|
Plagegeister aller Art und deren Bekämpfung: Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
27.04.2014, 23:43 | #1 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Hallo liebes Trojaner-Board ! Seit ein paar Tagen hab ich einige Probleme beim surfen im Internet mit Chrome. Erst hatte ich ständig Pop-Ups von "rvzr-a.akamaihd.net" und anderen Seiten. Durch ein bisschen googlen und ADW Cleaner sind die aber weg. Außerdem hatte ich ein Programm installiert ( und eine Erweiterung in Chrome ) dass irgendwas mit "Plus HD 1.19" hieß. ( Tut mir leid dass ich vergessen hab wie der genaue Name war. ) Durch das deinstallieren und ADW Cleaner konnten wenigstens schonmal beheben dass keine Pop-Ups mehr oder neue Tabs sich öffnen. Die Erweiterung hab ich jetzt schon 3 mal gelöscht, sie kommt immer wieder. ( Reiner Verzweifelungs Akt. Es ist natürlich dumm einfach auf löschen zu gehen und zu Beten es geht wirklich weg. ) Im Moment habe ich allerdings noch das Problem dass auf manchen Seiten solche falschen "Trust Ratings" mit irgendwelchen Prozentzahlen angegeben werden wenn ich eine Seite besuche. Oder dass sich, wenn ich eine Textstelle markiere, etwas öffnen wo ich Wiki oder Google anklicken kann und es dort nach dem Markierten sucht. Klingt ja irgendwie praktisch, aber das hatte ich vorher nie und ich will das auch gar nicht. Wenn ich drauf gehe steht da irgendwas von "Raving Reyven" ? Also ganz sauber scheint mein PC ja nicht zu sein. Von daher hoffe ich könnt ihr mir vielleicht helfen. Ich muss auch zugeben dass ich vor lauter Logs und Programmen nicht ganz durchblicke. In den 8 Goldenen Regeln steht ich soll auch ältere Log Files posten. Ich hatte ja beschrieben ich hab schon einmal so eine Reinigung ( keine Ahnung wie das Professionell heißt ) mit ADW Scanner gemacht. Da hab ich die Log Files aber nicht mehr. Und unter "Logs mit Funds posten" steht nicht wo ich die alten finde unter ADW. Und wie genau soll ich jetzt vorgehen. Ich versteh auch nicht ganz ob ich jetzt diese Schritte unter "Informationen zusammenstellen" mit dem Defogger und was weiß ich direkt posten soll. Ich bin mir ja nichtmal sicher ob das ein Virus ist.. ( vor allem steht da Defogger ist ein Programm für Laufwerksemulationen abzuschalten ?! Was hat das mit mir zu tuen ? Hä ? ) Ich hoffe jemand kann mich helfen und sagen was genau ich jetzt machen muss. Tut mir leid, dass ich so viele Fragen habe. Ich hatte eigentlich noch nie einen richtigen Virus und hoffe eigentlich dass ich nur was falsches Installiert habe und das direkt wieder weg ist. Liebe Grüße und noch einen schönen Abend. Sprinkles Ps : Ist es überhaupt sicher bei Angst vor einem Virus noch Paypal oder Online Banking zu nutzen ? Oder sollte ich das lieber lassen ? Das sagt ADW Cleaner jetzt noch : Code:
ATTFilter # AdwCleaner v3.203 - Bericht erstellt am 28/04/2014 um 00:30:46 # Aktualisiert 26/04/2014 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits) # Benutzername : Admin - ADMIN-PC # Gestartet von : C:\Users\Admin\Downloads\adwcleaner.exe # Option : Suchen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Google Chrome v34.0.1847.116 [ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [5969 octets] - [26/04/2014 22:27:21] AdwCleaner[R1].txt - [6733 octets] - [26/04/2014 23:54:30] AdwCleaner[R2].txt - [3257 octets] - [27/04/2014 21:24:39] AdwCleaner[R3].txt - [1485 octets] - [28/04/2014 00:30:46] AdwCleaner[S0].txt - [315 octets] - [26/04/2014 22:48:56] AdwCleaner[S1].txt - [6440 octets] - [27/04/2014 00:46:42] AdwCleaner[S2].txt - [3144 octets] - [27/04/2014 21:33:10] ########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1724 octets] ########## Geändert von Sprinkles (27.04.2014 um 23:54 Uhr) |
28.04.2014, 07:01 | #2 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
29.04.2014, 18:57 | #3 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Tut mirl ied, dass ich gestern nicht direkt antworten konnte !
__________________Ich schätzte deine / eure Hilfe hier wirklich sehr ! Hier der FRST Text : FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014 Ran by Admin (administrator) on ADMIN-PC on 29-04-2014 19:44:01 Running from C:\Users\Admin\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () C:\Program Files (x86)\Drakonia Black\hid.exe (Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe () C:\Program Files (x86)\Drakonia Black\trayicon.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Windows\system32\tapi364.exe () C:\Program Files (x86)\raving reyven\updateravingreyven.exe () C:\Program Files (x86)\raving reyven\bin\utilravingreyven.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe () C:\Program Files (x86)\raving reyven\bin\ravingreyven.PurBrowse64.exe () C:\Program Files (x86)\raving reyven\bin\ravingreyven.BrowserAdapter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe (Mozilla Corporation) C:\Users\Admin\AppData\Local\Temp\7zS35A.tmp\setup-stub.exe (Mozilla Corporation) C:\Users\Admin\AppData\Local\Temp\7zS35A.tmp\setup-stub.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor) HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Black\hid.exe [247296 2013-06-26] () HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1805824 2013-10-16] (Game Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20586656 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.) IFEO\bpsvc.exe: [Debugger] tasklist.exe IFEO\browsersafeguard.exe: [Debugger] tasklist.exe IFEO\dprotectsvc.exe: [Debugger] tasklist.exe IFEO\jumpflip: [Debugger] tasklist.exe IFEO\protectedsearch.exe: [Debugger] tasklist.exe IFEO\searchinstaller.exe: [Debugger] tasklist.exe IFEO\searchprotection.exe: [Debugger] tasklist.exe IFEO\searchprotector.exe: [Debugger] tasklist.exe IFEO\searchsettings.exe: [Debugger] tasklist.exe IFEO\searchsettings64.exe: [Debugger] tasklist.exe IFEO\snapdo.exe: [Debugger] tasklist.exe IFEO\stinst32.exe: [Debugger] tasklist.exe IFEO\stinst64.exe: [Debugger] tasklist.exe IFEO\umbrella.exe: [Debugger] tasklist.exe IFEO\utiljumpflip.exe: [Debugger] tasklist.exe IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe IFEO\websteroids.exe: [Debugger] tasklist.exe IFEO\websteroidsservice.exe: [Debugger] tasklist.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere BHO-x32: raving reyven - {0f866026-a8bb-42a7-987f-2f92715a8147} - C:\Program Files (x86)\raving reyven\ravingreyvenbho.dll (raving reyven) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF HKLM-x32\...\Firefox\Extensions: [{0B0D932A-1166-4556-9E3C-99BF3D5A450D}] - C:\Windows\Installer\{0B836E91-60D5-4BE0-97F6-E12DC03B5CCB}\{0B0D932A-1166-4556-9E3C-99BF3D5A450D}.xpi FF Extension: Download Protect - C:\Windows\Installer\{0B836E91-60D5-4BE0-97F6-E12DC03B5CCB}\{0B0D932A-1166-4556-9E3C-99BF3D5A450D}.xpi [2014-04-27] Chrome: ======= CHR HomePage: CHR StartupUrls: "chrome://newtab/" CHR Extension: (ProxTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-11-29] CHR Extension: (reddit companion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe [2013-11-22] CHR Extension: (Missing e) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid [2013-11-22] CHR Extension: (Download Protect) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkfegnnpelgenldnapeiogpfaknfdhee [2014-04-27] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-22] CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-29] CHR Extension: (Look of Disapproval) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmomlddchhdnchpieaalgkpgaafohlbn [2013-11-22] CHR Extension: (Poupee Helper) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllcfmkookkmkcedcnbdhcpmmeflmilc [2013-11-22] CHR Extension: (cats) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmekamlpkbcegncocdmhnoogddkeekgn [2013-11-29] CHR Extension: (We Heart It) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblenkmcolcdonmlfknbpbgjebabcoae [2014-04-28] CHR Extension: (rikaikun) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2013-11-22] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2013-11-22] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-22] CHR Extension: (Hover Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-11-28] CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-22] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) R2 TCPSVCSd; C:\Windows\system32\tapi364.exe [118784 2014-04-24] () R2 Update raving reyven; C:\Program Files (x86)\raving reyven\updateravingreyven.exe [351016 2014-04-26] () R2 Util raving reyven; C:\Program Files (x86)\raving reyven\bin\utilravingreyven.exe [351016 2014-04-26] () R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] () ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [31232 2013-10-15] ( ) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation) R1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64; C:\Windows\System32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [61120 2014-04-24] (StdLib) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-29 19:44 - 2014-04-29 19:44 - 00014724 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-04-29 19:43 - 2014-04-29 19:44 - 00000000 ____D () C:\FRST 2014-04-29 19:41 - 2014-04-29 19:42 - 02061824 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-04-29 19:40 - 2014-04-29 19:40 - 00283376 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe 2014-04-28 00:31 - 2014-04-28 00:31 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe 2014-04-28 00:01 - 2014-04-28 00:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 21:38 - 2014-04-29 19:26 - 00000224 _____ () C:\Windows\setupact.log 2014-04-27 21:38 - 2014-04-27 21:38 - 00000574 _____ () C:\Windows\PFRO.log 2014-04-27 21:38 - 2014-04-27 21:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-27 21:23 - 2014-04-27 21:23 - 00006530 _____ () C:\Users\Admin\Documents\cc_20140427_212321.reg 2014-04-27 03:19 - 2014-04-27 17:45 - 00000728 __RSH () C:\ProgramData\ntuser.pol 2014-04-26 22:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-04-26 22:27 - 2014-04-28 00:34 - 00000000 ____D () C:\AdwCleaner 2014-04-26 22:25 - 2014-04-26 22:26 - 01330861 _____ () C:\Users\Admin\Downloads\adwcleaner.exe 2014-04-26 03:17 - 2014-04-26 03:17 - 00001320 _____ () C:\Windows\wininit.ini 2014-04-26 02:33 - 2014-04-26 23:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-26 02:33 - 2014-04-26 02:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2014-04-26 02:33 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-04-26 02:30 - 2014-04-27 21:24 - 00009728 ___SH () C:\Users\Admin\Documents\Thumbs.db 2014-04-26 02:12 - 2014-04-26 02:23 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Documents\spybot-2.2.25.exe 2014-04-26 02:11 - 2014-04-26 02:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-26 02:11 - 2014-04-26 02:11 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-26 02:11 - 2014-04-26 02:11 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-26 02:04 - 2014-04-26 02:08 - 04745984 _____ (Piriform Ltd) C:\Users\Admin\Documents\ccsetup413.exe 2014-04-25 03:44 - 2014-04-25 06:15 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-25 02:28 - 2014-04-24 12:33 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys 2014-04-24 01:22 - 2014-04-24 01:22 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-24 01:20 - 2014-04-24 02:24 - 00000000 ____D () C:\Program Files (x86)\raving reyven 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-24 00:51 - 2014-04-24 01:19 - 00000000 ____D () C:\Users\Admin\AppData\Local\wwerwerwe 2014-04-24 00:23 - 2014-04-24 00:51 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-04-24 00:15 - 2014-04-26 02:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-04-24 00:14 - 2014-04-24 00:15 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-23 23:48 - 2014-04-23 23:48 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 23:48 - 2014-04-23 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-23 23:48 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-23 23:48 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-23 23:48 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-23 23:48 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-23 23:48 - 2005-02-24 16:04 - 00002581 _____ () C:\Program Files (x86)\system.pak 2014-04-23 23:48 - 2005-02-24 15:20 - 00939028 _____ () C:\Program Files (x86)\script.pak 2014-04-23 23:48 - 2005-02-24 15:20 - 00034088 _____ () C:\Program Files (x86)\0cg.pak 2014-04-23 23:43 - 2014-04-23 23:43 - 00000851 _____ () C:\Users\Admin\Desktop\µTorrent.lnk 2014-04-23 18:03 - 2014-04-23 20:24 - 626729440 ____R () C:\Users\Admin\Downloads\Togainu No Chi.rar 2014-04-09 23:12 - 2014-04-09 23:12 - 00003497 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2014-04-09 17:10 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-09 17:10 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-09 17:10 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-09 17:10 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 17:08 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 17:08 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 17:08 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 17:08 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 17:08 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 17:08 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 17:08 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 17:08 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 17:08 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 17:08 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 17:08 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 17:08 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-05 22:24 - 2014-04-23 23:43 - 00000831 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-04-05 22:14 - 2014-04-27 21:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2014-04-05 22:12 - 2014-04-05 22:12 - 01671248 _____ (BitTorrent Inc.) C:\Users\Admin\Documents\uTorrent.exe ==================== One Month Modified Files and Folders ======= 2014-04-29 19:44 - 2014-04-29 19:44 - 00014724 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-04-29 19:44 - 2014-04-29 19:43 - 00000000 ____D () C:\FRST 2014-04-29 19:42 - 2014-04-29 19:41 - 02061824 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-04-29 19:42 - 2013-11-22 21:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype 2014-04-29 19:40 - 2014-04-29 19:40 - 00283376 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe 2014-04-29 19:34 - 2009-07-14 06:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-29 19:34 - 2009-07-14 06:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-29 19:30 - 2013-10-16 18:24 - 01358210 _____ () C:\Windows\WindowsUpdate.log 2014-04-29 19:28 - 2013-11-22 18:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-29 19:27 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2014-04-29 19:26 - 2014-04-27 21:38 - 00000224 _____ () C:\Windows\setupact.log 2014-04-29 19:26 - 2013-11-22 18:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-29 19:26 - 2013-11-22 18:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-29 19:26 - 2013-10-16 18:38 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-04-29 19:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-28 23:42 - 2013-10-17 04:19 - 00699860 _____ () C:\Windows\system32\perfh007.dat 2014-04-28 23:42 - 2013-10-17 04:19 - 00149742 _____ () C:\Windows\system32\perfc007.dat 2014-04-28 23:42 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-28 04:12 - 2013-11-22 22:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc 2014-04-28 04:07 - 2013-12-05 22:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-28 00:34 - 2014-04-26 22:27 - 00000000 ____D () C:\AdwCleaner 2014-04-28 00:31 - 2014-04-28 00:31 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe 2014-04-28 00:04 - 2014-04-28 00:01 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 21:38 - 2014-04-27 21:38 - 00000574 _____ () C:\Windows\PFRO.log 2014-04-27 21:38 - 2014-04-27 21:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-27 21:32 - 2014-04-05 22:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2014-04-27 21:24 - 2014-04-26 02:30 - 00009728 ___SH () C:\Users\Admin\Documents\Thumbs.db 2014-04-27 21:23 - 2014-04-27 21:23 - 00006530 _____ () C:\Users\Admin\Documents\cc_20140427_212321.reg 2014-04-27 21:22 - 2014-02-20 20:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps 2014-04-27 21:20 - 2013-11-22 21:57 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify 2014-04-27 21:20 - 2013-11-22 19:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify 2014-04-27 18:18 - 2013-11-23 01:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\PMB Files 2014-04-27 17:45 - 2014-04-27 03:19 - 00000728 __RSH () C:\ProgramData\ntuser.pol 2014-04-27 04:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-27 03:19 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-04-26 23:52 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-26 22:26 - 2014-04-26 22:25 - 01330861 _____ () C:\Users\Admin\Downloads\adwcleaner.exe 2014-04-26 03:17 - 2014-04-26 03:17 - 00001320 _____ () C:\Windows\wininit.ini 2014-04-26 02:40 - 2014-04-26 02:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2014-04-26 02:33 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-26 02:30 - 2014-02-23 17:16 - 00000000 ____D () C:\Users\Admin\Documents\MEMENTO2 2014-04-26 02:30 - 2013-11-24 18:07 - 00000000 ____D () C:\Users\Admin\Documents\[SCHULE] 2014-04-26 02:30 - 2013-11-24 18:04 - 00000000 ____D () C:\Users\Admin\Documents\[BOOKS] 2014-04-26 02:24 - 2014-04-24 00:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-04-26 02:24 - 2013-10-17 04:21 - 00000000 ____D () C:\Windows\Panther 2014-04-26 02:23 - 2014-04-26 02:12 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Documents\spybot-2.2.25.exe 2014-04-26 02:11 - 2014-04-26 02:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-26 02:11 - 2014-04-26 02:11 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-26 02:11 - 2014-04-26 02:11 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-26 02:08 - 2014-04-26 02:04 - 04745984 _____ (Piriform Ltd) C:\Users\Admin\Documents\ccsetup413.exe 2014-04-25 06:15 - 2014-04-25 03:44 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-24 18:48 - 2013-11-23 18:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Songr 2014-04-24 12:33 - 2014-04-25 02:28 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys 2014-04-24 02:24 - 2014-04-24 01:20 - 00000000 ____D () C:\Program Files (x86)\raving reyven 2014-04-24 01:22 - 2014-04-24 01:22 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-24 01:19 - 2014-04-24 00:51 - 00000000 ____D () C:\Users\Admin\AppData\Local\wwerwerwe 2014-04-24 00:51 - 2014-04-24 00:23 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-04-24 00:51 - 2013-11-24 18:05 - 00000000 ____D () C:\Users\Admin\Documents\[GAMES] 2014-04-24 00:15 - 2014-04-24 00:14 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-24 00:14 - 2013-11-23 18:39 - 00001076 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Songr.lnk 2014-04-23 23:49 - 2014-02-17 00:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-23 23:48 - 2014-04-23 23:48 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 23:48 - 2014-04-23 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-23 23:48 - 2014-02-17 00:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-23 23:43 - 2014-04-23 23:43 - 00000851 _____ () C:\Users\Admin\Desktop\µTorrent.lnk 2014-04-23 23:43 - 2014-04-05 22:24 - 00000831 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-04-23 20:24 - 2014-04-23 18:03 - 626729440 ____R () C:\Users\Admin\Downloads\Togainu No Chi.rar 2014-04-22 18:46 - 2013-11-23 01:11 - 00000000 ____D () C:\ProgramData\PMB Files 2014-04-14 20:13 - 2014-04-23 23:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 20:05 - 2014-04-23 23:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 20:05 - 2014-04-23 23:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 20:04 - 2014-04-23 23:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-12 18:34 - 2013-11-22 18:52 - 00002175 ____H () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-09 23:18 - 2013-11-23 17:33 - 00000000 ____D () C:\Users\Admin\.gimp-2.8 2014-04-09 23:12 - 2014-04-09 23:12 - 00003497 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2014-04-09 19:58 - 2013-11-23 17:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mp3tag 2014-04-09 18:37 - 2013-11-25 22:52 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 18:36 - 2013-11-25 22:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 18:22 - 2013-11-23 17:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0 2014-04-07 20:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-04-05 22:12 - 2014-04-05 22:12 - 01671248 _____ (BitTorrent Inc.) C:\Users\Admin\Documents\uTorrent.exe 2014-04-01 18:07 - 2014-02-23 17:16 - 00004096 _____ () C:\Users\Public\Documents\000016E6.LCS 2014-03-31 09:35 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-03-31 03:16 - 2014-04-09 17:10 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-31 03:13 - 2014-04-09 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-31 02:13 - 2014-04-09 17:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-31 01:57 - 2014-04-09 17:10 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-19 00:03 ==================== End Of Log ============================ Und die Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014 Ran by Admin at 2014-04-29 19:44:48 Running from C:\Users\Admin\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.) A New Beginning - Final Cut (HKLM-x32\...\Steam App 105000) (Version: - Daedalic Entertainment) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games) Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version: - Rockstar New England) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - ) Dysfunctional Systems: Learning to Manage Chaos (HKLM-x32\...\Steam App 248800) (Version: - ) FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation) Geheimakte 3 (HKLM-x32\...\{765BF404-2FEE-492B-9E7F-A55143796EF1}) (Version: 1.00 - Deep Silver) GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team) Google Chrome (HKLM-x32\...\{51020C27-7422-3FBE-9480-4CB1CCC8E2CC}) (Version: 65.156.32827 - Google, Inc.) Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Memento Mori 2 (HKLM-x32\...\Memento Mori 2_is1) (Version: - dtp) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (Version: 14.0.6122.5000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich) NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR) NVIDIA 3D Vision Controller-Treiber 326.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.70 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 326.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 326.70 - NVIDIA Corporation) NVIDIA Grafiktreiber 326.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 326.70 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2670 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 326.70 (Version: 326.70 - NVIDIA Corporation) Hidden NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation) NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) raving reyven (HKLM\...\raving reyven) (Version: 2014.04.21.232827 - raving reyven) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.) RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - ) SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - ) Shutter Island (HKLM-x32\...\Shutter Island/DE-German_is1) (Version: - City Interactive) Skype™ 6.11 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.11.102 - Skype Technologies S.A.) Songr (HKCU\...\Songr) (Version: 2.0.2261 - Xamasoft) Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games) VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) ==================== Restore Points ========================= 22-04-2014 23:18:25 Windows Update 23-04-2014 21:47:51 Installed Java 7 Update 55 23-04-2014 22:15:40 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:16:21 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:16:55 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:19:56 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:20:14 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:20:42 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:21:05 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:23:35 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:24:01 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:24:31 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:45:31 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:46:28 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 22:47:02 Gerätetreiber-Paketinstallation: DT Soft Ltd Systemgeräte 23-04-2014 23:22:59 Gerätetreiber-Paketinstallation: Elaborate Bytes AG Speichercontroller 24-04-2014 01:00:11 Windows Update 25-04-2014 01:44:17 Windows Modules Installer 26-04-2014 01:00:12 Windows Update 27-04-2014 01:00:13 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {18014528-88C1-431A-9EBD-058013A339E4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd) Task: {2EE6533D-8B39-4781-AF47-394CF4D81475} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION Task: {504212D5-29C9-434C-A815-26E9D72B0071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22] (Google Inc.) Task: {549A72A2-9D21-4316-9D04-0BF12C471DCB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated) Task: {635401A4-D2BF-4257-8B7D-651A609C2C70} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {B8227B6C-7EDA-4DA9-A166-931FE9D9F510} - System32\Tasks\{631283E7-A316-4A88-92D4-AB158B3BE868} => C:\Program Files (x86)\City Interactive\Shutter Island\launcher.exe [2009-05-08] () Task: {C1D6A90A-E00B-4D5A-9D57-D30BE5B2C829} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe Task: {CE2E462B-6320-46FE-A2D1-2AC33896E7FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-22] (Google Inc.) Task: {D0BF10D3-22F2-45C1-9820-19A755CEA3F2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-16 18:38 - 2013-08-14 04:46 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-11-22 18:33 - 2011-07-28 18:06 - 08247264 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe 2013-11-22 22:20 - 2013-06-26 18:01 - 00247296 _____ () C:\Program Files (x86)\Drakonia Black\hid.exe 2013-11-22 22:20 - 2013-06-26 18:01 - 00240640 _____ () C:\Program Files (x86)\Drakonia Black\trayicon.exe 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-22 01:28 - 2014-04-26 01:37 - 00351016 _____ () C:\Program Files (x86)\raving reyven\updateravingreyven.exe 2014-04-24 02:24 - 2014-04-26 01:40 - 00351016 _____ () C:\Program Files (x86)\raving reyven\bin\utilravingreyven.exe 2013-11-22 18:33 - 2011-07-28 18:06 - 00297440 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe 2014-04-25 02:28 - 2014-04-24 12:33 - 00287016 _____ () C:\Program Files (x86)\raving reyven\bin\ravingreyven.PurBrowse64.exe 2014-04-24 02:54 - 2014-04-17 22:29 - 00095528 _____ () C:\Program Files (x86)\raving reyven\bin\ravingreyven.BrowserAdapter.exe 2014-04-26 02:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-04-26 02:33 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-04-26 02:33 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-04-26 02:33 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-04-26 02:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-01-08 05:49 - 2014-04-22 00:55 - 00340480 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll 2014-04-23 23:40 - 2014-04-22 00:55 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll 2013-10-24 10:45 - 2014-04-01 00:09 - 00754688 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2013-10-30 12:25 - 2014-04-24 00:01 - 01092288 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-10-23 13:07 - 2014-03-03 21:15 - 20626624 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2013-06-14 16:49 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll 2013-06-14 16:49 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll 2013-06-14 16:49 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll 2013-11-22 18:33 - 2009-08-28 17:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll 2013-11-22 22:20 - 2013-06-26 18:01 - 00061952 _____ () C:\Program Files (x86)\Drakonia Black\HidDevice.dll 2013-11-22 22:20 - 2013-06-26 18:01 - 00249856 _____ () C:\Program Files (x86)\Drakonia Black\language.dll 2013-11-22 18:33 - 2011-07-27 12:53 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll 2014-04-12 18:34 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll 2014-04-27 03:19 - 2014-04-27 17:45 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll 2014-04-12 18:34 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll 2014-04-12 18:34 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll 2014-04-12 18:34 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll 2014-04-12 18:34 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll 2014-04-12 18:34 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00113664 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 02342912 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00246784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00047616 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00050688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 11749888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 01283584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00079360 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00047104 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 02029568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00100352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00258560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00076288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00046592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00061440 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00465920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00719872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00114688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00136704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 01449472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00300032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00056320 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00192512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00091136 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00068096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00077824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00350720 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00144896 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 01723904 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00037888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00044032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00378368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00118272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00043520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00292864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 01297920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00359424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00209408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00034816 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00130560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00183808 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00073728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 01518592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00035328 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00036352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00036864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 2013-11-11 20:49 - 2013-11-11 20:49 - 00046080 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 2013-11-11 20:48 - 2013-11-11 20:48 - 00117248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll 2014-04-12 18:34 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll 2014-04-29 19:40 - 2014-04-29 19:40 - 00011264 _____ () C:\Users\Admin\AppData\Local\Temp\nsa4E1.tmp\System.dll 2014-04-29 19:40 - 2014-04-29 19:40 - 00018432 _____ () C:\Users\Admin\AppData\Local\Temp\nsa4E1.tmp\UAC.dll 2014-04-29 19:40 - 2014-04-29 19:40 - 00011264 _____ () C:\Users\Admin\AppData\Local\Temp\nsvC12.tmp\System.dll 2014-04-29 19:40 - 2014-04-29 19:40 - 00018432 _____ () C:\Users\Admin\AppData\Local\Temp\nsvC12.tmp\UAC.dll 2014-04-29 19:40 - 2014-04-29 19:40 - 00009728 _____ () C:\Users\Admin\AppData\Local\Temp\nsvC12.tmp\nsDialogs.dll 2014-04-29 19:40 - 2014-04-29 19:40 - 00037376 _____ () C:\Users\Admin\AppData\Local\Temp\nsvC12.tmp\InetBgDL.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (04/29/2014 07:27:11 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/28/2014 11:36:33 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 10:04:46 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 09:38:42 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 09:38:30 PM) (Source: ESENT) (User: ) Description: taskhost (1792) WebCacheLocal: Fehler -1811 beim Öffnen von Protokolldatei C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V0100075.log. Error: (04/27/2014 05:44:36 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 03:18:25 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 03:16:55 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/26/2014 11:52:41 PM) (Source: Application Hang) (User: ) Description: Programm SDLogReport.exe, Version 2.1.18.107 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 7f4 Startzeit: 01cf6190fcc68a36 Endzeit: 6 Anwendungspfad: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe Berichts-ID: 117ccfb9-cd8d-11e3-89e4-94de80753278 Error: (04/26/2014 10:48:57 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: adwcleaner.exe, Version: 3.2.0.3, Zeitstempel: 0x4f25baec Name des fehlerhaften Moduls: adwcleaner.exe, Version: 3.2.0.3, Zeitstempel: 0x4f25baec Ausnahmecode: 0xc0000005 Fehleroffset: 0x000111c9 ID des fehlerhaften Prozesses: 0x11d0 Startzeit der fehlerhaften Anwendung: 0xadwcleaner.exe0 Pfad der fehlerhaften Anwendung: adwcleaner.exe1 Pfad des fehlerhaften Moduls: adwcleaner.exe2 Berichtskennung: adwcleaner.exe3 System errors: ============= Error: (04/29/2014 07:29:18 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (04/29/2014 07:29:18 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (04/29/2014 07:26:31 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "3" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware. Error: (04/29/2014 07:26:31 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "2" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware. Error: (04/29/2014 07:26:31 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware. Error: (04/29/2014 07:26:31 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "0" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware. Error: (04/28/2014 11:38:41 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (04/28/2014 11:38:41 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (04/28/2014 11:36:00 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "3" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware. Error: (04/28/2014 11:36:00 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT) Description: Die Energieverwaltungsfeatures für Leistung des Prozessors "2" in der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie sich beim Hersteller des Computers nach aktualisierter Firmware. Microsoft Office Sessions: ========================= Error: (04/29/2014 07:27:11 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/28/2014 11:36:33 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 10:04:46 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 09:38:42 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 09:38:30 PM) (Source: ESENT)(User: ) Description: taskhost1792WebCacheLocal: C:\Users\Admin\AppData\Local\Microsoft\Windows\WebCache\V0100075.log-1811 Error: (04/27/2014 05:44:36 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 03:18:25 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/27/2014 03:16:55 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (04/26/2014 11:52:41 PM) (Source: Application Hang)(User: ) Description: SDLogReport.exe2.1.18.1077f401cf6190fcc68a366C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe117ccfb9-cd8d-11e3-89e4-94de80753278 Error: (04/26/2014 10:48:57 PM) (Source: Application Error)(User: ) Description: adwcleaner.exe3.2.0.34f25baecadwcleaner.exe3.2.0.34f25baecc0000005000111c911d001cf618debf8fce0C:\Users\Admin\Downloads\adwcleaner.exeC:\Users\Admin\Downloads\adwcleaner.exe2f411c4f-cd84-11e3-89e4-94de80753278 CodeIntegrity Errors: =================================== Date: 2014-01-06 19:54:30.477 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:30.417 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:30.357 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:30.307 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:06.162 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:06.130 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:06.068 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-06 19:54:06.006 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\GameKB.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Memory info =========================== Percentage of memory in use: 41% Total physical RAM: 8189.55 MB Available physical RAM: 4756.96 MB Total Pagefile: 16377.29 MB Available Pagefile: 12126.33 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:726.43 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 65AE8C20) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Mist ! Wie kann ich jetzt weiter vorgehen ? Könnt ihr da irgendwas draus erkennen ? Danke schonmal ! |
30.04.2014, 23:37 | #4 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
05.05.2014, 21:07 | #5 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen So ! Endlich fertig. Tut mir leid, dass ich mich so unregelmäßig melde. Ich bin in letzter Zeit garnicht so oft am PC gewesen. u . u Ich hab aber jetzt alles, hoffe ich ! MBAM : Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 05.05.2014 21:03:50, SYSTEM, ADMIN-PC, Protection, Malware Protection, Starting, Protection, 05.05.2014 21:03:50, SYSTEM, ADMIN-PC, Protection, Malware Protection, Started, Protection, 05.05.2014 21:03:50, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Starting, Update, 05.05.2014 21:03:57, SYSTEM, ADMIN-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, Protection, 05.05.2014 21:04:02, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Started, Update, 05.05.2014 21:05:03, SYSTEM, ADMIN-PC, Manual, Malware Database, 2014.3.4.9, 2014.5.5.10, Protection, 05.05.2014 21:05:04, SYSTEM, ADMIN-PC, Protection, Refresh, Starting, Protection, 05.05.2014 21:05:04, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Stopping, Protection, 05.05.2014 21:05:04, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Stopped, Protection, 05.05.2014 21:05:10, SYSTEM, ADMIN-PC, Protection, Refresh, Success, Protection, 05.05.2014 21:05:10, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Starting, Protection, 05.05.2014 21:05:10, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Started, Protection, 05.05.2014 21:26:24, SYSTEM, ADMIN-PC, Protection, Malware Protection, Starting, Protection, 05.05.2014 21:26:24, SYSTEM, ADMIN-PC, Protection, Malware Protection, Started, Protection, 05.05.2014 21:26:24, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Starting, Protection, 05.05.2014 21:26:58, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, Started, Detection, 05.05.2014 21:27:56, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, IP, 82.98.97.185, c29cef30eae4732d.dpa.download-web-shield.com, 49278, Outbound, C:\Windows\System32\tapi364.exe, Detection, 05.05.2014 21:27:56, SYSTEM, ADMIN-PC, Protection, Malicious Website Protection, IP, 82.98.97.185, c29cef30eae4732d.dpa.download-web-shield.com, 49278, Outbound, C:\Windows\System32\tapi364.exe, (end) Code:
ATTFilter # AdwCleaner v3.207 - Bericht erstellt am 05/05/2014 um 21:37:27 # Aktualisiert 05/05/2014 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits) # Benutzername : Admin - ADMIN-PC # Gestartet von : C:\Users\Admin\Downloads\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Admin\AppData\Local\wwerwerwe Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblenkmcolcdonmlfknbpbgjebabcoae ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Mozilla Firefox v29.0 (de) [ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\08qyinha.default\prefs.js ] -\\ Google Chrome v34.0.1847.131 [ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Search Provider] : hxxp://anisearch.de/?page=suche&mode=auswahl&qsearch={searchTerms} Gelöscht [Search Provider] : hxxp://www.anisearch.com/anime/index/?char=all&sort=rank&q=true&text={searchTerms} Gelöscht [Extension] : iblenkmcolcdonmlfknbpbgjebabcoae ************************* AdwCleaner[R0].txt - [5969 octets] - [26/04/2014 22:27:21] AdwCleaner[R1].txt - [6733 octets] - [26/04/2014 23:54:30] AdwCleaner[R2].txt - [3257 octets] - [27/04/2014 21:24:39] AdwCleaner[R3].txt - [1812 octets] - [28/04/2014 00:30:46] AdwCleaner[R4].txt - [4383 octets] - [05/05/2014 21:34:00] AdwCleaner[S0].txt - [315 octets] - [26/04/2014 22:48:56] AdwCleaner[S1].txt - [6440 octets] - [27/04/2014 00:46:42] AdwCleaner[S2].txt - [3144 octets] - [27/04/2014 21:33:10] AdwCleaner[S3].txt - [4304 octets] - [05/05/2014 21:37:27] ########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [4364 octets] ########## JRT : Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Professional x64 Ran by Admin on 05.05.2014 at 21:47:21,99 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\appshat-distribution_rasmancs ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 05.05.2014 at 21:56:01,28 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014 02 Ran by Admin (administrator) on ADMIN-PC on 05-05-2014 22:02:43 Running from C:\Users\Admin\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () C:\Program Files (x86)\Drakonia Black\hid.exe (Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Drakonia Black\trayicon.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Windows\System32\tapi364.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor) HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Black\hid.exe [247296 2013-06-26] () HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1805824 2013-10-16] (Game Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20586656 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\08qyinha.default FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: raving reyven - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\08qyinha.default\Extensions\{e63d9559-e4c3-499e-867a-a3c9d0a21400}.xpi [2014-04-30] FF HKLM-x32\...\Firefox\Extensions: [{0B0D932A-1166-4556-9E3C-99BF3D5A450D}] - C:\Windows\Installer\{0B836E91-60D5-4BE0-97F6-E12DC03B5CCB}\{0B0D932A-1166-4556-9E3C-99BF3D5A450D}.xpi FF Extension: No Name - C:\Windows\Installer\{0B836E91-60D5-4BE0-97F6-E12DC03B5CCB}\{0B0D932A-1166-4556-9E3C-99BF3D5A450D}.xpi [2014-04-27] Chrome: ======= CHR HomePage: CHR StartupUrls: "chrome://newtab/" CHR Extension: (ProxTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-11-29] CHR Extension: (reddit companion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe [2013-11-22] CHR Extension: (Missing e) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid [2013-11-22] CHR Extension: (Download Protect) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkfegnnpelgenldnapeiogpfaknfdhee [2014-04-27] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-22] CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-29] CHR Extension: (Look of Disapproval) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmomlddchhdnchpieaalgkpgaafohlbn [2013-11-22] CHR Extension: (Poupee Helper) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllcfmkookkmkcedcnbdhcpmmeflmilc [2013-11-22] CHR Extension: (cats) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmekamlpkbcegncocdmhnoogddkeekgn [2013-11-29] CHR Extension: (We Heart It) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblenkmcolcdonmlfknbpbgjebabcoae [2014-04-28] CHR Extension: (rikaikun) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2013-11-22] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2013-11-22] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-22] CHR Extension: (Hover Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-11-28] CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-22] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) R2 TCPSVCSd; C:\Windows\system32\tapi364.exe [118784 2014-04-24] () R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] () ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [31232 2013-10-15] ( ) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-05-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation) R1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64; C:\Windows\System32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [61120 2014-04-24] (StdLib) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-05 22:02 - 2014-05-05 22:02 - 00000000 ____D () C:\Users\Admin\Downloads\FRST-OlderVersion 2014-05-05 21:56 - 2014-05-05 21:56 - 00000855 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00004444 _____ () C:\Users\Admin\Documents\AdwCleaner[S3].txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00000000 ____D () C:\Windows\ERUNT 2014-05-05 21:33 - 2014-05-05 21:33 - 01316991 _____ () C:\Users\Admin\Downloads\adwcleaner.exe 2014-05-05 21:29 - 2014-05-05 21:29 - 00002058 _____ () C:\Users\Admin\Documents\mbam.txt 2014-05-05 21:03 - 2014-05-05 21:44 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-05 21:03 - 2014-05-05 21:03 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-05 21:03 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-05 21:03 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-05 21:03 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-05 20:59 - 2014-05-05 21:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-05 20:59 - 2014-05-05 20:59 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe 2014-05-03 19:11 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-03 19:11 - 2014-04-29 17:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-03 19:11 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-03 19:11 - 2014-04-29 16:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-29 19:54 - 2014-04-29 19:54 - 00032286 _____ () C:\Users\Admin\Documents\frst.txt 2014-04-29 19:45 - 2014-04-29 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2014-04-29 19:45 - 2014-04-29 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-29 19:44 - 2014-05-05 22:02 - 00013467 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-04-29 19:44 - 2014-04-29 19:45 - 00042582 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-04-29 19:43 - 2014-05-05 22:02 - 00000000 ____D () C:\FRST 2014-04-29 19:41 - 2014-05-05 22:02 - 02063872 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-04-29 19:40 - 2014-04-29 19:40 - 00283376 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe 2014-04-28 00:31 - 2014-04-28 00:31 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe 2014-04-28 00:01 - 2014-04-28 00:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 21:38 - 2014-05-05 21:43 - 00008062 _____ () C:\Windows\PFRO.log 2014-04-27 21:38 - 2014-05-05 21:43 - 00000672 _____ () C:\Windows\setupact.log 2014-04-27 21:38 - 2014-04-27 21:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-27 21:23 - 2014-04-27 21:23 - 00006530 _____ () C:\Users\Admin\Documents\cc_20140427_212321.reg 2014-04-27 03:19 - 2014-04-27 17:45 - 00000728 __RSH () C:\ProgramData\ntuser.pol 2014-04-26 22:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-04-26 22:27 - 2014-05-05 21:40 - 00000000 ____D () C:\AdwCleaner 2014-04-26 03:17 - 2014-04-26 03:17 - 00001320 _____ () C:\Windows\wininit.ini 2014-04-26 02:33 - 2014-04-30 00:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-26 02:33 - 2014-04-26 02:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2014-04-26 02:33 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-04-26 02:30 - 2014-04-27 21:24 - 00009728 ___SH () C:\Users\Admin\Documents\Thumbs.db 2014-04-26 02:12 - 2014-04-26 02:23 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Documents\spybot-2.2.25.exe 2014-04-26 02:11 - 2014-04-26 02:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-26 02:11 - 2014-04-26 02:11 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-26 02:11 - 2014-04-26 02:11 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-26 02:04 - 2014-04-26 02:08 - 04745984 _____ (Piriform Ltd) C:\Users\Admin\Documents\ccsetup413.exe 2014-04-25 03:44 - 2014-04-25 06:15 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-25 02:28 - 2014-04-24 12:33 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys 2014-04-24 01:22 - 2014-04-24 01:22 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-24 00:23 - 2014-04-24 00:51 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-04-24 00:15 - 2014-04-26 02:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-04-24 00:14 - 2014-04-24 00:15 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-23 23:48 - 2014-04-23 23:48 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 23:48 - 2014-04-23 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-23 23:48 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-23 23:48 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-23 23:48 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-23 23:48 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-23 23:48 - 2005-02-24 16:04 - 00002581 _____ () C:\Program Files (x86)\system.pak 2014-04-23 23:48 - 2005-02-24 15:20 - 00939028 _____ () C:\Program Files (x86)\script.pak 2014-04-23 23:48 - 2005-02-24 15:20 - 00034088 _____ () C:\Program Files (x86)\0cg.pak 2014-04-23 23:43 - 2014-04-23 23:43 - 00000851 _____ () C:\Users\Admin\Desktop\µTorrent.lnk 2014-04-23 18:03 - 2014-04-23 20:24 - 626729440 ____R () C:\Users\Admin\Downloads\Togainu No Chi.rar 2014-04-09 23:12 - 2014-04-09 23:12 - 00003497 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2014-04-09 17:08 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 17:08 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 17:08 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 17:08 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 17:08 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 17:08 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 17:08 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 17:08 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 17:08 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 17:08 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 17:08 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 17:08 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 17:08 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-05 22:24 - 2014-04-23 23:43 - 00000831 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-04-05 22:14 - 2014-04-27 21:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2014-04-05 22:12 - 2014-04-05 22:12 - 01671248 _____ (BitTorrent Inc.) C:\Users\Admin\Documents\uTorrent.exe ==================== One Month Modified Files and Folders ======= 2014-05-05 22:02 - 2014-05-05 22:02 - 00000000 ____D () C:\Users\Admin\Downloads\FRST-OlderVersion 2014-05-05 22:02 - 2014-04-29 19:44 - 00013467 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-05-05 22:02 - 2014-04-29 19:43 - 00000000 ____D () C:\FRST 2014-05-05 22:02 - 2014-04-29 19:41 - 02063872 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-05-05 21:56 - 2014-05-05 21:56 - 00000855 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-05-05 21:51 - 2009-07-14 06:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-05 21:51 - 2009-07-14 06:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-05 21:47 - 2014-05-05 21:47 - 00004444 _____ () C:\Users\Admin\Documents\AdwCleaner[S3].txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00000000 ____D () C:\Windows\ERUNT 2014-05-05 21:46 - 2013-11-22 21:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype 2014-05-05 21:45 - 2013-11-22 18:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-05 21:44 - 2014-05-05 21:03 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-05 21:43 - 2014-04-27 21:38 - 00008062 _____ () C:\Windows\PFRO.log 2014-05-05 21:43 - 2014-04-27 21:38 - 00000672 _____ () C:\Windows\setupact.log 2014-05-05 21:43 - 2013-11-22 18:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-05 21:43 - 2013-10-16 18:38 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-05 21:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-05 21:42 - 2013-10-16 18:24 - 01597480 _____ () C:\Windows\WindowsUpdate.log 2014-05-05 21:40 - 2014-04-26 22:27 - 00000000 ____D () C:\AdwCleaner 2014-05-05 21:33 - 2014-05-05 21:33 - 01316991 _____ () C:\Users\Admin\Downloads\adwcleaner.exe 2014-05-05 21:29 - 2014-05-05 21:29 - 00002058 _____ () C:\Users\Admin\Documents\mbam.txt 2014-05-05 21:28 - 2013-11-22 18:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-05 21:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-05-05 21:25 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2014-05-05 21:24 - 2013-11-23 18:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Songr 2014-05-05 21:17 - 2013-11-22 22:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc 2014-05-05 21:07 - 2013-12-05 22:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-05 21:03 - 2014-05-05 21:03 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-05 21:02 - 2014-05-05 20:59 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-05 20:59 - 2014-05-05 20:59 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe 2014-05-04 21:34 - 2013-11-23 01:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\PMB Files 2014-05-04 21:04 - 2013-11-23 01:11 - 00000000 ____D () C:\ProgramData\PMB Files 2014-05-04 21:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-04 17:51 - 2013-11-22 19:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify 2014-04-30 00:34 - 2013-11-23 18:39 - 00001076 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Songr.lnk 2014-04-30 00:31 - 2013-11-22 18:52 - 00002175 ____H () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-30 00:30 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-29 20:12 - 2013-12-05 22:23 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 20:12 - 2013-12-05 22:23 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 20:12 - 2013-12-05 22:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 19:54 - 2014-04-29 19:54 - 00032286 _____ () C:\Users\Admin\Documents\frst.txt 2014-04-29 19:50 - 2014-04-29 19:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2014-04-29 19:50 - 2014-04-29 19:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-29 19:45 - 2014-04-29 19:44 - 00042582 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-04-29 19:40 - 2014-04-29 19:40 - 00283376 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe 2014-04-29 18:00 - 2014-05-03 19:11 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 17:24 - 2014-05-03 19:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 16:47 - 2014-05-03 19:11 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 16:14 - 2014-05-03 19:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 23:42 - 2013-10-17 04:19 - 00699860 _____ () C:\Windows\system32\perfh007.dat 2014-04-28 23:42 - 2013-10-17 04:19 - 00149742 _____ () C:\Windows\system32\perfc007.dat 2014-04-28 23:42 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-28 00:31 - 2014-04-28 00:31 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe 2014-04-28 00:04 - 2014-04-28 00:01 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 21:38 - 2014-04-27 21:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-27 21:32 - 2014-04-05 22:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2014-04-27 21:24 - 2014-04-26 02:30 - 00009728 ___SH () C:\Users\Admin\Documents\Thumbs.db 2014-04-27 21:23 - 2014-04-27 21:23 - 00006530 _____ () C:\Users\Admin\Documents\cc_20140427_212321.reg 2014-04-27 21:22 - 2014-02-20 20:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps 2014-04-27 21:20 - 2013-11-22 21:57 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify 2014-04-27 17:45 - 2014-04-27 03:19 - 00000728 __RSH () C:\ProgramData\ntuser.pol 2014-04-27 04:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-27 03:19 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-04-26 03:17 - 2014-04-26 03:17 - 00001320 _____ () C:\Windows\wininit.ini 2014-04-26 02:40 - 2014-04-26 02:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2014-04-26 02:33 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-26 02:30 - 2014-02-23 17:16 - 00000000 ____D () C:\Users\Admin\Documents\MEMENTO2 2014-04-26 02:30 - 2013-11-24 18:07 - 00000000 ____D () C:\Users\Admin\Documents\[SCHULE] 2014-04-26 02:30 - 2013-11-24 18:04 - 00000000 ____D () C:\Users\Admin\Documents\[BOOKS] 2014-04-26 02:24 - 2014-04-24 00:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-04-26 02:24 - 2013-10-17 04:21 - 00000000 ____D () C:\Windows\Panther 2014-04-26 02:23 - 2014-04-26 02:12 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Documents\spybot-2.2.25.exe 2014-04-26 02:11 - 2014-04-26 02:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-26 02:11 - 2014-04-26 02:11 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-26 02:11 - 2014-04-26 02:11 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-26 02:08 - 2014-04-26 02:04 - 04745984 _____ (Piriform Ltd) C:\Users\Admin\Documents\ccsetup413.exe 2014-04-25 06:15 - 2014-04-25 03:44 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-24 12:33 - 2014-04-25 02:28 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys 2014-04-24 01:22 - 2014-04-24 01:22 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-24 00:51 - 2014-04-24 00:23 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-04-24 00:51 - 2013-11-24 18:05 - 00000000 ____D () C:\Users\Admin\Documents\[GAMES] 2014-04-24 00:15 - 2014-04-24 00:14 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-23 23:49 - 2014-02-17 00:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-23 23:48 - 2014-04-23 23:48 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 23:48 - 2014-04-23 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-23 23:48 - 2014-02-17 00:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-23 23:43 - 2014-04-23 23:43 - 00000851 _____ () C:\Users\Admin\Desktop\µTorrent.lnk 2014-04-23 23:43 - 2014-04-05 22:24 - 00000831 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-04-23 20:24 - 2014-04-23 18:03 - 626729440 ____R () C:\Users\Admin\Downloads\Togainu No Chi.rar 2014-04-14 20:13 - 2014-04-23 23:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 20:05 - 2014-04-23 23:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 20:05 - 2014-04-23 23:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 20:04 - 2014-04-23 23:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-09 23:18 - 2013-11-23 17:33 - 00000000 ____D () C:\Users\Admin\.gimp-2.8 2014-04-09 23:12 - 2014-04-09 23:12 - 00003497 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2014-04-09 19:58 - 2013-11-23 17:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mp3tag 2014-04-09 18:37 - 2013-11-25 22:52 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 18:36 - 2013-11-25 22:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 18:22 - 2013-11-23 17:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0 2014-04-07 20:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-04-05 22:12 - 2014-04-05 22:12 - 01671248 _____ (BitTorrent Inc.) C:\Users\Admin\Documents\uTorrent.exe Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-19 00:03 ==================== End Of Log ============================ Danke nochmal für alles ! ★ Liebe Grüße ~ Sprinkles |
06.05.2014, 16:31 | #6 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassenESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen |
09.05.2014, 22:23 | #7 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Hallihallo ! Da bin ich wieder ! Hier die ganzen LOGs. ESET Log : Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=3673168539857b4a96f1609b5cad7603 # engine=18201 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-05-09 09:10:58 # local_time=2014-05-09 11:10:58 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=5893 16776573 100 94 4791 151299708 0 0 # scanned=120188 # found=0 # cleaned=0 # scan_time=2996 Code:
ATTFilter Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Java 7 Update 55 Mozilla Firefox (29.0) Google Chrome 34.0.1847.116 Google Chrome 34.0.1847.131 Google Chrome wtsapi32.dll.. ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2014 01 Ran by Admin (administrator) on ADMIN-PC on 09-05-2014 23:18:52 Running from C:\Users\Admin\Downloads Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () C:\Program Files (x86)\Drakonia Black\hid.exe (Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Drakonia Black\trayicon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe () C:\Windows\System32\tapi364.exe () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.207\deploy\LoLLauncher.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13213840 2012-10-26] (Realtek Semiconductor) HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Black\hid.exe [247296 2013-06-26] () HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1805824 2013-10-16] (Game Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20586656 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd) HKU\S-1-5-21-1833934875-2978528442-3521743640-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk ShortcutTarget: NETGEAR WNA1100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\08qyinha.default FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: raving reyven - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\08qyinha.default\Extensions\{e63d9559-e4c3-499e-867a-a3c9d0a21400}.xpi [2014-04-30] FF HKLM-x32\...\Firefox\Extensions: [{0B0D932A-1166-4556-9E3C-99BF3D5A450D}] - C:\Windows\Installer\{0B836E91-60D5-4BE0-97F6-E12DC03B5CCB}\{0B0D932A-1166-4556-9E3C-99BF3D5A450D}.xpi FF Extension: No Name - C:\Windows\Installer\{0B836E91-60D5-4BE0-97F6-E12DC03B5CCB}\{0B0D932A-1166-4556-9E3C-99BF3D5A450D}.xpi [2014-04-27] Chrome: ======= CHR HomePage: CHR StartupUrls: "chrome://newtab/" CHR Extension: (ProxTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-11-29] CHR Extension: (reddit companion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe [2013-11-22] CHR Extension: (Missing e) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid [2013-11-22] CHR Extension: (Download Protect) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkfegnnpelgenldnapeiogpfaknfdhee [2014-04-27] CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-22] CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-29] CHR Extension: (Look of Disapproval) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmomlddchhdnchpieaalgkpgaafohlbn [2013-11-22] CHR Extension: (Poupee Helper) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllcfmkookkmkcedcnbdhcpmmeflmilc [2013-11-22] CHR Extension: (cats) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmekamlpkbcegncocdmhnoogddkeekgn [2013-11-29] CHR Extension: (We Heart It) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblenkmcolcdonmlfknbpbgjebabcoae [2014-04-28] CHR Extension: (rikaikun) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2013-11-22] CHR Extension: (Reddit Enhancement Suite) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2013-11-22] CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-22] CHR Extension: (Hover Zoom) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2013-11-28] CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-22] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.) R2 TCPSVCSd; C:\Windows\system32\tapi364.exe [118784 2014-04-24] () R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [297440 2011-07-28] () ==================== Drivers (Whitelisted) ==================== R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] () R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [31232 2013-10-15] ( ) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [768680 2013-06-26] (Microsoft Corporation) R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2013-06-26] (Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29352 2013-06-26] (Microsoft Corporation) R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2013-06-26] (Microsoft Corporation) R1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64; C:\Windows\System32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [61120 2014-04-24] (StdLib) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-09 23:15 - 2014-05-09 23:15 - 00855379 _____ () C:\Users\Admin\Documents\SecurityCheck.exe 2014-05-09 22:02 - 2014-05-09 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-09 21:45 - 2014-05-09 21:47 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe 2014-05-08 18:11 - 2014-05-08 18:11 - 00004833 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2014-05-08 03:00 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-08 03:00 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-08 03:00 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-08 03:00 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-07 03:01 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-07 03:01 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-07 03:01 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-07 03:01 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-07 03:00 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-07 03:00 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-07 03:00 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-07 03:00 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-07 03:00 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-07 03:00 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-07 03:00 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-07 03:00 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-07 03:00 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-07 03:00 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-07 03:00 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-07 03:00 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-07 03:00 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-07 03:00 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-07 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-07 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-07 03:00 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-07 03:00 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-07 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-07 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-07 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-07 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-07 03:00 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-07 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-07 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-07 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-07 03:00 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-07 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-07 03:00 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-07 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-07 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-07 03:00 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-07 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-07 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-07 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-07 03:00 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-07 03:00 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-07 03:00 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-07 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-07 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-07 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-05 22:02 - 2014-05-09 23:18 - 00000000 ____D () C:\Users\Admin\Downloads\FRST-OlderVersion 2014-05-05 21:56 - 2014-05-05 21:56 - 00000855 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00004444 _____ () C:\Users\Admin\Documents\AdwCleaner[S3].txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00000000 ____D () C:\Windows\ERUNT 2014-05-05 21:33 - 2014-05-05 21:33 - 01316991 _____ () C:\Users\Admin\Downloads\adwcleaner.exe 2014-05-05 21:29 - 2014-05-05 21:29 - 00002058 _____ () C:\Users\Admin\Documents\mbam.txt 2014-05-05 21:03 - 2014-05-09 21:25 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-05 21:03 - 2014-05-05 21:03 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-05 21:03 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-05 21:03 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-05 21:03 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-05 20:59 - 2014-05-05 21:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-05 20:59 - 2014-05-05 20:59 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe 2014-04-29 19:54 - 2014-04-29 19:54 - 00032286 _____ () C:\Users\Admin\Documents\frst.txt 2014-04-29 19:45 - 2014-04-29 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2014-04-29 19:45 - 2014-04-29 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-29 19:44 - 2014-05-09 23:18 - 00013234 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-04-29 19:44 - 2014-04-29 19:45 - 00042582 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-04-29 19:43 - 2014-05-09 23:18 - 00000000 ____D () C:\FRST 2014-04-29 19:41 - 2014-05-09 23:18 - 02064384 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-04-29 19:40 - 2014-04-29 19:40 - 00283376 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe 2014-04-28 00:31 - 2014-04-28 00:31 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe 2014-04-28 00:01 - 2014-04-28 00:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 21:38 - 2014-05-09 21:24 - 00001120 _____ () C:\Windows\setupact.log 2014-04-27 21:38 - 2014-05-05 21:43 - 00008062 _____ () C:\Windows\PFRO.log 2014-04-27 21:38 - 2014-04-27 21:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-27 21:23 - 2014-04-27 21:23 - 00006530 _____ () C:\Users\Admin\Documents\cc_20140427_212321.reg 2014-04-27 03:19 - 2014-04-27 17:45 - 00000728 __RSH () C:\ProgramData\ntuser.pol 2014-04-26 22:28 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-04-26 22:27 - 2014-05-05 21:40 - 00000000 ____D () C:\AdwCleaner 2014-04-26 03:17 - 2014-04-26 03:17 - 00001320 _____ () C:\Windows\wininit.ini 2014-04-26 02:33 - 2014-04-30 00:30 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-26 02:33 - 2014-04-26 02:40 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2014-04-26 02:33 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2014-04-26 02:30 - 2014-05-09 23:18 - 00009728 ___SH () C:\Users\Admin\Documents\Thumbs.db 2014-04-26 02:12 - 2014-04-26 02:23 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Documents\spybot-2.2.25.exe 2014-04-26 02:11 - 2014-04-26 02:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-26 02:11 - 2014-04-26 02:11 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-26 02:11 - 2014-04-26 02:11 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-26 02:04 - 2014-04-26 02:08 - 04745984 _____ (Piriform Ltd) C:\Users\Admin\Documents\ccsetup413.exe 2014-04-25 03:44 - 2014-04-25 06:15 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-25 02:28 - 2014-04-24 12:33 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys 2014-04-24 18:13 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-24 18:13 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-24 01:22 - 2014-04-24 01:22 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-24 00:23 - 2014-04-24 00:51 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-04-24 00:15 - 2014-04-26 02:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-04-24 00:14 - 2014-04-24 00:15 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-23 23:48 - 2014-04-23 23:48 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 23:48 - 2014-04-23 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-23 23:48 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-23 23:48 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-23 23:48 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-23 23:48 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-23 23:48 - 2005-02-24 16:04 - 00002581 _____ () C:\Program Files (x86)\system.pak 2014-04-23 23:48 - 2005-02-24 15:20 - 00939028 _____ () C:\Program Files (x86)\script.pak 2014-04-23 23:48 - 2005-02-24 15:20 - 00034088 _____ () C:\Program Files (x86)\0cg.pak 2014-04-23 23:43 - 2014-04-23 23:43 - 00000851 _____ () C:\Users\Admin\Desktop\µTorrent.lnk 2014-04-23 18:03 - 2014-04-23 20:24 - 626729440 ____R () C:\Users\Admin\Downloads\Togainu No Chi.rar 2014-04-09 17:08 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 17:08 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 17:08 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 17:08 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 17:08 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 17:08 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 17:08 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 17:08 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 17:08 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 17:08 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 17:08 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 17:08 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 17:08 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 17:08 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys ==================== One Month Modified Files and Folders ======= 2014-05-09 23:19 - 2014-04-29 19:44 - 00013234 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-05-09 23:19 - 2013-11-23 01:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\PMB Files 2014-05-09 23:18 - 2014-05-05 22:02 - 00000000 ____D () C:\Users\Admin\Downloads\FRST-OlderVersion 2014-05-09 23:18 - 2014-04-29 19:43 - 00000000 ____D () C:\FRST 2014-05-09 23:18 - 2014-04-29 19:41 - 02064384 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2014-05-09 23:18 - 2014-04-26 02:30 - 00009728 ___SH () C:\Users\Admin\Documents\Thumbs.db 2014-05-09 23:18 - 2013-11-22 21:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype 2014-05-09 23:15 - 2014-05-09 23:15 - 00855379 _____ () C:\Users\Admin\Documents\SecurityCheck.exe 2014-05-09 23:07 - 2013-12-05 22:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-09 22:34 - 2013-11-22 18:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-09 22:02 - 2014-05-09 22:02 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-09 21:52 - 2013-10-16 18:24 - 01770597 _____ () C:\Windows\WindowsUpdate.log 2014-05-09 21:47 - 2014-05-09 21:45 - 02347384 _____ (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_deu.exe 2014-05-09 21:36 - 2013-11-22 18:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-09 21:33 - 2009-07-14 06:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-09 21:33 - 2009-07-14 06:45 - 00026096 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-09 21:25 - 2014-05-05 21:03 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-09 21:24 - 2014-04-27 21:38 - 00001120 _____ () C:\Windows\setupact.log 2014-05-09 21:24 - 2013-11-22 18:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-09 21:24 - 2013-10-16 18:38 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-09 21:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-08 19:52 - 2013-11-22 22:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc 2014-05-08 19:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-05-08 18:44 - 2013-11-22 19:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify 2014-05-08 18:20 - 2013-11-23 18:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\Songr 2014-05-08 18:15 - 2013-11-23 17:33 - 00000000 ____D () C:\Users\Admin\.gimp-2.8 2014-05-08 18:11 - 2014-05-08 18:11 - 00004833 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel 2014-05-08 18:11 - 2013-11-23 17:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0 2014-05-08 16:56 - 2013-11-22 21:57 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify 2014-05-08 04:29 - 2013-11-22 18:52 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-08 04:29 - 2013-11-22 18:52 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-08 01:53 - 2013-11-23 01:11 - 00000000 ____D () C:\ProgramData\PMB Files 2014-05-07 05:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-05-07 03:00 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-07 00:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-05-05 21:56 - 2014-05-05 21:56 - 00000855 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00004444 _____ () C:\Users\Admin\Documents\AdwCleaner[S3].txt 2014-05-05 21:47 - 2014-05-05 21:47 - 00000000 ____D () C:\Windows\ERUNT 2014-05-05 21:43 - 2014-04-27 21:38 - 00008062 _____ () C:\Windows\PFRO.log 2014-05-05 21:40 - 2014-04-26 22:27 - 00000000 ____D () C:\AdwCleaner 2014-05-05 21:33 - 2014-05-05 21:33 - 01316991 _____ () C:\Users\Admin\Downloads\adwcleaner.exe 2014-05-05 21:29 - 2014-05-05 21:29 - 00002058 _____ () C:\Users\Admin\Documents\mbam.txt 2014-05-05 21:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-05-05 21:25 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini 2014-05-05 21:03 - 2014-05-05 21:03 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-05 21:03 - 2014-05-05 21:03 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-05 21:02 - 2014-05-05 20:59 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004 (1).exe 2014-05-05 20:59 - 2014-05-05 20:59 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe 2014-04-30 00:34 - 2013-11-23 18:39 - 00001076 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Songr.lnk 2014-04-30 00:31 - 2013-11-22 18:52 - 00002175 ____H () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-30 00:30 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2014-04-29 20:12 - 2013-12-05 22:23 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 20:12 - 2013-12-05 22:23 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 20:12 - 2013-12-05 22:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 19:54 - 2014-04-29 19:54 - 00032286 _____ () C:\Users\Admin\Documents\frst.txt 2014-04-29 19:50 - 2014-04-29 19:45 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2014-04-29 19:50 - 2014-04-29 19:45 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\ProgramData\Mozilla 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-29 19:45 - 2014-04-29 19:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-29 19:45 - 2014-04-29 19:44 - 00042582 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-04-29 19:40 - 2014-04-29 19:40 - 00283376 _____ (Mozilla) C:\Users\Admin\Downloads\Firefox Setup Stub 29.0.exe 2014-04-29 16:01 - 2014-05-08 03:00 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:40 - 2014-05-08 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 14:48 - 2014-05-08 03:00 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-08 03:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-28 23:42 - 2013-10-17 04:19 - 00699860 _____ () C:\Windows\system32\perfh007.dat 2014-04-28 23:42 - 2013-10-17 04:19 - 00149742 _____ () C:\Windows\system32\perfc007.dat 2014-04-28 23:42 - 2009-07-14 07:13 - 01622124 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-28 00:31 - 2014-04-28 00:31 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe 2014-04-28 00:04 - 2014-04-28 00:01 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-27 21:38 - 2014-04-27 21:38 - 00000000 _____ () C:\Windows\setuperr.log 2014-04-27 21:32 - 2014-04-05 22:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent 2014-04-27 21:23 - 2014-04-27 21:23 - 00006530 _____ () C:\Users\Admin\Documents\cc_20140427_212321.reg 2014-04-27 21:22 - 2014-02-20 20:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps 2014-04-27 17:45 - 2014-04-27 03:19 - 00000728 __RSH () C:\ProgramData\ntuser.pol 2014-04-27 03:19 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-04-26 03:17 - 2014-04-26 03:17 - 00001320 _____ () C:\Windows\wininit.ini 2014-04-26 02:40 - 2014-04-26 02:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-04-26 02:33 - 2014-04-26 02:33 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-04-26 02:33 - 2014-04-26 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-04-26 02:30 - 2014-02-23 17:16 - 00000000 ____D () C:\Users\Admin\Documents\MEMENTO2 2014-04-26 02:30 - 2013-11-24 18:07 - 00000000 ____D () C:\Users\Admin\Documents\[SCHULE] 2014-04-26 02:30 - 2013-11-24 18:04 - 00000000 ____D () C:\Users\Admin\Documents\[BOOKS] 2014-04-26 02:24 - 2014-04-24 00:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite 2014-04-26 02:24 - 2013-10-17 04:21 - 00000000 ____D () C:\Windows\Panther 2014-04-26 02:23 - 2014-04-26 02:12 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Admin\Documents\spybot-2.2.25.exe 2014-04-26 02:11 - 2014-04-26 02:11 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-04-26 02:11 - 2014-04-26 02:11 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-04-26 02:11 - 2014-04-26 02:11 - 00000000 ____D () C:\Program Files\CCleaner 2014-04-26 02:08 - 2014-04-26 02:04 - 04745984 _____ (Piriform Ltd) C:\Users\Admin\Documents\ccsetup413.exe 2014-04-25 06:15 - 2014-04-25 03:44 - 00002122 _____ () C:\Windows\epplauncher.mif 2014-04-24 12:33 - 2014-04-25 02:28 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys 2014-04-24 01:22 - 2014-04-24 01:22 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes 2014-04-24 01:19 - 2014-04-24 01:19 - 00118784 _____ () C:\Windows\system32\tapi364.exe 2014-04-24 00:51 - 2014-04-24 00:23 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-04-24 00:51 - 2013-11-24 18:05 - 00000000 ____D () C:\Users\Admin\Documents\[GAMES] 2014-04-24 00:15 - 2014-04-24 00:14 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-04-23 23:49 - 2014-02-17 00:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-23 23:48 - 2014-04-23 23:48 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-23 23:48 - 2014-04-23 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-23 23:48 - 2014-02-17 00:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-23 23:43 - 2014-04-23 23:43 - 00000851 _____ () C:\Users\Admin\Desktop\µTorrent.lnk 2014-04-23 23:43 - 2014-04-05 22:24 - 00000831 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2014-04-23 20:24 - 2014-04-23 18:03 - 626729440 ____R () C:\Users\Admin\Downloads\Togainu No Chi.rar 2014-04-14 20:13 - 2014-04-23 23:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 20:05 - 2014-04-23 23:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 20:05 - 2014-04-23 23:48 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 20:04 - 2014-04-23 23:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-14 04:24 - 2014-04-24 18:13 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-04-24 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-09 19:58 - 2013-11-23 17:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mp3tag 2014-04-09 18:37 - 2013-11-25 22:52 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 18:36 - 2013-11-25 22:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-05 23:08 ==================== End Of Log ============================ Und ? Siehts gut aus? Mir fallen keine Probleme mehr auf. Nur ab und an meldet sich unten rechts ein Fenster, das meldet von wegen irgendwas geblockt ? Ist das von irgendeinem Programm dass ich jetzt installiert habe ? Und wenn wirklich alles gut ist, kann ich dann ein paar Programme auch wieder deinstallieren ? Oder haben die noch irgendeinen Nutzen ? Haha. Tut mir leid dass ich mich nicht wirklich auskenne. ^^* Liebe Grüße ! Sprinkles |
10.05.2014, 17:52 | #8 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Meldung ist warscheinlich von Malwarebytes. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
19.05.2014, 22:36 | #9 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Hallihallo Da bin ich wieder ! Ich hab ein bisschen Stress weil ich mein Fachabi mache zur Zeit. Tut mir leid fürs so lange nicht melden. Ich hab euch/dich nicht vergessen. Das ist das Fixlog von FRST Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-05-2014 Ran by Admin at 2014-05-19 23:20:55 Run:1 Running from C:\Users\Admin\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ***************** C:\Windows\system32\GroupPolicy\Machine => Moved successfully. C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully. The system needed a reboot. ==== End of Fixlog ==== Was bedeutet das alles ? Alles ok ? Und danke für die Tipps. Werde ich berücksichtigen. Aber was heißt "Andere Browser tendieren zu etwas mehr Sicherheit als der IE" ich benutz doch Chrome ? Ist das ebenfalls nicht so gut ? Ich bin großer Fan der ganzen Add-Ons und benutze etliche. Außerdem ist Chrome bei mir irgendwie immer am schnellsten. Ich benutz den schon seit etlichen Jahren ( seit er noch ganz neu war, eigentlich ) und das ist wirklich das erste Mal dass ich Probleme hatte, während mit Firefox andauernd irgendwas nicht geladen wurde, nicht angezeigt, einlogg schwierigkeiten oder sonstiger Mist. Lohnt es sich da wirklich zu wechseln ? Macht das so einen Unterschied ? Liebe Grüße ! |
20.05.2014, 12:36 | #10 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Nee Chrome kannste nutzen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
04.06.2014, 03:10 | #11 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Super ! Dankeschön für deine Hilfe ! Ich habe noch eine Frage : Heute hat sich als ich etwas am Downloaden war plötzlich mein Chrome geschlossen und alle meine Erweiterungen für Chrome waren weg. Ich hab jetzt Angst das könnte an dem Download gelegen haben. Kann sich so auch ein Virus bemerkbar machen, oder bin ich jetzt ein wenig paranoid geworden ? Weil ein Update oder so gab es ja von Chrome garnicht.. Andererseits hat mein Virus Programm keinen Alarm geschlagen und nichts. Könnt ihr hier als Fachmänner und -Frauen nicht irgendetwas empfehlen das Downloads auch beobachtet ? Gibt es so etwas ? Liebe Grüße Sprinkles ! |
04.06.2014, 19:05 | #12 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Du musst aufpassen was du laden willst, ganz einfach.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
12.06.2014, 21:19 | #13 |
| Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Oh naja. Ich denke das ich wohl wirklich die einfachste Antwort ! Dann vielen Dank für alles ! Ich denke das Thema kann nun geschlossen werden. Vielen lieben Dank Schrauber. Sehr gute Hilfe. Könnte zufriedener nicht sein. Liebe Grüße Sprinkles |
13.06.2014, 15:33 | #14 |
/// the machine /// TB-Ausbilder | Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 7, Chrome : Probleme mit Werbung, Pop-Ups, Erweiterungen die sich nicht löschen lassen |
cleaner, falsche, frage, fragen, gen, google, internet, klicke, löschen, neue, nicht löschen, pop-ups, preferences, probleme, professionell, programm, programme, regeln, registrierungsdatenbank, scan, scanner, seite, surfen, virus, werbung, windows, windows 7 |