|
Antiviren-, Firewall- und andere Schutzprogramme: Kann keine Firewall installierenWindows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
12.04.2014, 17:00 | #1 |
| Kann keine Firewall installieren Hallo, ich nutze momentan Kaspersky Internet Security 2014. Oft stürzt es allerdings ab, seit dem einmal ein Virus (Malware oder so gemeldet wurde, weiß es nicht mehr genau). Das ganze war schon vor einigen Monaten. Habe dann mal Bitdefender installiert, doch da wurde die ganze Zeit irgendwie irgendwas runtergeladen und mein Internet war immer total ausgelastet, bis gar nichts mehr ging. Dann habe ich gestern mal Avast installiert, doch direkt nach der Installation ist der PC mit Bluescreen abgestürzt und konnte nach dem Start immer so 2 Minuten etwas machen, dann hat er sich die ganze Zeit aufgehangen bis ich nichts mehr machen konnte. Konnte es zum Glück aber noch deinstallieren, dann ging der PC wieder normal. Aber das ist doch nicht normal dass ich keine Firewall installieren kann?? Ist eventuell das ein Trojaner oder ähnliches?? Was soll ich jetzt machen? Weil Kaspersky sagt ja der PC ist sicher... Oder Kaspersky ist auch schon "infiziert", sodass es nicht mehr richtig funktioniert. Danke schonmal im voraus für Antworten! |
12.04.2014, 17:27 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installieren Was du da vorhast kann garnicht funktionieren, du versuchst nämlich rel. planlos ein "Sicherheitsprodukt" nach dem anderen auf den Rechner zu klatschen.
__________________Wenn du nicht mehr weißt was gefunden wurde musst du einfach nur ins Log schauen und schon siehste was das war. Zitat:
__________________ |
12.04.2014, 17:31 | #3 |
| Kann keine Firewall installieren Die ist da irgendwie nicht mehr, aber am 23.3. wurde die "not-a-virus:HEUR:AdWare.Win32.Yotoon.heur" gefunden.
__________________ |
12.04.2014, 19:18 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installieren Erstmal ein Log mit FRST bitte Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
13.04.2014, 10:04 | #5 |
| Kann keine Firewall installieren FRST: [ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01 Ran by Janis (administrator) on JANIS-PC on 13-04-2014 11:02:01 Running from H:\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Salfeld Computer) C:\Windows\SysWOW64\cc32\webtmr.exe (Salfeld Computer) C:\Windows\tray\wintmr.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe () C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Grass Valley K.K.) C:\Program Files (x86)\Grass Valley\GV LicenseManager\AppMaintainer.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe (Helge Klein) C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DiskLED.exe (SoftPerfect Research) C:\Portable\Networx\networx.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\ishutdown\iShutdown\iShutdown.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe () C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (SWE Sven Ritter) C:\Program Files (x86)\SpeedCommander 15\SpeedCommander.exe (Microsoft Corporation) C:\Windows\System32\dinotify.exe (Google) C:\Users\Janis\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe (Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [ChicoSys] - C:\Windows\SysWOW64\cc32\webtmr.exe [6484352 2009-07-14] (Salfeld Computer) HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2013-12-03] () HKLM-x32\...\Run: [NPSStartup] - [X] HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-04] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [CCWinTray] - C:\Windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer) HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [ishutdown2] - C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe [17920 2011-05-31] () HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [Google Update] - C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-29] (Google Inc.) HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [GoogleChromeAutoLaunch_614D6633E1F6CB2817A8B53E0FC278B1] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.) HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\system: [DisableClock] 1 HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\Explorer: [NoFind] 0 Startup: C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DiskLED.exe (Helge Klein) Startup: C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\networx - Verknüpfung.lnk ShortcutTarget: networx - Verknüpfung.lnk -> C:\Portable\Networx\networx.exe (SoftPerfect Research) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x830F29FB13DFCE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/ HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{BCFA51DC-955E-4249-A1A8-103EEAC86637}: [NameServer]192.168.65.199 FireFox: ======== FF ProfilePath: C:\Users\Janis\AppData\Roaming\Mozilla\Firefox\Profiles\vfzbjb5t.default FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.de FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @java.com/DTPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Janis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Janis\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Janis\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Janis\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Janis\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Janis\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\Janis\AppData\Roaming\Mozilla\Firefox\Profiles\vfzbjb5t.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-06] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-17] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-17] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-17] FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-17] FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-17] Chrome: ======= CHR HomePage: hxxp://google.de/ CHR Extension: (Google Translate) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-04-02] CHR Extension: (Google Drive) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11] CHR Extension: (Kaspersky Protection) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-30] CHR Extension: (YouTube) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11] CHR Extension: (Adblock Plus) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-26] CHR Extension: (YouTube™ Ratings Preview) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2013-12-01] CHR Extension: (Google-Suche) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11] CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-12-28] CHR Extension: (bitly | ♥ your bitmarks) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2013-12-09] CHR Extension: (Auto HD For YouTube™) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-03-18] CHR Extension: (Schwarz + Silber-Metall-Kohlenstoff) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2013-11-26] CHR Extension: (Hangouts) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-23] CHR Extension: (Google Wallet) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11] CHR Extension: (Google Mail) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11] CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2013-11-11] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17] ==================== Services (Whitelisted) ================= R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2013-12-31] (SOURCENEXT) S3 DummyService; C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe [66328 2013-12-12] (Grass Valley K.K.) R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-07-17] (Freemake) R2 GVDownloadAgentService; C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe [66328 2013-12-12] (Grass Valley K.K.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S2 ksupmgr; C:\Windows\SysWOW64\ksupmgr.exe [765592 2010-08-25] (Salfeld Computer) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 TeamViewer9; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH) ==================== Drivers (Whitelisted) ==================== S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [38944 2013-12-31] (B.H.A Corporation) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-11-11] (DT Soft Ltd) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-17] (Kaspersky Lab ZAO) S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-24] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-17] (Kaspersky Lab ZAO) S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation) S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare) S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare) S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-13 11:01 - 2014-04-13 11:02 - 00000000 ____D () C:\FRST 2014-04-12 15:31 - 2014-04-12 15:31 - 00000000 ____D () C:\Program Files (x86)\MobiOne 2014-04-11 12:15 - 2014-04-11 12:16 - 00000964 _____ () C:\Windows\LkmdfCoInst.log 2014-04-10 19:13 - 2014-04-10 19:13 - 00298008 _____ () C:\Windows\Minidump\041014-27222-01.dmp 2014-04-10 19:13 - 2014-04-10 19:13 - 00000000 ____D () C:\Windows\Minidump 2014-04-10 19:10 - 2014-04-10 19:10 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-04-08 16:29 - 2014-04-08 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-07 15:43 - 2014-04-07 15:43 - 00000000 ____D () C:\Users\Janis\AppData\Local\Macroplant 2014-04-07 15:32 - 2014-04-07 16:00 - 00000000 ____D () C:\Program Files (x86)\iExplorer 2014-04-05 20:58 - 2014-04-05 20:58 - 00000222 _____ () C:\Users\Janis\Desktop\Rust.url 2014-04-05 15:31 - 2014-04-05 15:31 - 00002684 _____ () C:\Users\Janis\AppData\Local\recently-used.xbel 2014-04-05 10:25 - 2014-04-05 10:25 - 00000000 ____D () C:\Users\Janis\www.apowersoft.com 2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\Documents\Apowersoft Free Audio Recorder 2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Apowersoft 2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Free Audio Recorder 2014-04-04 21:04 - 2014-04-04 21:07 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\WindSolutions 2014-04-04 21:04 - 2014-04-04 21:06 - 00000000 ____D () C:\ProgramData\WindSolutions 2014-04-04 20:31 - 2014-04-04 20:31 - 00000000 ____D () C:\Users\Janis\.android 2014-04-04 20:21 - 2014-04-04 21:16 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer 2014-03-31 16:07 - 2014-03-31 15:35 - 00001133 _____ () C:\Users\Janis\Desktop\Opera.lnk 2014-03-31 15:35 - 2014-04-03 19:43 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Opera Software 2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Local\Opera Software 2014-03-30 16:34 - 2014-04-12 16:12 - 00000000 ____D () C:\Users\Janis\Documents\PhraseExpress 2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhraseExpress 2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\ProgramData\PhraseExpress 2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Program Files (x86)\PhraseExpress 2014-03-29 13:23 - 2014-04-13 10:56 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA.job 2014-03-29 13:23 - 2014-04-12 14:34 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core.job 2014-03-29 13:23 - 2014-03-31 14:29 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA 2014-03-29 13:23 - 2014-03-31 14:29 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iTunes 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iPod 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\Users\Janis\AppData\Local\WarThunder 2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\ProgramData\WarThunder 2014-03-26 16:52 - 2014-03-26 17:15 - 00000040 _____ () C:\Users\Janis\AppData\Roaming\TheHunterSettings_live.cfg 2014-03-24 11:59 - 2014-03-24 12:05 - 00000000 ____D () C:\Users\Janis\Documents\RCT3 2014-03-24 11:59 - 2014-03-24 11:59 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll 2014-03-24 11:59 - 2014-03-24 11:59 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Atari 2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Program Files (x86)\GomPlayer 2014-03-21 19:50 - 2014-04-02 17:47 - 00000000 ____D () C:\Users\Janis\AppData\Local\DayZ 2014-03-21 19:50 - 2014-03-21 20:47 - 00000000 ____D () C:\Users\Janis\Documents\DayZ 2014-03-20 17:20 - 2014-03-20 17:20 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\java 2014-03-20 17:19 - 2014-03-20 17:19 - 00312728 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-03-20 17:19 - 2014-03-20 17:19 - 00191384 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-03-20 17:19 - 2014-03-20 17:19 - 00190872 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-03-20 17:19 - 2014-03-20 17:19 - 00111000 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.jmc 2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.eclipse 2014-03-20 17:17 - 2014-03-20 17:19 - 00000000 ____D () C:\Program Files\Java 2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhotoSync 2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Local\touchbyte_GmbH 2014-03-19 14:59 - 2014-03-19 15:00 - 00000000 ____D () C:\Program Files (x86)\PhotoSync 2014-03-18 17:37 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-03-17 19:20 - 2014-03-17 19:20 - 00000551 _____ () C:\Users\Janis\Desktop\Minecraft.lnk 2014-03-16 13:19 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\.minecraft 2014-03-14 20:10 - 2014-03-14 20:10 - 00000000 ____D () C:\Users\Janis\AppData\Local\Skype 2014-03-14 20:09 - 2014-03-14 20:09 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-14 16:11 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-14 16:11 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-14 16:11 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-14 16:11 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-14 16:11 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-14 16:11 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-14 16:11 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-14 16:11 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-14 16:11 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-14 16:11 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-14 16:11 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-14 16:11 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-14 16:11 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-14 16:11 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-14 16:11 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-14 16:11 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-14 16:11 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-14 16:11 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-14 16:11 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-14 16:11 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-14 16:11 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-14 16:11 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-14 16:11 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-14 16:11 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-14 16:11 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-14 16:11 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-14 16:11 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-14 16:11 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-14 16:11 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-14 16:11 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-14 16:11 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-14 16:11 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-14 16:11 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-14 16:11 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-14 16:11 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-14 16:11 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-14 16:11 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-14 16:11 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-14 16:11 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-14 16:11 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-14 15:49 - 2014-04-07 17:03 - 00000000 ____D () C:\Users\Janis\Documents\ManiaPlanet 2014-03-14 15:49 - 2014-04-07 16:49 - 00000000 ____D () C:\ProgramData\ManiaPlanet 2014-03-14 15:10 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-14 15:10 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-14 15:10 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-14 15:05 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-14 15:05 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll ==================== One Month Modified Files and Folders ======= 2014-04-13 11:02 - 2014-04-13 11:01 - 00000000 ____D () C:\FRST 2014-04-13 11:01 - 2009-07-14 06:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-13 11:01 - 2009-07-14 06:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-13 10:58 - 2014-01-12 00:00 - 00013788 _____ () C:\Windows\SysWOW64\cchservice.err 2014-04-13 10:58 - 2013-11-24 12:01 - 00000000 ___HD () C:\ProgramData\Device 2014-04-13 10:57 - 2013-11-24 12:00 - 00000000 ____D () C:\Windows\SysWOW64\scurl 2014-04-13 10:57 - 2013-11-11 22:11 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Skype 2014-04-13 10:56 - 2014-03-29 13:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA.job 2014-04-13 10:56 - 2013-11-11 21:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-13 10:56 - 2013-11-11 21:21 - 01135294 _____ () C:\Windows\WindowsUpdate.log 2014-04-13 10:55 - 2014-02-21 17:01 - 00021217 _____ () C:\Windows\setupact.log 2014-04-13 10:55 - 2013-11-24 12:01 - 00001268 _____ () C:\Windows\SysWOW64\excltmp~.dat 2014-04-13 10:55 - 2013-11-12 18:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-12 18:19 - 2013-11-11 21:53 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-04-12 16:16 - 2013-11-11 21:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-12 16:12 - 2014-03-30 16:34 - 00000000 ____D () C:\Users\Janis\Documents\PhraseExpress 2014-04-12 15:31 - 2014-04-12 15:31 - 00000000 ____D () C:\Program Files (x86)\MobiOne 2014-04-12 14:34 - 2014-03-29 13:23 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core.job 2014-04-12 12:54 - 2011-04-12 09:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2014-04-12 12:54 - 2011-04-12 09:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2014-04-12 12:54 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-11 12:16 - 2014-04-11 12:15 - 00000964 _____ () C:\Windows\LkmdfCoInst.log 2014-04-11 12:15 - 2013-11-12 16:30 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2014-04-11 12:06 - 2013-11-15 16:19 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-11 12:04 - 2013-11-15 16:19 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-11 11:56 - 2014-02-21 18:02 - 00307918 _____ () C:\Windows\PFRO.log 2014-04-11 11:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-10 19:24 - 2013-11-11 21:57 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-10 19:13 - 2014-04-10 19:13 - 00298008 _____ () C:\Windows\Minidump\041014-27222-01.dmp 2014-04-10 19:13 - 2014-04-10 19:13 - 00000000 ____D () C:\Windows\Minidump 2014-04-10 19:10 - 2014-04-10 19:10 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-04-10 17:43 - 2013-11-11 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-09 19:57 - 2014-01-25 00:55 - 00000000 ____D () C:\Users\Janis\AppData\Local\Adobe 2014-04-09 19:57 - 2013-11-12 18:08 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-09 19:57 - 2013-11-12 18:08 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-09 19:57 - 2013-11-12 18:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-08 16:51 - 2013-11-11 22:28 - 00000000 ____D () C:\Users\Janis\Documents\Euro Truck Simulator 2 2014-04-08 16:29 - 2014-04-08 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-07 19:19 - 2013-11-24 12:01 - 00000259 _____ () C:\NET.INI 2014-04-07 18:00 - 2013-11-11 22:16 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Apple Computer 2014-04-07 17:12 - 2013-11-24 16:35 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-04-07 17:03 - 2014-03-14 15:49 - 00000000 ____D () C:\Users\Janis\Documents\ManiaPlanet 2014-04-07 16:49 - 2014-03-14 15:49 - 00000000 ____D () C:\ProgramData\ManiaPlanet 2014-04-07 16:00 - 2014-04-07 15:32 - 00000000 ____D () C:\Program Files (x86)\iExplorer 2014-04-07 15:43 - 2014-04-07 15:43 - 00000000 ____D () C:\Users\Janis\AppData\Local\Macroplant 2014-04-05 20:58 - 2014-04-05 20:58 - 00000222 _____ () C:\Users\Janis\Desktop\Rust.url 2014-04-05 15:31 - 2014-04-05 15:31 - 00002684 _____ () C:\Users\Janis\AppData\Local\recently-used.xbel 2014-04-05 15:31 - 2013-12-14 14:19 - 00000000 ____D () C:\Users\Janis\AppData\Local\gtk-2.0 2014-04-05 15:31 - 2013-12-14 13:35 - 00000000 ____D () C:\Users\Janis\.gimp-2.8 2014-04-05 14:18 - 2013-12-04 16:13 - 00009216 _____ () C:\Users\Janis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-04-05 10:25 - 2014-04-05 10:25 - 00000000 ____D () C:\Users\Janis\www.apowersoft.com 2014-04-05 10:25 - 2013-11-11 21:21 - 00000000 ____D () C:\Users\Janis 2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\Documents\Apowersoft Free Audio Recorder 2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Apowersoft 2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Free Audio Recorder 2014-04-04 21:16 - 2014-04-04 20:21 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer 2014-04-04 21:07 - 2014-04-04 21:04 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\WindSolutions 2014-04-04 21:06 - 2014-04-04 21:04 - 00000000 ____D () C:\ProgramData\WindSolutions 2014-04-04 20:31 - 2014-04-04 20:31 - 00000000 ____D () C:\Users\Janis\.android 2014-04-03 19:43 - 2014-03-31 15:35 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-04-03 16:11 - 2013-11-11 21:29 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-04-03 16:11 - 2013-11-11 21:29 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-04-02 19:19 - 2013-11-11 22:03 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Spotify 2014-04-02 17:47 - 2014-03-21 19:50 - 00000000 ____D () C:\Users\Janis\AppData\Local\DayZ 2014-03-31 15:35 - 2014-03-31 16:07 - 00001133 _____ () C:\Users\Janis\Desktop\Opera.lnk 2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Opera Software 2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Local\Opera Software 2014-03-31 14:29 - 2014-03-29 13:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA 2014-03-31 14:29 - 2014-03-29 13:23 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core 2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhraseExpress 2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\ProgramData\PhraseExpress 2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Program Files (x86)\PhraseExpress 2014-03-30 11:52 - 2014-03-16 13:19 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\.minecraft 2014-03-30 11:18 - 2013-11-11 21:21 - 00000000 ___RD () C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-30 11:17 - 2009-07-14 06:45 - 00389048 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-03-29 19:10 - 2013-12-21 15:18 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Syncios 2014-03-29 14:58 - 2013-12-15 14:37 - 00000000 ____D () C:\Program Files (x86)\Fraps 2014-03-29 13:23 - 2013-11-11 21:40 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Mozilla 2014-03-29 13:23 - 2013-11-11 21:29 - 00000000 ____D () C:\Users\Janis\AppData\Local\Google 2014-03-28 18:39 - 2013-12-21 13:59 - 00000000 ____D () C:\Users\Janis\AppData\Local\Apple Computer 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iTunes 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iPod 2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-03-28 18:22 - 2013-11-11 22:09 - 00000000 ____D () C:\ProgramData\Apple 2014-03-28 18:21 - 2013-11-11 22:09 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-03-26 21:15 - 2013-11-11 23:09 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\Users\Janis\AppData\Local\WarThunder 2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\ProgramData\WarThunder 2014-03-26 21:13 - 2013-11-17 20:42 - 00000000 ____D () C:\Users\Janis\Documents\My Games 2014-03-26 17:15 - 2014-03-26 16:52 - 00000040 _____ () C:\Users\Janis\AppData\Roaming\TheHunterSettings_live.cfg 2014-03-25 20:17 - 2013-11-15 17:41 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-03-25 13:33 - 2013-11-11 22:03 - 00000000 ____D () C:\Users\Janis\AppData\Local\Spotify 2014-03-24 12:05 - 2014-03-24 11:59 - 00000000 ____D () C:\Users\Janis\Documents\RCT3 2014-03-24 11:59 - 2014-03-24 11:59 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll 2014-03-24 11:59 - 2014-03-24 11:59 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Atari 2014-03-24 11:58 - 2014-02-21 17:47 - 00146106 _____ () C:\Windows\DirectX.log 2014-03-24 11:31 - 2014-01-17 22:18 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2014-03-24 11:31 - 2014-01-17 22:18 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2014-03-22 17:04 - 2014-03-11 17:31 - 00000000 ____D () C:\Users\Janis\AppData\Local\Paint.NET 2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Program Files (x86)\GomPlayer 2014-03-21 22:21 - 2013-11-24 16:42 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\TeamViewer 2014-03-21 20:47 - 2014-03-21 19:50 - 00000000 ____D () C:\Users\Janis\Documents\DayZ 2014-03-21 14:55 - 2014-03-18 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-03-20 17:20 - 2014-03-20 17:20 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\java 2014-03-20 17:19 - 2014-03-20 17:19 - 00312728 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-03-20 17:19 - 2014-03-20 17:19 - 00191384 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-03-20 17:19 - 2014-03-20 17:19 - 00190872 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-03-20 17:19 - 2014-03-20 17:19 - 00111000 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.jmc 2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.eclipse 2014-03-20 17:19 - 2014-03-20 17:17 - 00000000 ____D () C:\Program Files\Java 2014-03-20 16:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-03-20 16:37 - 2013-11-11 21:29 - 00098048 _____ () C:\Users\Janis\AppData\Local\GDIPFONTCACHEV1.DAT 2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhotoSync 2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Local\touchbyte_GmbH 2014-03-19 15:00 - 2014-03-19 14:59 - 00000000 ____D () C:\Program Files (x86)\PhotoSync 2014-03-17 19:20 - 2014-03-17 19:20 - 00000551 _____ () C:\Users\Janis\Desktop\Minecraft.lnk 2014-03-14 21:43 - 2014-03-13 21:49 - 00000000 ____D () C:\Users\Janis\Documents\TrackMania 2014-03-14 20:10 - 2014-03-14 20:10 - 00000000 ____D () C:\Users\Janis\AppData\Local\Skype 2014-03-14 20:10 - 2013-11-11 21:42 - 00000000 ____D () C:\ProgramData\Skype 2014-03-14 20:09 - 2014-03-14 20:09 - 00000000 ___RD () C:\Program Files (x86)\Skype Some content of TEMP: ==================== C:\Users\Janis\AppData\Local\Temp\ExPromo.exe C:\Users\Janis\AppData\Local\Temp\nsc2CA8.exe C:\Users\Janis\AppData\Local\Temp\nscFD7C.exe C:\Users\Janis\AppData\Local\Temp\nsh34B8.exe C:\Users\Janis\AppData\Local\Temp\nsh3813.exe C:\Users\Janis\AppData\Local\Temp\nshB201.exe C:\Users\Janis\AppData\Local\Temp\nsm2630.exe C:\Users\Janis\AppData\Local\Temp\nsm317C.exe C:\Users\Janis\AppData\Local\Temp\nsm8FFC.exe C:\Users\Janis\AppData\Local\Temp\nsr295C.exe C:\Users\Janis\AppData\Local\Temp\nsr88C9.exe C:\Users\Janis\AppData\Local\Temp\nsr8CC0.exe C:\Users\Janis\AppData\Local\Temp\nsrB59A.exe C:\Users\Janis\AppData\Local\Temp\nsrB8F5.exe C:\Users\Janis\AppData\Local\Temp\SIntf16.dll C:\Users\Janis\AppData\Local\Temp\SIntf32.dll C:\Users\Janis\AppData\Local\Temp\SIntfNT.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-15 04:48 ==================== End Of Log ============================ --- --- --- ][/CODE] Addition: [Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2014 01 Ran by Janis at 2014-04-13 11:02:35 Running from H:\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD} ==================== Installed Programs ====================== 2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft) 2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden 7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.) AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden Apowersoft Gratis - Audiorekorder V2.1.2 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.1.2 - Apowersoft) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Blender (HKLM\...\Blender) (Version: 2.68 - Blender Foundation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) EDIUS (HKLM\...\{E7CCB338-2A54-4F44-947B-958BD847A5D3}) (Version: 7.21 - Grass Valley K.K.) EDIUS Codec Option 7.21 (HKLM-x32\...\{7E4E5B65-9B8B-4ECE-9C1F-9C96DA0BC620}) (Version: 7.21 - Grass Valley K.K.) EDIUS DVD Menu Style 7.00 (HKLM\...\{7E8ED929-2A09-4A42-B2F5-C361A4E525B9}) (Version: 7.00 - Grass Valley K.K.) EDIUS Manual 7.00 DE (HKLM\...\{EA477796-FDF9-4A2E-8925-686339F884A8}) (Version: 7.00 - Grass Valley K.K.) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Evernote v. 4.6.1 (HKLM-x32\...\{9D8BAA74-5B7D-11E2-8273-984BE15F174E}) (Version: 4.6.1.7860 - Evernote Corp.) Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - ) FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team) Fairground 2 Halloween - Version 2.0.5 (HKLM-x32\...\{DDFB5452-C0D5-480E-AC26-E44799DF189A}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH) Fast Image-Map 2.2.1 (HKLM-x32\...\FastImageMap_is1) (Version: 2.2.1.0 - Martin Hentschel (CL-Soft)) FixFoto 3.00 (HKLM-x32\...\FixFoto_is1) (Version: - Joachim Koopmann Software) Flughafen-Feuerwehr-Simulator 2013 Version 1.0 (HKLM-x32\...\{86D596F4-CB90-4F4B-B752-8A55D0C62664}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) FreeCAD 0.13 (HKLM-x32\...\{2B2B5D2B-0F01-410B-843B-8F437FD75FBF}) (Version: 0.13.1828 - Juergen Riegel (FreeCAD@juergen-riegel.net)) Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation) Freemake Video Converter Version 4.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.0 - Ellora Assets Corporation) Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation) Galaxy On Fire 2 (c) BitComposer games version 1 (HKLM-x32\...\Galaxy On Fire 2 (c) BitComposer games_is1) (Version: 1 - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Ghostcontrol Inc. Version 1.0.7 (HKLM-x32\...\{E0D897CC-7364-4B67-B46F-383E5C53CE23}_is1) (Version: 1.0.7 - bumblebee. / Application Systems Heidelberg) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5183 - Gretech Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden GV LicenseManager 2.21 (HKLM-x32\...\{EE256B6B-7F66-409B-9CF2-CE9B64947CBC}) (Version: 2.21 - Grass Valley K.K.) Inkscape 0.48.4 (HKCU\...\Inkscape) (Version: 0.48.4 - ) Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) iShutdown (HKLM-x32\...\{08AB3EB6-158A-4415-8627-C41C629CC611}) (Version: 1.00.0000 - Your Company Name) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation) Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden Kindersicherung 2013 (HKLM-x32\...\Kindersicherung_is1) (Version: - Salfeld Computer GmbH) Klomanager (HKLM-x32\...\Klomanager) (Version: - ) Klomanager Deluxe (HKLM-x32\...\{C0233BEE-D9AA-4CAF-A745-10C2CC902F11}) (Version: 1.6.0.0 - Anvil-Soft) KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version: - KompoZer) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.) Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech) Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version: - Ivan Anton Albarracin) MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG) MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden MediaInfo 0.7.65 (HKLM\...\MediaInfo) (Version: 0.7.65 - MediaArea.net) Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) MonochromiX 1.39 (HKLM-x32\...\MonochromiX_is1) (Version: - Joachim Koopmann Software) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla) Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz) OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.06 - aerosoft) Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC) PhotoSync (HKLM\...\{7D69D25B-03CD-4FD3-9E05-7069B8CB88F4}) (Version: 2.1.2 - touchbyte GmbH) PhraseExpress v10.1.28 (HKLM-x32\...\PhraseExpress_is1) (Version: 10.1.28 - Bartels Media GmbH) ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Real Heroes Firefighter (HKLM-x32\...\Real Heroes - Firefighter_is1) (Version: - rondomedia) Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.6 - Realtek) RESCUE 2013 (HKCU\...\RESCUE 2013) (Version: 1.30.00.00 - rondomedia GmbH) RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.) Schlagwortsuche 1.14 (HKLM-x32\...\Schlagwortsuche_is1) (Version: - Joachim Koopmann Software) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) SpeedCommander 15 (HKLM-x32\...\SpeedCommander 15) (Version: 15.00.7340 - SWE Sven Ritter) Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB) Stadtbahn Simulator Düsseldorf (HKLM-x32\...\{83CD9117-D772-437B-8B18-6D00BCFE9E01}) (Version: 1.0.0 - Rondomedia) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Syncios Version 3.0.3 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.3 - Anvsoft, Inc.) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 622 - Expansive Worlds) TMPGEnc Authoring Works 4 (HKLM-x32\...\{B8D91F6B-803A-4579-9DAD-1377B56DC657}) (Version: 4.0.7.32 - Pegasys Inc.) TP-LINK TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK) TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo) TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo) Trainz Simulator 12 (HKLM-x32\...\Steam App 24670) (Version: - N3V Games) Videoload (HKCU\...\3241508355.wcps.t-online.de) (Version: - wcps.t-online.de) Viscera Cleanup Detail - ALPHA (HKLM\...\UDK-7887d759-a576-4abc-9119-92293a000d71) (Version: - RuneStorm) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) Werkfeuerwehr Simulator 2014 Version 1.2 (HKLM-x32\...\{8694B919-8C39-41FB-875E-0FC8E3EE3216}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org) World of Subways Vol.2 (HKLM-x32\...\{0A902DF4-B767-49DB-98D3-D413E6F1E703}) (Version: 1.20 - TML-Studios) Youtube Downloader HD v. 2.9.9.2 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com) ==================== Restore Points ========================= ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {86EB76BE-217E-4DBE-B2E3-086ACEFE1BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {8CB8F3D2-5BA4-4F06-A641-8455141F21B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.) Task: {93064B35-7DAA-4073-BC54-75516538AC73} - System32\Tasks\{D62CF34C-4195-4396-B923-4957957D6092} => Chrome.exe hxxp://ui.skype.com/ui/0/6.10.0.104/de/go/help.faq.installer?source=lightinstaller&LastError=1618 Task: {B18855DF-42C5-4A47-B5A6-CA39E0B88211} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.) Task: {E50AB4C2-651B-421D-A4B5-A0965B0D42DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {FD06857C-30C7-4F91-BC25-4DAAD081B1F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core.job => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA.job => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-05-31 02:00 - 2011-05-31 02:00 - 00017920 _____ () C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe 2013-12-21 15:18 - 2013-12-03 09:34 - 00723456 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe 2011-06-14 23:31 - 2011-06-14 23:31 - 00056320 _____ () C:\Program Files (x86)\ishutdown\iShutdown\iShutdown.exe 2014-04-03 19:43 - 2014-04-02 13:19 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe 2014-04-10 15:34 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll 2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll 2013-11-11 22:17 - 2009-11-28 23:34 - 00451584 _____ () C:\Portable\Networx\sqlite.dll 2013-12-21 15:18 - 2013-12-19 18:09 - 00377344 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll 2013-12-21 15:18 - 2013-10-27 00:02 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll 2013-12-21 15:18 - 2013-10-27 00:00 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-02-12 21:58 - 2014-02-12 21:58 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2014-04-10 15:34 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll 2014-04-10 15:34 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll 2014-04-10 15:34 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll 2014-04-10 15:34 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll 2014-04-10 15:34 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll 2014-03-18 17:37 - 2014-03-18 17:37 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-03-18 17:37 - 2014-03-18 17:37 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-03-18 17:37 - 2014-03-18 17:37 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-04-10 15:49 - 2014-04-10 15:49 - 00181760 _____ () C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.326.1305.2_0\plugin\ace.dll 2014-04-03 19:43 - 2014-04-02 13:19 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libglesv2.dll 2014-04-03 19:43 - 2014-04-02 13:19 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libegl.dll 2014-04-03 19:43 - 2014-04-02 13:19 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\ffmpegsumo.dll 2014-04-09 19:57 - 2014-04-09 19:57 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll 2014-03-30 16:34 - 2014-03-26 17:50 - 00457512 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll 2012-08-29 07:50 - 2012-08-29 07:50 - 21009920 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll 2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll 2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll 2012-08-29 07:50 - 2012-08-29 07:50 - 00983054 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll 2012-08-29 07:50 - 2012-08-29 07:50 - 00133134 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll 2012-08-29 07:50 - 2012-08-29 07:50 - 00189454 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\TEMP:06A7F9ED AlternateDataStreams: C:\ProgramData\TEMP:8FCD8443 AlternateDataStreams: C:\ProgramData\TEMP:A5B56640 ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service" ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: HID-Tastatur Description: HID-Tastatur Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardtastaturen) Service: kbdhid Problem: : Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38) Resolution: The driver could not be loaded because a previous instance is still loaded. Restart the computer. ==================== Event log errors: ========================= Application errors: ================== Error: (04/12/2014 06:55:14 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2028 Error: (04/12/2014 06:55:14 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2028 Error: (04/12/2014 06:55:14 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/12/2014 06:55:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1029 Error: (04/12/2014 06:55:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1029 Error: (04/12/2014 06:55:13 PM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (04/12/2014 09:25:51 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: ccsync.exe, Version: 6.418.0.0, Zeitstempel: 0x52677676 Name des fehlerhaften Moduls: ccsync.exe, Version: 6.418.0.0, Zeitstempel: 0x52677676 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000061fe ID des fehlerhaften Prozesses: 0x246c Startzeit der fehlerhaften Anwendung: 0xccsync.exe0 Pfad der fehlerhaften Anwendung: ccsync.exe1 Pfad des fehlerhaften Moduls: ccsync.exe2 Berichtskennung: ccsync.exe3 Error: (04/12/2014 09:15:15 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 38769946 Error: (04/12/2014 09:15:15 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 38769946 Error: (04/12/2014 09:15:15 AM) (Source: Bonjour Service) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (04/12/2014 03:21:18 PM) (Source: volsnap) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (04/11/2014 00:13:23 PM) (Source: Disk) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden. Error: (04/11/2014 00:12:12 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht. Error: (04/11/2014 00:12:12 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Schedule erreicht. Error: (04/11/2014 00:11:42 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht. Error: (04/11/2014 11:56:47 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Bilderfassung (WIA)" ist vom Dienst "Shellhardwareerkennung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (04/11/2014 11:56:29 AM) (Source: Application Popup) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (04/11/2014 11:56:21 AM) (Source: Application Popup) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (04/10/2014 07:59:25 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows-Bilderfassung (WIA)" ist vom Dienst "Shellhardwareerkennung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (04/10/2014 07:59:08 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-04-12 16:49:23.212 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:49:23.212 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:49:23.211 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:49:23.210 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:49:23.193 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:49:23.171 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:27:51.211 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:27:51.211 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:27:51.210 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-04-12 16:27:51.210 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 54% Total physical RAM: 8104.27 MB Available physical RAM: 3686.42 MB Total Pagefile: 16206.73 MB Available Pagefile: 10187.76 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:82.91 GB) (Free:8.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive h: (H-800GB) (Fixed) (Total:848.5 GB) (Free:292.89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D8DDF3A1) Partition: GPT Partition Type. ==================== End Of Log ============================][/CODE] |
13.04.2014, 11:52 | #6 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installierenZitat:
Wenn nicht, wieso ein Windows 7 Professional und Office Enterprise?
__________________ --> Kann keine Firewall installieren |
13.04.2014, 11:55 | #7 |
| Kann keine Firewall installieren Nein, privater PC. Windows 7 Professional war halt dabei. |
13.04.2014, 11:58 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installieren Und warum schweigst du dich zu Office aus? Eine Enterprise Edition hat normalerweise KEIN Privatkunde auf dem Rechner drauf. Woher hast du diese Office Edition?
__________________ Logfiles bitte immer in CODE-Tags posten |
13.04.2014, 11:59 | #9 |
| Kann keine Firewall installieren Das war vor Jahren.. Ein Angebot glaub ich damit ich auch für den geschäftlichen pc nutzen kann. |
13.04.2014, 12:18 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installieren Muss ich das verstehen, du hast eben die ganze Zeit was von privater Nutzung erzählt. Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte Malwarebytes Anti-Malware
2. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
13.04.2014, 12:59 | #11 |
| Kann keine Firewall installieren Ok sorry, hier von Schritt 1 das wo nur das Datum stand: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 13.04.2014 13:30:45, SYSTEM, JANIS-PC, Protection, Malware Protection, Starting, Protection, 13.04.2014 13:30:45, SYSTEM, JANIS-PC, Protection, Malware Protection, Started, Protection, 13.04.2014 13:30:45, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Starting, Protection, 13.04.2014 13:30:46, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Started, Update, 13.04.2014 13:31:04, SYSTEM, JANIS-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Update, 13.04.2014 13:31:09, SYSTEM, JANIS-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.13.2, Detection, 13.04.2014 13:31:23, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, IP, 193.138.230.151, 62377, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 13.04.2014 13:31:23, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, IP, 193.138.230.151, 62377, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 13.04.2014 13:31:24, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, IP, 193.138.230.151, 62382, Outbound, C:\Program Files (x86)\Skype\Phone\Skype.exe, Detection, 13.04.2014 13:31:24, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, IP, 193.138.230.151, 62385, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe, Detection, 13.04.2014 13:31:24, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, IP, 193.138.230.151, 62386, Outbound, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe, Protection, 13.04.2014 13:31:25, SYSTEM, JANIS-PC, Protection, Refresh, Starting, Protection, 13.04.2014 13:31:25, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Stopping, Protection, 13.04.2014 13:31:25, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Stopped, Protection, 13.04.2014 13:31:28, SYSTEM, JANIS-PC, Protection, Refresh, Success, Protection, 13.04.2014 13:31:28, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Starting, Protection, 13.04.2014 13:31:28, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Started, Protection, 13.04.2014 13:53:27, SYSTEM, JANIS-PC, Protection, Malware Protection, Starting, Protection, 13.04.2014 13:53:27, SYSTEM, JANIS-PC, Protection, Malware Protection, Started, Protection, 13.04.2014 13:53:27, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Starting, Protection, 13.04.2014 13:53:34, SYSTEM, JANIS-PC, Protection, Malicious Website Protection, Started, (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 13.04.2014 Suchlauf-Zeit: 13:49:41 Logdatei: 13.4.2014 13.58.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.04.13.02 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Janis Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 260166 Verstrichene Zeit: 13 Min, 48 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 17 PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsc2CA8.exe, In Quarantäne, [26da3bc59d634ab64707fe25dc2541bf], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nscFD7C.exe, In Quarantäne, [99674ab64cb418e871ddaa793ac7e31d], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsh34B8.exe, In Quarantäne, [9b6522de2ed2a06064eaf42f6b9619e7], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsh3813.exe, In Quarantäne, [dc2443bd2bd541bf2c22968dc63b8e72], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsr295C.exe, In Quarantäne, [966ade22c13f28d8d975b07300019070], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsr88C9.exe, In Quarantäne, [06fabc445ca4bf41cb8371b24ab78779], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsr8CC0.exe, In Quarantäne, [5ea241bf649ca9578fbf41e219e81ee2], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsrB59A.exe, In Quarantäne, [4bb5fe029f61d32ddc7267bc7d84af51], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsrB8F5.exe, In Quarantäne, [7b858c747a86619f014dfd26d62b916f], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nshB201.exe, In Quarantäne, [3fc158a815eb2cd4f9553ae9f110cc34], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsm2630.exe, In Quarantäne, [6c94bf4132cee0205ef0e24106fb4db3], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsm317C.exe, In Quarantäne, [8779f010d0301ee28dc1160d6b967789], PUP.Optional.SearchProtect.A, C:\Users\Janis\AppData\Local\Temp\nsm8FFC.exe, In Quarantäne, [de2234cca7591fe1d579ba69728fb749], PUP.Optional.InstallMonetizer.A, C:\Users\Janis\AppData\Local\Temp\nsr3DE3.tmp\InstallManager.exe, In Quarantäne, [45bb23dd45bbc23e8d940b16a9585ca4], PUP.Optional.Conduit.A, C:\Users\Janis\AppData\Local\Temp\nsr523E\SpSetup.exe, In Quarantäne, [f40c3dc388786799df5e26f2a55c54ac], PUP.Optional.Conduit.A, C:\Users\Janis\AppData\Local\Temp\nshF7C0\SpSetup.exe, In Quarantäne, [ed13be429b654db3fd40ef29728f6799], PUP.Optional.Conduit.A, C:\Users\Janis\AppData\Roaming\Mozilla\Firefox\Profiles\vfzbjb5t.default\searchplugins\conduit-search.xml, In Quarantäne, [b7492bd5ea16f30d57c63438aa58926e], Physische Sektoren: 0 (No malicious items detected) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 13/04/2014 um 14:08:59 # Aktualisiert 01/04/2014 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits) # Benutzername : Janis - JANIS-PC # Gestartet von : C:\Users\Janis\Desktop\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Janis\AppData\Local\Temp\OCS Ordner Gelöscht : C:\Users\Janis\AppData\Roaming\Oxy ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gelöscht : HKCU\Software\Conduit Schlüssel Gelöscht : HKCU\Software\Escolade Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKLM\Software\Vittalia ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Mozilla Firefox v28.0 (de) [ Datei : C:\Users\Janis\AppData\Roaming\Mozilla\Firefox\Profiles\vfzbjb5t.default\prefs.js ] -\\ Google Chrome v34.0.1847.116 [ Datei : C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2190 octets] - [13/04/2014 14:08:09] AdwCleaner[S0].txt - [1960 octets] - [13/04/2014 14:08:59] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2020 octets] ########## [/CODE] Von Schritt 3 kommt gleich, Kaspersky ist als ich es beenden wollte abgestürzt.. Kann es jetzt auch gar nicht beenden, weil es passiert nichts wenn ich Rechtsklick auf das Icon mache :/ Das hängt sich immer voll auf wenn ich Rechtsklick machen will. Wie kann ich es beenden? Geändert von Janis99 (13.04.2014 um 13:23 Uhr) |
13.04.2014, 13:15 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installierenLesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
13.04.2014, 13:24 | #13 |
| Kann keine Firewall installieren "Von Schritt 3 kommt gleich, Kaspersky ist als ich es beenden wollte abgestürzt.. Kann es jetzt auch gar nicht beenden, weil es passiert nichts wenn ich Rechtsklick auf das Icon mache :/ Das hängt sich immer voll auf wenn ich Rechtsklick machen will. Wie kann ich es beenden?" Gesehen? |
13.04.2014, 13:58 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Kann keine Firewall installieren Versuch Kaspersky mal komplett zu deinstallieren
__________________ Logfiles bitte immer in CODE-Tags posten |
13.04.2014, 14:05 | #15 |
| Kann keine Firewall installieren Hmm, habe es jetzt aber hinbekommen, direkt nach dem Starten schnell auf beenden gedrückt, allerdings ist der PC während dem Vorgang immer runtergefahren o.O (Habs 2x versucht). Es ist auch keine Datei auf dem Desktop. Edit: Zur Deinstallation hat sich der PC erst auch geweigert, aber ging dann doch. Jetzt ist nur die Standard Firewall aktiv, allerdings fährt der PC immer noch runter wenn ich das JRT-Programm ausführe! Auch wenn die Windows Firewall aus ist. Und wenn ich den Windows Defender aktivieren will, kommt der Fehlercode "0x80070422" ... Geändert von Janis99 (13.04.2014 um 14:51 Uhr) |
Themen zu Kann keine Firewall installieren |
antworten, ausgelastet, avast, bitdefender, bluescreen, defender, direkt, firewall, infiziert, installation, installiert, internet, kaspersky, malware, nicht mehr, nichts, problem, schonmal, security, start, tan, total, trojaner, virus, worte, ähnliches |