| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der TaskleisteWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.04.2014, 11:53
| #1 |
| |  Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der Taskleiste Hallo liebe Helfer im Trojaner-Board, seit einigen Tagen ist mein Rechner langsamer als sonst und seit ein, zwei Tagen kommen im Hintergrund manchmal laut Geräusche einer Werbung, auch wenn kein Browser läuft. In der Taskleiste befindet sich kein zugehöriges Programm, das ich der Werbung zuordnen könnte, also kein Browser. Mein Standardbrowser ist Firefox, aber Chrome und IE sind auch installiert. Chrome benutze ich manchmal. Ich habe einen Scan mit Avast laufen lassen, aber Avast hat nichts gefunden. Dann habe ich WinZip Malware Protector installiert und einen Scan laufen lassen. Der hat folgendes gefunden: (aber die logfile ist im format .xml ich habe sie in den editor kopiert um eine .txt daraus zu machen. kann ich die irgendwie in einem anderen Format abrufen, damit ihr was damit anfangen könnt?) Code:
ATTFilter
Nico Mak Computing
WinZip Malware Protector
Datum der Überprüfung Dienstag, 1. April 2014
Datenbankversion 1736
Gefundene Elemente insgesamt 310
Überprüfte Objekte: 449091
Abgelaufene Zeit: 00:54:49
Name Gefundene Elemente
Name der Infektion trojan.fakeav
Kategorie Trojan
Bedrohungsstufe Severe
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
Gefundener Bereich FileSystem
Details
Dateiname d:\programme\steam\steamtmp.exe
MD5 0
Signatur 2506187454492047520
Md5hash: e3cd0a561f3aabe8607bf1474f4ae1dd
Name der Infektion trojan-spy.vb
Kategorie Trojan Spy
Bedrohungsstufe Elevated
Durchgeführte Aktion NoActionTaken
Elemente gefunden 2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\ptech
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\ptech
ptserialnum
Name der Infektion pup.optional
Kategorie Potentially Unwanted Application
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 1
Gefundener Bereich FileSystem
Details
Dateiname c:\users\linda\appdata\roaming\opencandy\9a45ffbe2c1b4ae88b1c007c05e96027\latestdlmgr.exe
MD5 18323843211369328020
Signatur 0
Md5hash: fd468eb0dc155ea5ba65c7bd632a03fc
Name der Infektion malware.gen
Kategorie Generic Malware
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 6
Gefundener Bereich FileSystem
Details
Dateiname c:\programdata\battle.net\client\blizzard launcher.1997\imageformats\qico4.dll
MD5 0
Signatur 14447977539910625387
Md5hash: 28a8046905a3a6c0e61b25927186411a
Gefundener Bereich FileSystem
Details
Dateiname c:\programdata\battle.net\client\blizzard launcher.2005\imageformats\qico4.dll
MD5 0
Signatur 14447977539910625387
Md5hash: 28a8046905a3a6c0e61b25927186411a
Gefundener Bereich FileSystem
Details
Dateiname i:\matt\programming\pw_breaker.exe
MD5 0
Signatur 14253122031170911508
Md5hash: 8188fed7c7c0f8af50000e8f21b53ec7
Gefundener Bereich FileSystem
Details
Dateiname i:\matt\programming\pw_breaker1.exe
MD5 0
Signatur 14253122031170911508
Md5hash: 49f12787c52ff4008facc193218a8fcc
Gefundener Bereich FileSystem
Details
Dateiname i:\matt\programming\pw_breaker2cpp.exe
MD5 0
Signatur 14253122031170911508
Md5hash: c81d7cb505d44d24606fb8fa40275dc1
Gefundener Bereich FileSystem
Details
Dateiname i:\matt\programming\environment\name_shortener.exe
MD5 0
Signatur 14253122031170911508
Md5hash: 67243d7a7e9f466d7656c56235468cac
Name der Infektion adware.titan-poker
Kategorie Adware
Bedrohungsstufe High
Durchgeführte Aktion NoActionTaken
Elemente gefunden 300
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobbywindowposx
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobbywindowposy
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobbywindowsizex
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobbywindowsizey
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
account
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
birth_day
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
client_specs
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
firstconnecthurl
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
global_login_hint
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
last_tree_xml
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobby-rememberrealpassword
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobby_favouritegames
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
lobby_favouritegames_ttr76801002
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
nickname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options-fullscreen
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options-volume
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_auto_topup_fixed
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_auto_topup_nlpl
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_autologinreal
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_bj_warning
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_dealervoices
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_dealervoiceset
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_fastplay
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_fullscreen
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_lobby_view
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_music
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_options_poker_new_lobby
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_4colordeck
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_auto_center
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_automuck
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_avatar_num
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_bet_amounts
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_bring_table_ontop
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_calculate_odds
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_bubbles
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_bubbles
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_cards_images
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_dealer
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_flags
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_player
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_player_actions
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_summary
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_chat_textonly
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_confirm_allin
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_disable_allin
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_enable_spotlight
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_filter_empty
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_filter_finished
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_filter_full
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_filter_inprogress
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_hand_combination
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_marketing_messages
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_my_favorites
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_playanimations
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_player_sounds
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_poker_showavatars
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_poker_showdetails
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_remember_last
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_savehistory
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_savehistory
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showattributes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showavatars
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showfoldedcards
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showhedgehoc
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showipoints
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showrank
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showsidegames
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_showviplevel
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_sidechat
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_sideview
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_smallview
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_poker_startup_flag
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_sounds
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_speed
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_vpdouble
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_xl
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
options_xlslots
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_login_type
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_nickname
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_points0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_points0sign
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_points1
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_points1sign
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_points2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_points2sign
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_regular_viplevels_count
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels1
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels3
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels4
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels5
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels6
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels7
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels8
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
poker_viplevels9
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
ptdevm
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
selected_item
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
selected_node
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
table_last_panel
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
table_panel_status
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
table_stored_scaling
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
tribeca_playernotes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
uninstall_lang
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker
username
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tableaveragepotcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tableaveragepotcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablecurrencycolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablecurrencycolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablehandshourcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablehandshourcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablemixedtypecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablemixedtypecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablenamecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablenamecolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablenamecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tableplayerscolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tableplayerscolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tableplayersflopcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tableplayersflopcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablestakescolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablestakescolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablewaitcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablewaitcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablewaitcolumn_new
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\columnsets\columnset00\tablewaitcolumn_new
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
grid_mode
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
login_hint
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_button
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_item
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node_sortby
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node_sortby_first
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node_sortby_second
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node_sortorder
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node_sortorder_first
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002
selected_node_sortorder_second
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableaveragepotcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableaveragepotcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablecurrencycolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablecurrencycolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablehandshourcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablehandshourcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablemixedtypecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablemixedtypecolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablemixedtypecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablenamecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablenamecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableplayerscolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableplayerscolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableplayerscolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableplayersflopcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tableplayersflopcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablestakescolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablestakescolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablestakescolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablewaitcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset0\tablewaitcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourbuyinfeecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourbuyinfeecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourcurrencycolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourcurrencycolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourmixedtypecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourmixedtypecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tournamecolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tournamecolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourplayerscolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourplayerscolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourplayerscolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourstartcolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourstartcolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourstartcolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourstatuscolumn
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourstatuscolumn
sort
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\columnsets\columnset1\tourstatuscolumn
width
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
fixed
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
high_tour
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
low_tour
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
medium_tour
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
micro_tour
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
no_limit
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qscheduled
pl
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
fixed
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
high_sng
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
low_sng
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
medium_sng
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
micro_sng
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
no_limit
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qsng
pl
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
fixed
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
high
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
low
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
medium
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
micro
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
no_limit
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\qtables
pl
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
eur
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
finished
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
freerolls
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
gbp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
norebuy
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
playing
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
rebuy
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
registering
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
sched_max
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
sched_min
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
starts1h
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
superturbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
turbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\scheduled
usd
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
beginners
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
eur
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
finished
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
freerolls
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
gbp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
jackpot
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
noturbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
players_10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
players_10+
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
players_2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
players_3
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
players_6
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
playing
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
registering
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
restricted
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
satellites
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
sng_max
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
sng_min
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
stack
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
superstack
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
superturbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
turbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\sng
usd
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
bb
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
bb100
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
bbmin
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
beginners
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
dp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
empty
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
eur
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
full
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
gbp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
ndp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
noturbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
players_10
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
players_2
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
players_3_5
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
players_6
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
players_8
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
table_max
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
table_min
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
turbo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\customfilters\tables
usd
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
table_minplayers
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
table_playmode
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
table_realmode
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_10players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_6players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_8players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_beginners
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_bets
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_dp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_gametype
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_headsup
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_nondp
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tables_subtype
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_10players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_12players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_6players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_beginner
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_buyin
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_gametype
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_headsup
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_scheduled
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_sitngo
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_startin
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quicksearch
tour_subtype
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
quickseatview_currency
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
quickseatview_format
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
quickseatview_gametype
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
quickseatview_players
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
quickseatview_stakes
Gefundener Bereich Registry
Details
Registrierungsschlüssel hkey_current_user
software\titan poker\ttr76801002\quickseat
quickseatview_subtype
© 2013 WinZip International LLC. All rights reserved.
Der meinte während des Scans, er hat zwei Trojaner gefunden und hat sie gelöscht. Ich weiß aber nicht wie ich an den Log herankomme (in C: Programme/Trojan Remover gibt es keine Ordner und nichts das aussieht wie log-Dateien.) Aber Malware Protector findet dennoch über 300 Bedrohungen. Dann habe ich angefangen im Forum rumzulesen und habe den Malwarebytes-Antimalware heruntergeladen (bevor ich gelesen habe, man soll nicht gleich die ganze Armee an Programmen installieren...) Auf jeden Fall hat der beim Scan auch einiges gefunden und in Quarantäne verschoben. Aber trotz dem, dass ich hier im Forum die Anleitungen durchgeschaut habe finde ich die logfile nicht. Wenn ich in C:/Programme/Malwarebytes Anti-Malware bin, gibt es keinen Ordner namens Logs. Nur Chameleon, imageformats, Languages, Plugins. Auch in der Software direkt finde ich keine Logs. Sie sieht vom Design aber auch ein bisschen anders aus als eure Screenshots. Die Version wird mir als "Malwarebytes Anti-Malware 2.00.0.1000" angezeigt. Build-Datum: 5.3.2014 So.. was soll ich als nächstes tun, bzw, wie komme ich an die Logs, damit ihr mir helfen könnt? Liebe Grüße Newbiline EDIT: Sorry, ich kenn mich echt nicht aus, wenn ich irgendetwas übersehen habe, das ich hätte machen sollen, bevor ich das Problem hier poste, dann tut es mir leid. Falls ihr so damit nichts anfangen könnt, hole ich gern irgendwelche Schritte nach. Geändert von Newbiline (01.04.2014 um 12:00 Uhr) |
|
01.04.2014, 12:17
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der Taskleiste hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
01.04.2014, 12:29
| #3 |
| | Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der Taskleiste hi, vielen Dank für die schnelle Antwort!
__________________hier die FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01 Ran by Linda (administrator) on YGGDRASIL on 01-04-2014 13:21:01 Running from C:\Users\Linda\Desktop Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Tablet Driver) C:\Windows\System32\Drivers\WTSRV.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe (Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-03] (Realtek Semiconductor) HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767608 2014-03-21] (AVAST Software) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [TrojanScanner] - C:\Program Files\Trojan Remover\Trjscan.exe [1661856 2014-04-01] (Simply Super Software) HKU\S-1-5-21-1343621597-621099857-3195805417-1000\...\MountPoints2: {7f7e3fc9-964e-11df-b640-806e6f6e6963} - M:\autorun.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={B24E9638-C334-4EF6-A883-3D37881534F7}&mid=a7012350ca7547d19897bd2b2be060ea-ff4169ee88c2e57da32db5a42251d9d393278da8&lang=de&ds=AVG&pr=fr&d=2012-06-13 12:09:12&v=12.2.5.32&sap=dsp&q={searchTerms} SearchScopes: HKCU - {C7576B9D-B442-46bc-AF74-080A9E723E01} URL = hxxp://websearch.search-results.com/redirect?client=ie&tb=GET-SRS&o=16705&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=2R&apn_dtid=get001YYDE&apn_uid=E9A4CB26-904A-4EC2-851D-FF30B84E243F&apn_sauid=0E5BC220-72B3-4E41-9555-13D173714580 BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) FireFox: ======== FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jltqb3bo.default FF SearchEngineOrder.1: Search-Results FF Homepage: www.google.de FF Keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&q= FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll () FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.3 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.2 - D:\Programme\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jltqb3bo.default\searchplugins\search-results.xml FF SearchPlugin: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jltqb3bo.default\searchplugins\sweetim.xml FF SearchPlugin: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jltqb3bo.default\searchplugins\webwebweb.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Easy Youtube Video Downloader Express - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\jltqb3bo.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2014-03-02] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-24] Chrome: ======= CHR Extension: (avast! Online Security) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-24] CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-07] CHR HKLM\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files\WinToFlash Suggestor\WinToFlashSuggestor.crx [2013-10-07] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-24] CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\12.2.5.32\avg.crx [2013-11-24] ========================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-27] (AVAST Software) S3 BITCOMET_HELPER_SERVICE; I:\Bit Comet\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1435568 2012-12-10] (LogMeIn Inc.) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [69632 2009-03-04] (Tablet Driver) S2 HPSLPSVC; C:\Users\Linda\AppData\Local\Temp\7zS579A\hpslpsvc32.dll [X] ==================== Drivers (Whitelisted) ==================== R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-27] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-11-24] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-24] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-27] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-27] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-27] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2013-12-19] () S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-01] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-03-05] (Malwarebytes Corporation) S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-14] (Ralink Technology Corp.) R3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [23208 2009-06-22] (PenTablet Driver) S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [14504 2009-06-22] (PenTablet Driver) S3 TClass2k; C:\Windows\System32\DRIVERS\TClass2k.sys [23208 2009-06-22] (Tablet Driver) S3 UCTblHid; C:\Windows\System32\DRIVERS\UCTblHid.sys [19624 2009-06-22] (Tablet Driver) S3 AmdLLD; system32\DRIVERS\AmdLLD.sys [X] S3 cpuz130; \??\C:\Users\Linda\AppData\Local\Temp\cpuz130\cpuz_x32.sys [X] S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X] S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X] S3 MEMSWEEP2; \??\C:\Windows\system32\93C6.tmp [X] S3 Profos; \??\C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [X] S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-01 13:21 - 2014-04-01 13:21 - 00013553 _____ () C:\Users\Linda\Desktop\FRST.txt 2014-04-01 13:20 - 2014-04-01 13:21 - 00000000 ____D () C:\FRST 2014-04-01 13:19 - 2014-04-01 13:19 - 01145856 _____ (Farbar) C:\Users\Linda\Desktop\FRST.exe 2014-04-01 13:16 - 2014-04-01 13:16 - 00002988 _____ () C:\Users\Linda\Desktop\mbam.txt 2014-04-01 11:45 - 2014-04-01 11:57 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-01 11:44 - 2014-04-01 11:44 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-01 11:44 - 2014-04-01 11:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-01 11:44 - 2014-04-01 11:44 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-04-01 11:44 - 2014-03-05 09:26 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-01 11:44 - 2014-03-05 09:26 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-01 11:44 - 2014-03-05 09:26 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-01 11:42 - 2014-04-01 11:42 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Linda\Desktop\mbam-setup-2.0.0.1000.exe 2014-04-01 03:51 - 2014-04-01 03:51 - 00099539 _____ () C:\Users\Linda\Desktop\log.xml 2014-04-01 02:47 - 2014-04-01 02:47 - 00000000 ____D () C:\ProgramData\Licenses 2014-04-01 02:46 - 2014-04-01 02:46 - 00001097 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\Users\Linda\Documents\Simply Super Software 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Simply Super Software 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\Program Files\Trojan Remover 2014-04-01 02:44 - 2014-04-01 02:45 - 21407864 _____ (Simply Super Software ) C:\Users\Linda\Downloads\trjsetup690.exe 2014-04-01 02:31 - 2014-04-01 02:31 - 00468618 _____ () C:\Users\Linda\Downloads\depends22_x64.zip 2014-04-01 02:31 - 2014-04-01 02:31 - 00000000 ____D () C:\Users\Linda\Downloads\depends22_x64 2014-04-01 02:17 - 2014-04-01 02:17 - 00001147 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk 2014-04-01 02:17 - 2014-04-01 02:17 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Nico Mak Computing 2014-04-01 02:17 - 2014-04-01 02:17 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-04-01 02:17 - 2014-04-01 02:17 - 00000000 ____D () C:\Program Files\WinZip Malware Protector 2014-04-01 02:17 - 2013-03-15 17:01 - 00016384 _____ () C:\Windows\system32\wsusnative32.exe 2014-04-01 02:16 - 2014-04-01 02:16 - 04892480 _____ (WinZip International LLC ) C:\Users\Linda\Desktop\wzmp_8.exe 2014-03-31 21:05 - 2014-03-31 21:05 - 00000212 _____ () C:\Users\Linda\Desktop\The Stanley Parable Demo.url 2014-03-30 20:59 - 2014-03-30 20:59 - 00000706 _____ () C:\cc_20140330_205901.reg 2014-03-30 20:58 - 2014-03-30 20:58 - 00026788 _____ () C:\cc_20140330_205838.reg 2014-03-29 14:20 - 2014-03-29 19:55 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-24 23:50 - 2014-03-24 23:50 - 00000251 _____ () C:\Users\Linda\Desktop\new 4.html 2014-03-24 23:31 - 2014-03-24 23:48 - 00000239 _____ () C:\Users\Linda\Desktop\new 3.html 2014-03-15 12:58 - 2014-03-16 00:59 - 00000000 ____D () C:\Users\Linda\AppData\Local\{F103C5D2-7CC6-460A-8B34-C85AC63120F0} 2014-03-14 22:52 - 2014-03-14 22:53 - 24972438 _____ () C:\Users\Linda\Desktop\Dior Homme - Uncensored Official Director's Cut.mp4 2014-03-13 03:03 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-13 03:03 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-13 03:03 - 2014-03-01 06:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-13 03:03 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-13 03:03 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-13 03:03 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-13 03:03 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-13 03:03 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-13 03:03 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-13 03:03 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-13 03:03 - 2014-03-01 05:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-13 03:03 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-13 03:03 - 2014-03-01 05:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-13 03:03 - 2014-03-01 05:25 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-13 03:03 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-13 03:03 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-13 03:03 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-13 03:03 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-13 03:03 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-13 03:03 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-13 03:03 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-13 03:03 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-13 03:03 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-13 03:03 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-13 03:02 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-13 03:02 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-13 03:02 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-11 21:00 - 2014-03-11 21:00 - 00000000 ___RD () C:\Program Files\Skype 2014-03-11 21:00 - 2014-03-11 21:00 - 00000000 ____D () C:\Users\Linda\AppData\Local\Skype 2014-03-11 21:00 - 2014-03-11 21:00 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-03-05 01:07 - 2014-03-05 01:07 - 00000000 _____ () C:\AdobeDebug.txt ==================== One Month Modified Files and Folders ======= 2014-04-01 13:21 - 2014-04-01 13:21 - 00013553 _____ () C:\Users\Linda\Desktop\FRST.txt 2014-04-01 13:21 - 2014-04-01 13:20 - 00000000 ____D () C:\FRST 2014-04-01 13:21 - 2013-10-16 14:49 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-01 13:20 - 2012-10-02 20:25 - 00000000 ____D () C:\Users\Linda\Desktop\desktop docs 2014-04-01 13:19 - 2014-04-01 13:19 - 01145856 _____ (Farbar) C:\Users\Linda\Desktop\FRST.exe 2014-04-01 13:16 - 2014-04-01 13:16 - 00002988 _____ () C:\Users\Linda\Desktop\mbam.txt 2014-04-01 13:10 - 2010-07-23 13:45 - 01092070 _____ () C:\Windows\WindowsUpdate.log 2014-04-01 12:03 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-01 12:03 - 2009-07-14 06:34 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-01 12:00 - 2010-04-13 07:22 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-01 11:57 - 2014-04-01 11:45 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-01 11:56 - 2013-10-16 14:49 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-01 11:55 - 2012-10-28 11:58 - 00156454 _____ () C:\Windows\PFRO.log 2014-04-01 11:55 - 2012-10-08 01:43 - 00074974 _____ () C:\Windows\setupact.log 2014-04-01 11:55 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-01 11:44 - 2014-04-01 11:44 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-01 11:44 - 2014-04-01 11:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-01 11:44 - 2014-04-01 11:44 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-04-01 11:42 - 2014-04-01 11:42 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Linda\Desktop\mbam-setup-2.0.0.1000.exe 2014-04-01 04:25 - 2010-07-23 13:45 - 00000000 __SHD () C:\Recovery 2014-04-01 04:00 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-01 03:51 - 2014-04-01 03:51 - 00099539 _____ () C:\Users\Linda\Desktop\log.xml 2014-04-01 02:47 - 2014-04-01 02:47 - 00000000 ____D () C:\ProgramData\Licenses 2014-04-01 02:46 - 2014-04-01 02:46 - 00001097 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\Users\Linda\Documents\Simply Super Software 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Simply Super Software 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-04-01 02:46 - 2014-04-01 02:46 - 00000000 ____D () C:\Program Files\Trojan Remover 2014-04-01 02:45 - 2014-04-01 02:44 - 21407864 _____ (Simply Super Software ) C:\Users\Linda\Downloads\trjsetup690.exe 2014-04-01 02:45 - 2010-10-22 00:34 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Skype 2014-04-01 02:31 - 2014-04-01 02:31 - 00468618 _____ () C:\Users\Linda\Downloads\depends22_x64.zip 2014-04-01 02:31 - 2014-04-01 02:31 - 00000000 ____D () C:\Users\Linda\Downloads\depends22_x64 2014-04-01 02:17 - 2014-04-01 02:17 - 00001147 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk 2014-04-01 02:17 - 2014-04-01 02:17 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Nico Mak Computing 2014-04-01 02:17 - 2014-04-01 02:17 - 00000000 ____D () C:\ProgramData\Nico Mak Computing 2014-04-01 02:17 - 2014-04-01 02:17 - 00000000 ____D () C:\Program Files\WinZip Malware Protector 2014-04-01 02:16 - 2014-04-01 02:16 - 04892480 _____ (WinZip International LLC ) C:\Users\Linda\Desktop\wzmp_8.exe 2014-03-31 21:24 - 2011-06-25 00:23 - 00000000 ____D () C:\Program Files\Common Files\Steam 2014-03-31 21:05 - 2014-03-31 21:05 - 00000212 _____ () C:\Users\Linda\Desktop\The Stanley Parable Demo.url 2014-03-31 21:05 - 2012-10-04 13:46 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-03-31 20:46 - 2013-11-25 23:50 - 01576960 ___SH () C:\Users\Linda\Desktop\Thumbs.db 2014-03-30 20:59 - 2014-03-30 20:59 - 00000706 _____ () C:\cc_20140330_205901.reg 2014-03-30 20:58 - 2014-03-30 20:58 - 00026788 _____ () C:\cc_20140330_205838.reg 2014-03-30 20:57 - 2011-06-10 00:03 - 00000000 ____D () C:\Users\Linda\AppData\Local\LogMeIn Hamachi 2014-03-29 19:55 - 2014-03-29 14:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-03-26 02:23 - 2013-11-28 22:00 - 00000000 ____D () C:\Users\Linda\Desktop\Homepage 2014-03-24 23:50 - 2014-03-24 23:50 - 00000251 _____ () C:\Users\Linda\Desktop\new 4.html 2014-03-24 23:48 - 2014-03-24 23:31 - 00000239 _____ () C:\Users\Linda\Desktop\new 3.html 2014-03-24 23:22 - 2013-09-08 21:44 - 00000000 ____D () C:\Users\Linda\AppData\Roaming\Notepad++ 2014-03-19 02:03 - 2013-08-14 23:21 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-19 02:02 - 2010-04-13 08:57 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-16 00:59 - 2014-03-15 12:58 - 00000000 ____D () C:\Users\Linda\AppData\Local\{F103C5D2-7CC6-460A-8B34-C85AC63120F0} 2014-03-15 21:19 - 2013-10-16 14:50 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-03-15 12:58 - 2011-05-08 18:27 - 00000000 ____D () C:\Users\Linda\AppData\Local\Windows Live 2014-03-14 22:53 - 2014-03-14 22:52 - 24972438 _____ () C:\Users\Linda\Desktop\Dior Homme - Uncensored Official Director's Cut.mp4 2014-03-13 16:06 - 2011-12-18 23:33 - 00000000 ____D () C:\Program Files\World of Warcraft 2014-03-13 13:27 - 2009-07-14 06:33 - 00445800 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-11 21:00 - 2014-03-11 21:00 - 00000000 ___RD () C:\Program Files\Skype 2014-03-11 21:00 - 2014-03-11 21:00 - 00000000 ____D () C:\Users\Linda\AppData\Local\Skype 2014-03-11 21:00 - 2014-03-11 21:00 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-03-11 21:00 - 2010-10-22 00:34 - 00000000 ____D () C:\ProgramData\Skype 2014-03-05 09:26 - 2014-04-01 11:44 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-01 11:44 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-04-01 11:44 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-05 01:07 - 2014-03-05 01:07 - 00000000 _____ () C:\AdobeDebug.txt Some content of TEMP: ==================== C:\Users\Linda\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6mm05t.dll C:\Users\Linda\AppData\Local\Temp\npp.6.5.2.Installer.exe C:\Users\Linda\AppData\Local\Temp\npp.6.5.5.Installer.exe C:\Users\Linda\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\system32\winlogon.exe => MD5 is legit C:\Windows\system32\wininit.exe => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\services.exe => MD5 is legit C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 23:01 ==================== End Of Log ============================ --- --- --- und die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by Linda at 2014-04-01 13:21:44
Running from C:\Users\Linda\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Photoshop Elements 6.0 (HKLM\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{15971B11-14DA-873C-1ACD-188603C38889}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2203 - Advanced Micro Devices, Inc.) Hidden
Anno 1404 (Demo) (Version: 1.00.0000 - Ubisoft) Hidden
Apple Application Support (HKLM\...\{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}) (Version: 2.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C23CD6DA-1958-43A5-ADD0-59396572E02E}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM\...\Steam App 15100) (Version: - Ubisoft)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2013 - Avast Software)
BitComet 1.37 (HKLM\...\BitComet) (Version: 1.37 - CometNetwork)
Bonjour (HKLM\...\{D03482C5-9AD8-496D-B388-692AE04C93AF}) (Version: 3.0.0.2 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.0928.1532.26058 - Ihr Firmenname) Hidden
Catalyst Control Center (Version: 2013.0328.2218.38225 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0202.2335.42270 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform)
Counter-Strike (HKLM\...\Steam App 10) (Version: - Valve)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink LabelPrint (Version: 2.5.2515 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (Version: 1.5.1306 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex: Human Revolution (HKLM\...\Steam App 28050) (Version: - Eidos Montreal)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM\...\Dev-C++) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.6.7 - Dropbox, Inc.)
EaseUS Partition Master 9.2.2 (HKLM\...\EaseUS Partition Master_is1) (Version: - EaseUS)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
GTA2 (HKLM\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
ICQ 8.2 (build 6870) (HKCU\...\ICQ) (Version: 8.2.6870.0 - Mail.Ru)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM\...\Steam App 8190) (Version: - Avalanche Studios)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.1.0.294 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.1.0.294 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Medion Home Cinema (HKLM\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (Version: 6.0.0000 - CyberLink Corp.) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
MPC-HC 1.7.1 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.1.0 - MPC-HC Team)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neverwinter (HKLM\...\Steam App 109600) (Version: - Cryptic Studios)
Notepad++ (HKLM\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.8 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
PDF24 Creator 5.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Pro Evolution Soccer 2013 (HKLM\...\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}) (Version: 1.00.0000 - KONAMI)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Secure Download Manager (HKLM\...\{AA57D6F1-6360-4397-B2D9-B21C69863D97}) (Version: 3.1.0 - Kivuto Solutions Inc.)
Sid Meier's Civilization 4 Complete (HKLM\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization V (HKLM\...\Civilization V) (Version: - 2K Games, Inc.)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization V SDK (HKLM\...\Steam App 16830) (Version: - Firaxis Games)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.4.185.g7545a404 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Stanley Parable Demo (HKLM\...\Steam App 247750) (Version: - Galactic Cafe)
Trojan Remover 6.9.1.2929 (HKLM\...\Trojan Remover_is1) (Version: 6.9.1.2929 - Simply Super Software)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip Malware Protector (HKLM\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zanzarah - Das verborgene Portal (HKLM\...\Zanzarah) (Version: - )
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {04BC1EEB-753E-4865-82ED-D5E665EE9C41} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {26F296AD-35C7-45AB-A610-74F9DADFD933} - System32\Tasks\{B9C411E5-601D-4E41-B06B-B3FD94BEF594} => D:\Programme\GTA2\gta2 manager.exe [2004-04-29] (DMA Design Ltd)
Task: {5E902388-64DC-4C50-A52A-40647EF662BE} - System32\Tasks\{33FEF8D8-7C8C-4DA8-A936-033166D8CD8A} => C:\Downloads\Diablo 2 with Lord of Destruction (v1.13c) (Direct Play)\Diablo II Lord of Destruction (v1.13c)\Diablo II\Diablo II.exe
Task: {611A61F6-07DF-46B0-9B20-E8C8DB571166} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1343621597-621099857-3195805417-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {6BFBE255-A9A2-4B5E-9523-7629996C3B55} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6F75608A-F9CB-4156-AA86-DBA2CF16036C} - System32\Tasks\{67B57EDC-0A0D-4767-BDD0-23E502460983} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {7A8444DC-9705-406B-9769-1E0B656875DD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1343621597-621099857-3195805417-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {872926D8-6B08-4CA1-98D5-3C59768F0F2D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.)
Task: {8E2EB793-A92E-4C4A-9727-FAA2992B07A9} - System32\Tasks\{9BB527AF-C42F-4B8A-BB84-C754B8F60509} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {A017E718-9735-46ED-88E4-C95DF4D6484B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-27] (AVAST Software)
Task: {A3233D82-5B31-4D64-B68D-5B1B6D5FC9F7} - System32\Tasks\{6B47F581-4DB9-4826-B81E-12E33C2C6C03} => C:\Downloads\Diablo 2 with Lord of Destruction (v1.13c) (Direct Play)\Diablo II Lord of Destruction (v1.13c)\Diablo II\Diablo II.exe
Task: {AB67AF85-E16B-4153-9047-55B58265FB30} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1343621597-621099857-3195805417-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {AD5C7EB2-1324-4EA9-8950-B9FE02CA2629} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.)
Task: {B5795E76-9207-45B3-9B8A-228A6E9AF640} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {B65917E6-C0F3-4C34-B944-BD8CAE008564} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {B682E259-21C3-4BE3-A587-4296F276DE8A} - System32\Tasks\{BA1D727D-8E20-4FAD-A89F-6CFB44442F08} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.114.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;systemlevelpresent
Task: {B8C47269-C8A5-41E2-B604-541A0F7A1C22} - System32\Tasks\{4F5A80C3-D4FE-4285-AD20-8EB0596C23F9} => C:\Downloads\Diablo 2 with Lord of Destruction (v1.13c) (Direct Play)\Diablo II Lord of Destruction (v1.13c)\Diablo II\Diablo II.exe
Task: {C18A2F54-57C5-4E8C-914C-1D5AC2743CF8} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1343621597-621099857-3195805417-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: {CAC4C636-5EF0-40B8-9BD7-8F07FA791665} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {CDF07D07-E196-445C-A080-1A04FE3FACB3} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F98F5B07-DA00-48B7-BA79-1A895B4873B0} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1343621597-621099857-3195805417-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {FE9FBA08-7214-45B2-BB50-15EC887AF69C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
==================== Loaded Modules (whitelisted) =============
2014-04-01 11:32 - 2014-04-01 09:18 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14040100\algo.dll
2007-09-11 00:45 - 2007-09-11 00:45 - 00124832 _____ () C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
2009-03-18 19:15 - 2009-03-18 19:15 - 00184320 _____ () C:\Windows\system32\WinTab32.DLL
2013-11-03 01:13 - 2013-11-03 01:13 - 00307728 _____ () C:\Users\Linda\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00260096 _____ () D:\Programme\Notepad++\NppShell_05.dll
2009-03-18 19:15 - 2009-03-18 19:15 - 00184320 _____ () C:\Windows\system32\wintab32.dll
2013-11-24 21:01 - 2013-11-24 21:01 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-29 14:20 - 2014-03-29 14:20 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-01-25 15:06 - 2014-01-25 15:06 - 16287624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: icq => C:\Users\Linda\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Linda\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/01/2014 04:38:22 AM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "K:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (03/31/2014 09:24:10 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (03/30/2014 11:05:54 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/30/2014 11:05:54 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/22/2014 04:43:33 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/22/2014 04:43:33 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/16/2014 05:47:12 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/16/2014 05:47:12 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/14/2014 07:51:25 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Unlock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
Error: (03/14/2014 07:51:25 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreMachineSleep: mDNS_Lock: Locking failure! mDNS_busy (1) != mDNS_reentrancy (0)
System errors:
=============
Error: (04/01/2014 11:58:01 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (04/01/2014 11:33:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (04/01/2014 04:30:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
%%126
Error: (04/01/2014 04:25:59 AM) (Source: DCOM) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/01/2014 04:25:58 AM) (Source: DCOM) (User: )
Description: 1084sdrsvc{687E55CA-6621-4C41-B9F1-C0EDDC94BB05}
Error: (04/01/2014 04:18:42 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (04/01/2014 04:12:34 AM) (Source: DCOM) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (04/01/2014 04:11:29 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswVmm
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf
Error: (04/01/2014 04:11:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/01/2014 04:11:29 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 46%
Total physical RAM: 3071.3 MB
Available physical RAM: 1657.12 MB
Total Pagefile: 11771.59 MB
Available Pagefile: 10179.61 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:156.57 GB) (Free:83.57 GB) NTFS
Drive d: () (Fixed) (Total:264.69 GB) (Free:153.38 GB) NTFS
Drive f: () (Fixed) (Total:245.04 GB) (Free:194.06 GB) NTFS
Drive i: () (Fixed) (Total:265.11 GB) (Free:141.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 009CCE01)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=157 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=775 GB) - (Type=OF Extended)
==================== End Of Log ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.04.2014 Suchlauf-Zeit: 11:54:17 Logdatei: mbam.txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.04.01.02 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Linda Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 224090 Verstrichene Zeit: 8 Min, 42 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 3 PUP.Optional.SweetIM.A, HKLM\SOFTWARE\SWEETIM, In Quarantäne, [2cfa4bdafd7e9c9aa872661ac142639d], PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1343621597-621099857-3195805417-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [b5712401fa819d996025691756adba46], PUP.Optional.SweetIM.A, HKU\S-1-5-21-1343621597-621099857-3195805417-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, In Quarantäne, [9c8a4cd997e4c1756daceb9524df5ba5], Registrierungswerte: 2 PUP.Optional.SweetIM.A, HKLM\SOFTWARE\SWEETIM|simapp_id, {7D80FDF4-10CF-11E2-B5C6-005056C00008}, In Quarantäne, [2cfa4bdafd7e9c9aa872661ac142639d] PUP.Optional.SweetIM.A, HKU\S-1-5-21-1343621597-621099857-3195805417-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {7D80FDF4-10CF-11E2-B5C6-005056C00008}, In Quarantäne, [9c8a4cd997e4c1756daceb9524df5ba5] Registrierungsdaten: 0 (No malicious items detected) Ordner: 3 PUP.Optional.OpenCandy, C:\Users\Linda\AppData\Roaming\OpenCandy, In Quarantäne, [e442ea3b9dde0333ab754b068b7701ff], PUP.Optional.OpenCandy, C:\Users\Linda\AppData\Roaming\OpenCandy\215B50B338E04FA48AD5C50E3318F6F0, In Quarantäne, [e442ea3b9dde0333ab754b068b7701ff], PUP.Optional.OpenCandy, C:\Users\Linda\AppData\Roaming\OpenCandy\9A45FFBE2C1B4AE88B1C007C05E96027, In Quarantäne, [e442ea3b9dde0333ab754b068b7701ff], Dateien: 4 PUP.Optional.OpenCandy.A, C:\Users\Linda\AppData\Roaming\OpenCandy\9A45FFBE2C1B4AE88B1C007C05E96027\LatestDLMgr.exe, In Quarantäne, [aa7ccc59b8c389ad98ae29dbe8196898], PUP.Optional.OpenCandy, C:\Users\Linda\AppData\Roaming\OpenCandy\215B50B338E04FA48AD5C50E3318F6F0\speedupmypcDE.exe, In Quarantäne, [e442ea3b9dde0333ab754b068b7701ff], PUP.Optional.OpenCandy, C:\Users\Linda\AppData\Roaming\OpenCandy\9A45FFBE2C1B4AE88B1C007C05E96027\2175.ico, In Quarantäne, [e442ea3b9dde0333ab754b068b7701ff], PUP.Optional.OpenCandy, C:\Users\Linda\AppData\Roaming\OpenCandy\9A45FFBE2C1B4AE88B1C007C05E96027\driverscannerDE.exe, In Quarantäne, [e442ea3b9dde0333ab754b068b7701ff], Physische Sektoren: 0 (No malicious items detected) (end) |
|
02.04.2014, 11:14
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der Taskleiste hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Plötzliche Geräusche von Werbung im Hintergrund ohne zugehöriges Programm in der Taskleiste |
| .dll, battle.net, browser, button, firefox, format, generic, geräusche, kostenlos, logfile, micro, ordner, programme, pup.optional.1clickdownload.a, pup.optional.opencandy, pup.optional.opencandy.a, pup.optional.sweetim.a, registry, software, super, tables, taskleiste, warning, werbung, winzip malware protector |
WARNUNG an die MITLESER: 
Linear-Darstellung
