oder wenden Sie sich an den technischen Support.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/27/2014 11:41:08 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary ihkjktiz.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (03/27/2014 09:59:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary ihkjktiz.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (03/27/2014 09:43:19 PM) (Source: MsiInstaller)(User: irmhov)
Description: Produkt: Ulead PhotoImpact X3 -- Diese Installation kann nicht durch direktes Laden des MSI-Pakets ausgeführt werden. Sie müssen Setup.exe ausführen.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (03/27/2014 08:42:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary ihkjktiz.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (03/27/2014 06:00:00 PM) (Source: ESENT)(User: )
Description: svchost1632SRUJet: C:\Windows\system32\SRU\SRU00027.log-1811 (0xfffff8ed)
Error: (03/26/2014 09:51:39 AM) (Source: Microsoft Security Client Setup)(User: irmhov)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (03/25/2014 08:56:51 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.166285b001cf485f487345d50C:\Windows\Explorer.EXE97216024-b457-11e3-8044-d43d7e2fdc19
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 3542.76 MB
Available physical RAM: 1035.22 MB
Total Pagefile: 4182.76 MB
Available Pagefile: 1463.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:869.8 GB) (Free:678.49 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:43.61 GB) NTFS
Drive k: (Maxtor) (Fixed) (Total:596.17 GB) (Free:141.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: 12C9FF20)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Freundliche Grüße xenofex |
|
29.03.2014, 07:28
| #2 |
| /// the machine /// TB-Ausbilder    | PC kürzlich bereinigt und schon wieder Malware hi
__________________1) ist Spybot total fürn Arsch 2) sind das 2 inaktive Registry-Reste, einfach löschen und gut is 
__________________ |
|
29.03.2014, 09:10
| #3 |
| | PC kürzlich bereinigt und schon wieder Malware Hallo Schrauber,
__________________vielen Dank für deine schnelle und beruhigende Antwort. Wenn ich das richtig sehe, gibst du Entwarnung (Plumps = Stein vom Herzen gefallen). Zu 1: Search & Destroy wird umgehend deinstalliert. Zu 2: Bisher habe ich einen großen Bogen um die Registry gemacht, weil ich mich dort nicht auskenne. Wo kann ich diese inaktiven Registry-Einträge finden, damit ich sie löschen kann? Danke im Voraus für deine Antwort. Freundliche Grüße und ein schönes Wochenende, xenofex |
|
29.03.2014, 10:15
| #4 |
| /// the machine /// TB-Ausbilder | PC kürzlich bereinigt und schon wieder Malware Kann Spybot sie nicht entfernen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Ich bin froh, dass alles okay ist. 
Linear-Darstellung
