Trojaner (Pup.Optional..mysearch...)

Naddel26 · 20.04.2014, 20:20

FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2014 01
Ran by Test (administrator) on PC on 20-04-2014 19:11:57
Running from C:\Users\Test\Downloads
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\Test\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [450667 2009-06-11] (IDT, Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3945375422-780577279-3404301150-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
Startup: C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Test\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDC520D541F33CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtCtCyBzy0BtByE0DyB0C0D0EtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzzyC0CyC0E0FyDtGtD0EtDtCtG0DzyzyzytG0AtAyCyDtGtDyC0CyCtDzy0A0B0DtDyC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByDzzyByB0F0CtCtGyByBtAtAtGyEyB0EyEtG0ByEzytAtGyE0EyE0Dzy0EtByBzzyE0Azy2Q&cr=1439334374&ir=
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtCtCyBzy0BtByE0DyB0C0D0EtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzzyC0CyC0E0FyDtGtD0EtDtCtG0DzyzyzytG0AtAyCyDtGtDyC0CyCtDzy0A0B0DtDyC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByDzzyByB0F0CtCtGyByBtAtAtGyEyB0EyEtG0ByEzytAtGyE0EyE0Dzy0EtByBzzyE0Azy2Q&cr=1439334374&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtCtCyBzy0BtByE0DyB0C0D0EtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzzyC0CyC0E0FyDtGtD0EtDtCtG0DzyzyzytG0AtAyCyDtGtDyC0CyCtDzy0A0B0DtDyC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByDzzyByB0F0CtCtGyByBtAtAtGyEyB0EyEtG0ByEzytAtGyE0EyE0Dzy0EtByBzzyE0Azy2Q&cr=1439334374&ir=
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtCtCyBzy0BtByE0DyB0C0D0EtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzzyC0CyC0E0FyDtGtD0EtDtCtG0DzyzyzytG0AtAyCyDtGtDyC0CyCtDzy0A0B0DtDyC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByDzzyByB0F0CtCtGyByBtAtAtGyEyB0EyEtG0ByEzytAtGyE0EyE0Dzy0EtByBzzyE0Azy2Q&cr=1439334374&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_14_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtCtCyBzy0BtByE0DyB0C0D0EtN0D0Tzu0SzztBtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzzyC0CyC0E0FyDtGtD0EtDtCtG0DzyzyzytG0AtAyCyDtGtDyC0CyCtDzy0A0B0DtDyC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByDzzyByB0F0CtCtGyByBtAtAtGyEyB0EyEtG0ByEzytAtGyE0EyE0Dzy0EtByBzzyE0Azy2Q&cr=1439334374&ir=
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Test\AppData\Roaming\Mozilla\Firefox\Profiles\j36uwzkl.default
FF user.js: detected! => C:\Users\Test\AppData\Roaming\Mozilla\Firefox\Profiles\j36uwzkl.default\user.js
FF DefaultSearchEngine: Mysearchdial
FF SearchEngineOrder.1: Mysearchdial
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Test\AppData\Roaming\Mozilla\Firefox\Profiles\j36uwzkl.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Test\AppData\Roaming\Mozilla\Firefox\Profiles\j36uwzkl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-16]

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2013-04-30] (Advanced Micro Devices, Inc.)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [910416 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 STacSV; c:\program files\idt\v114_ecs_d_6207.2v7_6099.8xp_g2.0v_rc_sdc\wdm\STacSV.exe [217185 2009-06-11] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11832 2010-03-30] (Advanced Micro Devices Inc.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [65664 2011-03-04] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [32896 2011-03-04] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69240 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 iaStorA; C:\Windows\system32\drivers\iaStorA.sys [489968 2013-07-02] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24048 2013-07-02] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [583664 2013-07-02] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-20] (Malwarebytes Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-02-25] (Avira GmbH)
R1 wStLibG; C:\Windows\System32\drivers\wStLibG.sys [52928 2014-03-31] (StdLib)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 19:11 - 2014-04-20 19:12 - 00012140 _____ () C:\Users\Test\Downloads\FRST.txt
2014-04-20 19:11 - 2014-04-20 19:11 - 01043968 _____ (Farbar) C:\Users\Test\Downloads\FRST.exe
2014-04-20 19:11 - 2014-04-20 19:11 - 00000000 ____D () C:\FRST
2014-04-20 19:08 - 2014-04-20 19:09 - 02056192 _____ (Farbar) C:\Users\Test\Downloads\FRST64.exe
2014-04-20 18:40 - 2014-04-20 18:40 - 00022058 _____ () C:\Users\Test\Desktop\MalwareText.txt
2014-04-16 20:27 - 2014-04-16 20:27 - 02209056 _____ () C:\Users\Test\Downloads\avira-eu-cleaner_de.exe
2014-04-16 20:14 - 2014-04-20 16:16 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-16 20:14 - 2014-04-16 20:14 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-16 20:14 - 2014-04-16 20:14 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-16 20:14 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-16 20:14 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-16 20:14 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-16 20:11 - 2014-04-20 15:09 - 00000392 _____ () C:\Windows\setupact.log
2014-04-16 20:11 - 2014-04-16 20:11 - 00000824 _____ () C:\Windows\PFRO.log
2014-04-16 20:11 - 2014-04-16 20:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-16 20:07 - 2014-04-16 20:07 - 00613200 _____ (Chip Digital GmbH) C:\Users\Test\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-16 19:04 - 2014-04-16 19:04 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-16 19:04 - 2014-04-16 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-16 19:03 - 2014-04-16 19:03 - 04787368 _____ (Piriform Ltd) C:\Users\Test\Downloads\ccsetup412.exe
2014-04-16 19:02 - 2014-04-16 19:02 - 00613200 _____ (Chip Digital GmbH) C:\Users\Test\Downloads\CCleaner - CHIP-Downloader.exe
2014-04-16 19:00 - 2014-04-16 19:00 - 00000000 ____D () C:\Users\Test\AppData\Roaming\TeamViewer
2014-04-16 18:59 - 2014-04-16 18:59 - 06120184 _____ (TeamViewer GmbH) C:\Users\Test\Downloads\TeamViewer_Setup_de.exe
2014-04-15 21:59 - 2014-04-15 22:00 - 148418360 _____ () C:\Users\Test\Downloads\avira_internet_security_suite_de(1).exe
2014-04-15 21:51 - 2014-04-15 21:51 - 04464256 _____ (Avira Operations GmbH & Co. KG) C:\Users\Test\Downloads\avira_de_av___ws.exe
2014-04-14 23:11 - 2014-04-20 18:41 - 00000000 ___RD () C:\Users\Test\Dropbox
2014-04-14 23:11 - 2014-04-14 23:11 - 00001032 _____ () C:\Users\Test\Desktop\Dropbox.lnk
2014-04-14 23:11 - 2014-04-14 23:11 - 00000000 ____D () C:\Users\Test\AppData\Roaming\DropboxMaster
2014-04-14 23:10 - 2014-04-20 18:41 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Dropbox
2014-04-14 23:10 - 2014-04-14 23:10 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-14 23:09 - 2014-04-14 23:09 - 00316288 _____ (Dropbox, Inc.) C:\Users\Test\Downloads\DropboxInstaller.exe
2014-04-08 22:24 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 22:24 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 22:24 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-31 19:02 - 2014-03-31 19:02 - 00052928 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys
2014-03-31 18:13 - 2014-04-02 21:33 - 00009615 _____ () C:\Users\Test\Desktop\Tattoo Anja.odt
2014-03-31 18:10 - 2014-03-31 18:10 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-31 18:09 - 2014-03-31 18:09 - 00000000 ____D () C:\Users\Test\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-03-31 18:07 - 2014-03-31 18:07 - 00613200 _____ (Chip Digital GmbH) C:\Users\Test\Downloads\OpenOffice - CHIP-Downloader.exe
2014-03-31 17:37 - 2014-03-31 17:37 - 00000000 ____D () C:\Users\Test\AppData\Roaming\OpenOffice
2014-03-31 17:30 - 2014-03-31 18:10 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-03-31 17:29 - 2014-04-05 19:29 - 00000087 _____ () C:\Users\Test\AppData\Roaming\WB.CFG
2014-03-31 17:28 - 2014-03-31 17:29 - 00000000 ____D () C:\Users\Test\AppData\Roaming\mysearchdial
2014-03-31 16:57 - 2014-03-31 16:57 - 00089048 ____H () C:\Windows\system32\mlfcache.dat
2014-03-29 18:02 - 2014-03-29 18:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-25 14:10 - 2014-03-25 14:11 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-03-25 14:08 - 2014-03-25 14:17 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Systweak
2014-03-25 14:08 - 2014-03-25 14:17 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-03-25 14:07 - 2014-03-25 14:07 - 05333320 _____ (Systweak Inc ) C:\Users\Test\Downloads\rcpsetup_mfc100.exe

==================== One Month Modified Files and Folders =======

2014-04-20 19:12 - 2014-04-20 19:11 - 00012140 _____ () C:\Users\Test\Downloads\FRST.txt
2014-04-20 19:11 - 2014-04-20 19:11 - 01043968 _____ (Farbar) C:\Users\Test\Downloads\FRST.exe
2014-04-20 19:11 - 2014-04-20 19:11 - 00000000 ____D () C:\FRST
2014-04-20 19:09 - 2014-04-20 19:08 - 02056192 _____ (Farbar) C:\Users\Test\Downloads\FRST64.exe
2014-04-20 18:48 - 2014-03-16 19:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 18:42 - 2014-02-26 20:20 - 01463454 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 18:41 - 2014-04-14 23:11 - 00000000 ___RD () C:\Users\Test\Dropbox
2014-04-20 18:41 - 2014-04-14 23:10 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Dropbox
2014-04-20 18:40 - 2014-04-20 18:40 - 00022058 _____ () C:\Users\Test\Desktop\MalwareText.txt
2014-04-20 16:16 - 2014-04-16 20:14 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 16:15 - 2010-11-20 23:01 - 01628312 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 15:17 - 2009-07-14 06:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 15:17 - 2009-07-14 06:34 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 15:09 - 2014-04-16 20:11 - 00000392 _____ () C:\Windows\setupact.log
2014-04-20 15:09 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-16 20:27 - 2014-04-16 20:27 - 02209056 _____ () C:\Users\Test\Downloads\avira-eu-cleaner_de.exe
2014-04-16 20:14 - 2014-04-16 20:14 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-16 20:14 - 2014-04-16 20:14 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-16 20:14 - 2014-03-16 18:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-16 20:11 - 2014-04-16 20:11 - 00000824 _____ () C:\Windows\PFRO.log
2014-04-16 20:11 - 2014-04-16 20:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-16 20:07 - 2014-04-16 20:07 - 00613200 _____ (Chip Digital GmbH) C:\Users\Test\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
2014-04-16 19:10 - 2014-02-26 19:33 - 00000000 ____D () C:\Windows\Panther
2014-04-16 19:04 - 2014-04-16 19:04 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-04-16 19:04 - 2014-04-16 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-16 19:03 - 2014-04-16 19:03 - 04787368 _____ (Piriform Ltd) C:\Users\Test\Downloads\ccsetup412.exe
2014-04-16 19:02 - 2014-04-16 19:02 - 00613200 _____ (Chip Digital GmbH) C:\Users\Test\Downloads\CCleaner - CHIP-Downloader.exe
2014-04-16 19:00 - 2014-04-16 19:00 - 00000000 ____D () C:\Users\Test\AppData\Roaming\TeamViewer
2014-04-16 18:59 - 2014-04-16 18:59 - 06120184 _____ (TeamViewer GmbH) C:\Users\Test\Downloads\TeamViewer_Setup_de.exe
2014-04-15 22:02 - 2014-03-16 18:35 - 00002012 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-15 22:00 - 2014-04-15 21:59 - 148418360 _____ () C:\Users\Test\Downloads\avira_internet_security_suite_de(1).exe
2014-04-15 21:53 - 2014-03-16 18:35 - 00000000 ____D () C:\ProgramData\Avira
2014-04-15 21:53 - 2014-03-16 18:35 - 00000000 ____D () C:\Program Files\Avira
2014-04-15 21:51 - 2014-04-15 21:51 - 04464256 _____ (Avira Operations GmbH & Co. KG) C:\Users\Test\Downloads\avira_de_av___ws.exe
2014-04-14 23:11 - 2014-04-14 23:11 - 00001032 _____ () C:\Users\Test\Desktop\Dropbox.lnk
2014-04-14 23:11 - 2014-04-14 23:11 - 00000000 ____D () C:\Users\Test\AppData\Roaming\DropboxMaster
2014-04-14 23:11 - 2014-02-26 20:18 - 00000000 ____D () C:\Users\Test
2014-04-14 23:10 - 2014-04-14 23:10 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-14 23:09 - 2014-04-14 23:09 - 00316288 _____ (Dropbox, Inc.) C:\Users\Test\Downloads\DropboxInstaller.exe
2014-04-08 22:41 - 2014-02-26 21:04 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 22:41 - 2014-02-26 21:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-05 19:29 - 2014-03-31 17:29 - 00000087 _____ () C:\Users\Test\AppData\Roaming\WB.CFG
2014-04-03 09:51 - 2014-04-16 20:14 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-16 20:14 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-16 20:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 21:33 - 2014-03-31 18:13 - 00009615 _____ () C:\Users\Test\Desktop\Tattoo Anja.odt
2014-04-02 21:20 - 2009-07-14 06:33 - 00295816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-31 19:02 - 2014-03-31 19:02 - 00052928 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG.sys
2014-03-31 18:13 - 2014-02-26 20:19 - 00064024 _____ () C:\Users\Test\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-31 18:10 - 2014-03-31 18:10 - 00001074 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-03-31 18:10 - 2014-03-31 17:30 - 00000000 ____D () C:\Program Files\OpenOffice 4
2014-03-31 18:09 - 2014-03-31 18:09 - 00000000 ____D () C:\Users\Test\Downloads\OpenOffice 4.0.1 (de) Installation Files
2014-03-31 18:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-31 18:07 - 2014-03-31 18:07 - 00613200 _____ (Chip Digital GmbH) C:\Users\Test\Downloads\OpenOffice - CHIP-Downloader.exe
2014-03-31 17:37 - 2014-03-31 17:37 - 00000000 ____D () C:\Users\Test\AppData\Roaming\OpenOffice
2014-03-31 17:29 - 2014-03-31 17:28 - 00000000 ____D () C:\Users\Test\AppData\Roaming\mysearchdial
2014-03-31 16:57 - 2014-03-31 16:57 - 00089048 ____H () C:\Windows\system32\mlfcache.dat
2014-03-31 16:50 - 2014-03-16 18:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-31 02:13 - 2014-04-08 22:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 01:57 - 2014-04-08 22:24 - 17073152 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-29 18:02 - 2014-03-29 18:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-25 14:17 - 2014-03-25 14:08 - 00000000 ____D () C:\Users\Test\AppData\Roaming\Systweak
2014-03-25 14:17 - 2014-03-25 14:08 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-03-25 14:11 - 2014-03-25 14:10 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-03-25 14:07 - 2014-03-25 14:07 - 05333320 _____ (Systweak Inc ) C:\Users\Test\Downloads\rcpsetup_mfc100.exe

Some content of TEMP:
====================
C:\Users\Test\AppData\Local\Temp\avgnt.exe
C:\Users\Test\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqnvb8l.dll
C:\Users\Test\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqyzfjy.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 19:07

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-04-2014 01
Ran by Test at 2014-04-20 19:12:27
Running from C:\Users\Test\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Internet Security Suite (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.27 - Dropbox, Inc.)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6099.6 - IDT)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
WinRAR 5.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points  =========================

19-03-2014 12:14:49 Installed iTunes
19-03-2014 12:41:34 Installed iCloud
25-03-2014 12:07:41 Windows Update
25-03-2014 12:10:07 Regclean Pro - Before Optimize
25-03-2014 12:22:35 Windows-Sicherung
29-03-2014 15:12:17 Windows Update
30-03-2014 17:00:08 Windows-Sicherung
31-03-2014 15:29:27 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
31-03-2014 15:29:53 Installed OpenOffice 4.0.1
31-03-2014 15:44:14 Removed OpenOffice 4.0.1
31-03-2014 16:09:55 OpenOffice 4.0.1 wird installiert
05-04-2014 16:42:16 Windows Update
06-04-2014 19:40:01 Windows-Sicherung
08-04-2014 20:23:42 Windows Update
08-04-2014 20:40:45 Windows Update
14-04-2014 18:48:38 Windows-Sicherung
15-04-2014 19:38:22 Windows Update
16-04-2014 19:14:53 Windows Update
20-04-2014 17:00:13 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0FCBBAF4-56CA-4AFC-8B8C-03511A67EC32} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-16] (Adobe Systems Incorporated)
Task: {83A2CA78-51C9-4DDB-9794-BDAF685C4BDB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {F82AD610-9D6B-4959-A0DD-0282DD69BD37} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-03-16 18:35 - 2014-02-25 12:47 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2014-04-20 15:10 - 2014-04-20 15:10 - 00041984 _____ () c:\users\test\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqyzfjy.dll
2014-04-14 23:10 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Test\AppData\Roaming\Dropbox\bin\libcef.dll
2013-04-30 00:24 - 2013-04-30 00:24 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 16:49 - 2013-06-18 16:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-30 00:08 - 2013-04-30 00:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-03-29 18:02 - 2014-03-29 18:02 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2014 03:11:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:39:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2014 02:10:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 09:08:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 10:14:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 08:13:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)


System errors:
=============
Error: (04/20/2014 04:15:07 PM) (Source: DCOM) (User: )
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}

Error: (04/19/2014 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosesystemhost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1115

Error: (04/19/2014 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Enumeratordienst für tragbare Geräte" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1115

Error: (04/19/2014 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Zugriff auf Eingabegeräte" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1115

Error: (04/19/2014 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "iPod-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (04/19/2014 11:36:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147467243.

Error: (04/16/2014 08:12:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2014 08:12:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (04/16/2014 06:54:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update Mega Browse" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/16/2014 06:53:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Util Mega Browse" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/20/2014 03:11:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2014 06:39:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2014 02:10:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 09:08:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/17/2014 10:14:57 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 08:13:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/16/2014 08:12:48 PM) (Source: Windows Search Service)(User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 3326.3 MB
Available physical RAM: 1988.75 MB
Total Pagefile: 6650.9 MB
Available Pagefile: 5089.67 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:195.21 GB) (Free:160.14 GB) NTFS
Drive d: () (Fixed) (Total:736.2 GB) (Free:692.07 GB) NTFS
Drive f: (FESTPLATTE) (Fixed) (Total:931.28 GB) (Free:804.65 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E0B2AC33)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=736 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: EE018FA4)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0C)

==================== End Of Log ============================

Trojaner (Pup.Optional..mysearch...)

Plagegeister aller Art und deren Bekämpfung: Trojaner (Pup.Optional..mysearch...)

Trojaner (Pup.Optional..mysearch...)

Ähnliche Themen: Trojaner (Pup.Optional..mysearch...)