Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.05.2014, 10:53   #16
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Ich habe keine Adminrechte wenn ich was löschen will sagt er halt "Sie müssen Administratorberechtigungen angeben..."

Und der Echtzeit-scanner lässt sich nicht Aktivieren...



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by bender90 (administrator) on SVEN on 15-05-2014 11:48:31
Running from C:\Users\bender90\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {1fa6036a-93a2-11e1-910a-00040eccce2e} - K:\setup64.exe
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\MountPoints2: {db36818b-b92d-11e0-abaa-00116b983502} - K:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKLM-x32 - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://plusnetwork.com/?sp=brw&q={searchTerms}
SearchScopes: HKCU - {609D962F-363E-4443-AFE7-514C6434FBC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.facebook.com/
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icq-search.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-23] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-13 14:20 - 2014-05-13 14:20 - 00002141 _____ () C:\Users\bender90\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-05-13 12:46 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 11:58 - 2014-05-13 12:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:56 - 2014-05-13 12:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 11:56 - 2014-05-13 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 11:55 - 2014-05-13 11:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:25 - 2014-05-09 12:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 12:20 - 2014-05-09 12:21 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:47 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-08 12:47 - 2014-04-29 17:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-08 12:47 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 12:47 - 2014-04-29 16:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 12:45 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-08 12:45 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-08 12:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 12:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 12:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 12:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 12:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-08 12:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-08 12:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 12:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 12:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-08 12:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:30 - 2014-05-08 12:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 12:28 - 2014-05-08 12:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 12:27 - 2014-05-15 11:48 - 00023816 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-13 12:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-15 11:48 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-13 12:46 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 18:16 - 2014-05-12 13:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-12 13:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-15 11:48 - 2014-05-08 12:27 - 00023816 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-15 11:48 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-15 11:47 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-15 11:47 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-15 11:47 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-15 11:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-15 11:46 - 2009-07-14 06:51 - 00327166 _____ () C:\Windows\setupact.log
2014-05-13 14:38 - 2011-06-17 07:45 - 01488585 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 14:20 - 2014-05-13 14:20 - 00002141 _____ () C:\Users\bender90\Desktop\SpyBot - Search & Destroy - CHIP Downloader.lnk
2014-05-13 13:59 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 13:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 13:12 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-13 12:46 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 12:46 - 2014-05-07 20:26 - 02066944 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-13 12:44 - 2014-05-13 11:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 12:32 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:32 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 12:31 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-13 12:31 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-13 12:31 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 12:29 - 2014-05-13 11:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 12:29 - 2014-05-13 11:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 12:24 - 2011-08-27 12:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 12:24 - 2009-09-03 11:10 - 00725172 _____ () C:\Windows\PFRO.log
2014-05-13 12:23 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:55 - 2014-05-13 11:55 - 12589848 _____ (Malwarebytes Corp.) C:\Users\bender90\Desktop\mbar-1.07.0.1009.exe
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 14:06 - 2012-04-26 17:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 13:27 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 13:26 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 12:29 - 2014-05-09 12:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 12:22 - 2014-05-09 12:22 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe.part
2014-05-09 12:21 - 2014-05-09 12:20 - 05200039 _____ () C:\Users\bender90\Downloads\ComboFix.exe.part
2014-05-09 11:54 - 2013-02-08 10:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 11:54 - 2013-02-08 10:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:09 - 2011-06-20 18:33 - 00000000 ____D () C:\Users\bender90
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:50 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 12:47 - 2013-08-24 15:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-08 12:46 - 2011-07-30 19:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:30 - 2014-05-08 12:30 - 00000268 _____ () C:\Users\bender90\Desktop\Search.txt
2014-05-08 12:28 - 2014-05-08 12:28 - 00049689 _____ () C:\Users\bender90\Desktop\Addition.txt
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 12:08 - 2013-07-30 10:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 12:03 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 12:03 - 2013-10-01 19:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:39 - 2014-05-08 10:39 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3(1).exe.part
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:54 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-07 19:50 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 18:44 - 2013-10-01 19:57 - 00000020 _____ () C:\Windows\capsys184523.log
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 18:00 - 2014-05-08 12:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 17:24 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 16:47 - 2014-05-08 12:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 16:14 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 14:38 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 14:38 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 14:38 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-04-17 20:11 - 2014-02-04 16:43 - 00000000 ____D () C:\Program Files (x86)\Raptr

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe
C:\Users\bender90\AppData\Local\Temp\local.dll
C:\Users\bender90\AppData\Local\Temp\MirillisAction!1.18.0.exe
C:\Users\bender90\AppData\Local\Temp\rootsupd.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 12:49

==================== End Of Log ============================
         
--- --- ---

Alt 15.05.2014, 11:01   #17
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



und den fehler wenn ich was installieren will...siehe anhang
Miniaturansicht angehängter Grafiken
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?-fehler.jpg  
__________________


Alt 16.05.2014, 11:03   #18
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Jetzt isses wieder da.....

Combofix löschen, Combofix neu laden, aber vor dem Speichern den Namen ändern, also Rechtsklick Ziel speichern unter, auf dem Desktop speichern als bender84.exe oder sowas, dann laufen lassen.
__________________
__________________

Alt 16.05.2014, 12:24   #19
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Combofix Logfile:
Code:
ATTFilter
ComboFix 14-05-16.01 - bender90 16.05.2014  13:15:14.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16328.13521 [GMT 2:00]
ausgeführt von:: c:\users\bender90\Desktop\bender.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\windows\capsys184523.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-16 bis 2014-05-16  ))))))))))))))))))))))))))))))
.
.
2014-05-16 11:21 . 2014-05-16 11:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-16 11:19 . 2014-05-16 11:19	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{19396A90-7752-4CBE-B19B-B2F4C48898A7}\offreg.dll
2014-05-15 11:48 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{19396A90-7752-4CBE-B19B-B2F4C48898A7}\mpengine.dll
2014-05-13 09:58 . 2014-05-13 09:58	--------	d-----w-	c:\programdata\Malwarebytes
2014-05-13 09:58 . 2014-05-13 10:29	119000	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-13 09:56 . 2014-05-13 10:29	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-05-08 11:25 . 2014-05-08 11:25	--------	d-----w-	C:\Mozilla
2014-05-08 10:47 . 2014-04-29 16:00	23133184	----a-w-	c:\windows\system32\mshtml.dll
2014-05-08 10:47 . 2014-04-29 15:24	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-08 10:47 . 2014-04-29 14:14	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-08 10:44 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-05-08 09:23 . 2014-05-08 09:23	--------	d-----w-	c:\program files (x86)\ESET
2014-05-08 08:25 . 2014-05-08 08:25	--------	d-----w-	c:\users\bender90\AppData\Local\AviraResume
2014-05-07 19:39 . 2014-05-13 10:23	--------	d-sh--w-	c:\program files (x86)\Windows Manager
2014-05-07 18:56 . 2014-05-07 18:56	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-07 18:27 . 2014-05-15 09:49	--------	d-----w-	C:\FRST
2014-04-30 16:16 . 2014-05-12 11:27	--------	d-----w-	c:\users\bender90\AppData\Roaming\UseNeXT
2014-04-30 16:16 . 2014-04-30 16:16	--------	d-----w-	c:\program files (x86)\UseNeXT
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 11:40 . 2012-03-30 07:21	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-15 11:40 . 2011-07-28 19:38	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-08 10:46 . 2011-07-30 17:32	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-05-05 15:55 . 2011-07-28 16:02	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-05-02 15:25 . 2011-07-28 16:02	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-04-08 16:00 . 2014-04-08 16:00	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-08 16:00 . 2014-04-08 16:00	312744	----a-w-	c:\windows\system32\javaws.exe
2014-04-08 16:00 . 2014-04-08 16:00	189352	----a-w-	c:\windows\system32\javaw.exe
2014-04-08 16:00 . 2014-04-08 16:00	189352	----a-w-	c:\windows\system32\java.exe
2014-04-05 09:12 . 2011-09-06 12:29	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-03-31 07:35 . 2011-06-20 16:50	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-29 09:02 . 2014-03-29 09:02	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-03-29 09:02 . 2014-03-29 09:02	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-29 09:02 . 2014-03-29 09:02	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-03-29 09:02 . 2014-03-29 09:02	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-03-29 09:02 . 2014-03-29 09:02	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-29 09:02 . 2014-03-29 09:02	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-03-29 09:02 . 2014-03-29 09:02	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-03-29 09:02 . 2014-03-29 09:02	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-03-29 09:02 . 2014-03-29 09:02	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-03-29 09:02 . 2014-03-29 09:02	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-03-29 09:02 . 2014-03-29 09:02	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-03-29 09:02 . 2014-03-29 09:02	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-03-29 09:02 . 2014-03-29 09:02	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-03-29 09:02 . 2014-03-29 09:02	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-03-29 09:02 . 2014-03-29 09:02	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-03-29 09:02 . 2014-03-29 09:02	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-03-29 09:02 . 2014-03-29 09:02	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-03-29 09:02 . 2014-03-29 09:02	81408	----a-w-	c:\windows\system32\icardie.dll
2014-03-29 09:02 . 2014-03-29 09:02	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-03-29 09:02 . 2014-03-29 09:02	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-29 09:02 . 2014-03-29 09:02	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-03-29 09:02 . 2014-03-29 09:02	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-03-29 09:02 . 2014-03-29 09:02	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-03-29 09:02 . 2014-03-29 09:02	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-03-29 09:02 . 2014-03-29 09:02	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-03-29 09:02 . 2014-03-29 09:02	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-03-29 09:02 . 2014-03-29 09:02	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-29 09:02 . 2014-03-29 09:02	413696	----a-w-	c:\windows\system32\html.iec
2014-03-29 09:02 . 2014-03-29 09:02	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-29 09:02 . 2014-03-29 09:02	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-03-29 09:02 . 2014-03-29 09:02	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-03-29 09:02 . 2014-03-29 09:02	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-29 09:02 . 2014-03-29 09:02	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2014-03-29 09:02 . 2014-03-29 09:02	247808	----a-w-	c:\windows\system32\msls31.dll
2014-03-29 09:02 . 2014-03-29 09:02	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-03-29 09:02 . 2014-03-29 09:02	235520	----a-w-	c:\windows\system32\url.dll
2014-03-29 09:02 . 2014-03-29 09:02	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-03-29 09:02 . 2014-03-29 09:02	147968	----a-w-	c:\windows\system32\occache.dll
2014-03-29 09:02 . 2014-03-29 09:02	143872	----a-w-	c:\windows\system32\wextract.exe
2014-03-29 09:02 . 2014-03-29 09:02	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-03-29 09:02 . 2014-03-29 09:02	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-03-29 09:02 . 2014-03-29 09:02	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-03-29 09:02 . 2014-03-29 09:02	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-03-29 09:02 . 2014-03-29 09:02	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-03-29 09:02 . 2014-03-29 09:02	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-03-29 09:02 . 2014-03-29 09:02	101376	----a-w-	c:\windows\system32\inseng.dll
2014-03-29 09:02 . 2014-03-29 09:02	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-03-29 09:02 . 2014-03-29 09:02	774144	----a-w-	c:\windows\system32\jscript.dll
2014-03-29 09:02 . 2014-03-29 09:02	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-03-29 09:02 . 2014-03-29 09:02	13824	----a-w-	c:\windows\system32\mshta.exe
2014-03-29 09:02 . 2014-03-29 09:02	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-03-04 09:17 . 2014-05-08 10:45	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-01 05:16 . 2014-04-08 13:43	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-03-01 04:58 . 2014-04-08 13:43	2765824	----a-w-	c:\windows\system32\iertutil.dll
2014-03-01 04:52 . 2014-04-08 13:43	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-03-01 04:51 . 2014-04-08 13:43	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-03-01 04:42 . 2014-04-08 13:43	53760	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-01 04:40 . 2014-04-08 13:43	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-03-01 04:37 . 2014-04-08 13:43	574976	----a-w-	c:\windows\system32\ieui.dll
2014-03-01 04:33 . 2014-04-08 13:43	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-01 04:33 . 2014-04-08 13:43	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-03-01 04:32 . 2014-04-08 13:43	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2014-03-01 04:23 . 2014-04-08 13:43	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:17 . 2014-04-08 13:43	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-01 04:02 . 2014-04-08 13:43	195584	----a-w-	c:\windows\system32\msrating.dll
2014-03-01 03:54 . 2014-04-08 13:43	5768704	----a-w-	c:\windows\system32\jscript9.dll
2014-03-01 03:52 . 2014-04-08 13:43	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-01 03:51 . 2014-04-08 13:43	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:42 . 2014-04-08 13:43	627200	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-01 03:38 . 2014-04-08 13:43	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-01 03:37 . 2014-04-08 13:43	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-03-01 03:35 . 2014-04-08 13:43	2041856	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-01 03:18 . 2014-04-08 13:43	13051904	----a-w-	c:\windows\system32\ieframe.dll
2014-03-01 03:14 . 2014-04-08 13:43	4244480	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-01 03:10 . 2014-04-08 13:43	2334208	----a-w-	c:\windows\system32\wininet.dll
2014-03-01 03:00 . 2014-04-08 13:43	1964032	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-01 02:38 . 2014-04-08 13:43	1393664	----a-w-	c:\windows\system32\urlmon.dll
2014-03-01 02:32 . 2014-04-08 13:43	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-01 02:25 . 2014-04-08 13:43	817664	----a-w-	c:\windows\system32\ieapfltr.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-30 16:55	280736	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-04-23 1825984]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-12-23 3344384]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-04-11 55360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-12 261888]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2009-08-18 629280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-23 689744]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-07-22 162856]
"Live Update 5"="c:\program files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe" [2012-01-30 315392]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-08-13 490480]
"CommandCenter"="c:\program files (x86)\MSI\CommandCenter\StartCommandCenter.exe" [2013-09-26 809968]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2014-2-4 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Browser companion helper"=c:\program files (x86)\BrowserCompanion\BCHelper.exe
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"PlusService"=c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
.
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [x]
R3 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [x]
R3 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe [x]
R3 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [x]
R3 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [x]
R3 MSISaveLoad_CC;MSISaveLoad_CC;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [x]
R3 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [x]
R3 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [x]
R3 MSIWMI_CC;MSIWMI_CC;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteComCen;NTIOLib_SuiteComCen;c:\msi\MSI SUITE\ControlCenter\NTIOLib_X64.sys;c:\msi\MSI SUITE\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
R3 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8023x64;Realtek 10/100-Netzwerkkartenfamilie-NDIS-x64-Treiber;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 tap0901_openvpn_accl;TAP-Win32 Adapter V9 for OpenVPN Accelerator;c:\windows\system32\DRIVERS\tap0901_openvpn_accl.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901_openvpn_accl.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe  [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [x]
S3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;300Mbps Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NTIOLIB_1_0_3
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:40]
.
2014-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 08:58]
.
2014-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 08:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-30 16:55	340640	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-06 349480]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-07-26 7194840]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.0.1 192.168.1.1
FF - ProfilePath - c:\users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - 
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SpywareTerminatorShield - c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM-Run-SpywareTerminatorUpdater - c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
AddRemove-553E35CD-0415-41bc-B39A-410375E88534 - c:\program files (x86)\Intel\ACPI Driver Installer\Uninstall\setup.exe
AddRemove-Emsisoft HiJackFree_is1 - c:\program files (x86)\Emsisoft HiJackFree\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows NT\CurrentVersion\Windows]
@Denied: (A C D 2 3) (Everyone)
"UserSelectedDefault"=dword:00000000
"Device"="PDF24 PDF,winspool,Ne00:"
"Load"="c:\\Windows\\system32\\Microsoft.com"
.
[HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\SecuROM\License information*]
"datasecu"=hex:6e,2a,1d,dc,a2,ba,d4,f0,91,8b,3d,29,18,fb,ca,62,0a,c0,df,c3,38,
   06,26,a0,d5,73,9a,b3,e2,c5,1f,0c,70,05,f6,c6,21,15,9b,b3,5d,f8,7b,75,bf,90,\
"rkeysecu"=hex:61,3d,de,cb,43,13,31,9d,b5,47,32,fa,b8,28,0c,37
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-16  13:23:51
ComboFix-quarantined-files.txt  2014-05-16 11:23
.
Vor Suchlauf: 17 Verzeichnis(se), 271.935.901.696 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 271.779.307.520 Bytes frei
.
- - End Of File - - 2B790D48DBE4A8AE092CDF6CE41A609F
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

[/CODE]

Alt 17.05.2014, 13:16   #20
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Jetzt nochmal bitte ein frisches FST log, dann versuchen wir mal zu entsperren.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.05.2014, 20:26   #21
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by bender90 (administrator) on SVEN on 18-05-2014 21:11:51
Running from C:\Users\bender90\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(Smartbar) C:\Users\bender90\AppData\Local\Smartbar\Application\SnapDo.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
() C:\Users\bender90\AppData\Local\LPT\srptm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\CurrentVersion\Windows: [Load] C:\Windows\system32\Microsoft.com <===== ATTENTION
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\bender90\AppData\Local\Smartbar\Application\SnapDo.exe [28192 2014-04-08] (Smartbar)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6u16Sg2MQSd1Kg13opEXAED3J6FP2Y6ygCbOvr1aead5hJXVIqFEdc1cB1TL9Og
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q={searchTerms}
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF NewTab: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG61O9c8Exq1M0AiPJToBEyizqUUyryrX1TqkoykoPlUysf7MbJJfkbTWNLH84wey
FF DefaultSearchEngine: Web Search
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6u16Sg2MQSd1Kg13opEXAED3J6FP2Y6ygCbOvr1aead5hJXVIqFEdc1cB1TL9Og
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtCjyXXnQme9oxsQRSyyp0BojDwUHEtDiOimTcNzJVIswJnjmwabAYvX9UpCFJClafExDxSmKi9dHczB4cfOQXG6drcgIDQ3alBqGz0lTN2vBy3Vdcw5vN74FlZ9V_U6cU0hJT37eLUe82kEYrI1_e&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: Snap.Do  - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{4e0430b7-a32a-0066-426f-c5aa3f9729ee} [2014-05-16]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-23] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [37920 2014-04-08] ()
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 catchme; \??\C:\bender\catchme.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 21:11 - 2014-05-18 21:11 - 00025812 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-16 22:03 - 2014-05-16 22:03 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-05-16 22:02 - 2014-05-16 22:02 - 00002452 _____ () C:\Users\bender90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00002390 _____ () C:\Users\bender90\Desktop\Search.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00001481 _____ () C:\Users\Public\Desktop\Free AVI Video Converter.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\Smartbar
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\LPT
2014-05-16 22:01 - 2014-05-16 22:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 13:23 - 2014-05-16 13:23 - 00039783 _____ () C:\ComboFix.txt
2014-05-16 13:13 - 2014-05-16 13:23 - 00000000 ____D () C:\Qoobox
2014-05-16 13:13 - 2014-05-16 13:22 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 13:13 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 13:13 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 13:13 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-15 13:10 - 2014-05-15 13:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-13 12:46 - 2014-05-18 21:11 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 11:58 - 2014-05-13 12:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:56 - 2014-05-13 12:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 11:56 - 2014-05-13 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:25 - 2014-05-09 12:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:47 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-08 12:47 - 2014-04-29 17:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-08 12:47 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 12:47 - 2014-04-29 16:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 12:45 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-08 12:45 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-08 12:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 12:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 12:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 12:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 12:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-08 12:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-08 12:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 12:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 12:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-08 12:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-13 12:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-18 21:11 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-18 21:11 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 18:16 - 2014-05-12 13:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-05-12 13:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-18 21:12 - 2014-05-18 21:11 - 00025812 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-18 21:11 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-18 21:11 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-18 21:11 - 2014-05-07 20:26 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-18 21:11 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-18 21:10 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-18 21:09 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-18 21:09 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-18 21:08 - 2009-07-14 06:51 - 00330817 _____ () C:\Windows\setupact.log
2014-05-18 21:07 - 2009-09-03 11:10 - 00726336 _____ () C:\Windows\PFRO.log
2014-05-18 21:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 23:01 - 2011-06-17 07:45 - 01636759 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 22:59 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 22:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 22:38 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-16 22:37 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-16 22:03 - 2014-05-16 22:03 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-05-16 22:02 - 2014-05-16 22:02 - 00002452 _____ () C:\Users\bender90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00002390 _____ () C:\Users\bender90\Desktop\Search.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00001481 _____ () C:\Users\Public\Desktop\Free AVI Video Converter.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\Smartbar
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\LPT
2014-05-16 22:02 - 2013-06-09 13:13 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\DVDVideoSoft
2014-05-16 22:02 - 2013-06-09 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-05-16 22:02 - 2013-06-09 13:13 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-16 22:01 - 2014-05-16 22:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 21:48 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-16 21:48 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-16 21:46 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-16 21:46 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-16 21:46 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-16 13:23 - 2014-05-16 13:23 - 00039783 _____ () C:\ComboFix.txt
2014-05-16 13:23 - 2014-05-16 13:13 - 00000000 ____D () C:\Qoobox
2014-05-16 13:22 - 2014-05-16 13:13 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 13:21 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-15 13:40 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 13:40 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 13:40 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 13:10 - 2014-05-15 13:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-15 12:57 - 2013-01-03 12:17 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-13 12:44 - 2014-05-13 11:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 12:29 - 2014-05-13 11:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 12:29 - 2014-05-13 11:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 12:24 - 2011-08-27 12:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 12:23 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 14:06 - 2012-04-26 17:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 13:27 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 13:26 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 12:29 - 2014-05-09 12:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 11:54 - 2013-02-08 10:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 11:54 - 2013-02-08 10:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:09 - 2011-06-20 18:33 - 00000000 ____D () C:\Users\bender90
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:50 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 12:47 - 2013-08-24 15:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-08 12:46 - 2011-07-30 19:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 12:08 - 2013-07-30 10:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 12:03 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 12:03 - 2013-10-01 19:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 18:00 - 2014-05-08 12:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 17:24 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 16:47 - 2014-05-08 12:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 16:14 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-09 12:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---


oder den....
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by SYSTEM on MININT-I4G8TI0 on 18-05-2014 21:20:15
Running from I:\
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\bender90\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\bender90\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\bender90\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\bender90\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\bender90\...\Run: [Browser Infrastructure Helper] => C:\Users\bender90\AppData\Local\Smartbar\Application\SnapDo.exe [28192 2014-04-08] (Smartbar)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [37920 2014-04-08] ()
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
S2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-03-31] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-06] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-20] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 catchme; \??\C:\bender\catchme.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 11:11 - 2014-05-18 11:14 - 00044908 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-16 12:03 - 2014-05-16 12:03 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-05-16 12:02 - 2014-05-16 12:02 - 00002390 _____ () C:\Users\bender90\Desktop\Search.lnk
2014-05-16 12:02 - 2014-05-16 12:02 - 00001481 _____ () C:\Users\Public\Desktop\Free AVI Video Converter.lnk
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\Smartbar
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\LPT
2014-05-16 12:01 - 2014-05-16 12:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 03:23 - 2014-05-16 03:23 - 00039783 _____ () C:\ComboFix.txt
2014-05-16 03:13 - 2014-05-16 03:23 - 00000000 ____D () C:\Qoobox
2014-05-16 03:13 - 2014-05-16 03:22 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 03:13 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 03:13 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 03:13 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-15 03:10 - 2014-05-15 03:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-13 02:46 - 2014-05-18 11:11 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 01:58 - 2014-05-13 02:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 01:56 - 2014-05-13 02:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 01:56 - 2014-05-13 02:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:25 - 2014-05-09 02:29 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:47 - 2014-04-29 08:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-08 02:47 - 2014-04-29 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-08 02:47 - 2014-04-29 06:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 02:47 - 2014-04-29 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 02:45 - 2014-04-13 18:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 02:45 - 2014-04-13 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-08 02:45 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 02:45 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 02:45 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 02:45 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 02:45 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-08 02:45 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-08 02:45 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 02:45 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 02:45 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-08 02:44 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:53 - 2014-05-07 23:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 11:39 - 2014-05-13 02:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:27 - 2014-05-18 21:20 - 00000000 ____D () C:\FRST
2014-05-07 10:26 - 2014-05-18 11:11 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 08:16 - 2014-05-12 03:27 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 08:16 - 2014-05-12 03:26 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-25 23:03 - 2014-04-25 23:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-18 21:20 - 2014-05-07 10:27 - 00000000 ____D () C:\FRST
2014-05-18 11:16 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 11:16 - 2009-07-13 20:51 - 00331531 _____ () C:\Windows\setupact.log
2014-05-18 11:15 - 2011-06-16 21:45 - 01677186 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 11:15 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-18 11:15 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-18 11:14 - 2014-05-18 11:11 - 00044908 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-18 11:14 - 2011-06-17 07:37 - 00699884 _____ () C:\Windows\System32\perfh007.dat
2014-05-18 11:14 - 2011-06-17 07:37 - 00149766 _____ () C:\Windows\System32\perfc007.dat
2014-05-18 11:14 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-18 11:11 - 2014-05-13 02:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-18 11:11 - 2014-05-07 10:26 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-18 11:11 - 2013-05-28 00:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-18 11:10 - 2014-02-04 06:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-18 11:09 - 2013-04-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-18 11:09 - 2013-02-08 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-18 11:07 - 2009-09-03 01:10 - 00726336 _____ () C:\Windows\PFRO.log
2014-05-16 12:59 - 2013-02-08 00:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-16 12:40 - 2012-03-29 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 12:38 - 2013-10-30 08:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-16 12:37 - 2012-11-09 06:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-16 12:03 - 2014-05-16 12:03 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-05-16 12:02 - 2014-05-16 12:02 - 00002390 _____ () C:\Users\bender90\Desktop\Search.lnk
2014-05-16 12:02 - 2014-05-16 12:02 - 00001481 _____ () C:\Users\Public\Desktop\Free AVI Video Converter.lnk
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\Smartbar
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Local\LPT
2014-05-16 12:02 - 2013-06-09 03:13 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\DVDVideoSoft
2014-05-16 12:02 - 2013-06-09 03:13 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-05-16 12:01 - 2014-05-16 12:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 03:23 - 2014-05-16 03:23 - 00039783 _____ () C:\ComboFix.txt
2014-05-16 03:23 - 2014-05-16 03:13 - 00000000 ____D () C:\Qoobox
2014-05-16 03:22 - 2014-05-16 03:13 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 03:21 - 2009-07-13 18:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-15 03:40 - 2012-03-29 23:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 03:40 - 2012-03-29 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 03:40 - 2011-07-28 11:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 03:10 - 2014-05-15 03:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-15 02:57 - 2013-01-03 02:17 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-13 02:44 - 2014-05-13 01:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 02:29 - 2014-05-13 01:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 02:29 - 2014-05-13 01:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-13 02:24 - 2011-08-27 02:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 02:23 - 2014-05-07 11:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 04:06 - 2012-04-26 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 03:27 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-12 03:26 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 02:29 - 2014-05-09 02:25 - 05200039 _____ () C:\Users\bender90\Desktop\ComboFix.exe
2014-05-09 01:54 - 2013-02-08 00:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 01:54 - 2013-02-08 00:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 04:09 - 2011-06-20 08:33 - 00000000 ____D () C:\users\bender90
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:50 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-08 02:47 - 2013-08-24 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-08 02:46 - 2011-07-30 09:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:08 - 2013-07-30 00:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 02:03 - 2013-10-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:54 - 2014-05-07 23:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 09:59 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:49 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 03:23 - 2014-03-06 11:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 07:55 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 07:25 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-30 22:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 08:00 - 2014-05-08 02:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-29 07:24 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-29 06:47 - 2014-05-08 02:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 06:14 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-25 23:06 - 2014-04-25 23:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-05-07 09:00:26
Restore point made on: 2014-05-08 02:03:20
Restore point made on: 2014-05-08 02:21:38
Restore point made on: 2014-05-08 02:25:37
Restore point made on: 2014-05-08 02:45:35
Restore point made on: 2014-05-08 04:13:12
Restore point made on: 2014-05-13 02:23:17
Restore point made on: 2014-05-15 03:48:39

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16328.07 MB
Available physical RAM: 15099.36 MB
Total Pagefile: 16326.22 MB
Available Pagefile: 15083.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:249.05 GB) NTFS
Drive e: (DATA) (Fixed) (Total:689.57 GB) (Free:689.43 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:18.55 GB) (Free:4.57 GB) NTFS
Drive i: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-05-09 02:49

==================== End Of Log ============================
         
--- --- ---

Alt 19.05.2014, 18:13   #22
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Hinweis für Mitleser:
Folgendes ComboFix Skript ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Lösche die vorhandene Combofix.exe von deinem Desktop und lade das Programm vom folgenden Download-Spiegel neu herunter:
BleepingComputer.com
und speichere es erneut auf dem Desktop (nicht woanders hin, das ist wichtig)!

Drücke die Windows + R Taste --> Notepad (hinein schreiben) --> OK

Kopiere nun den Text aus der folgenden Codebox komplett in das leere Textdokument.
Code:
ATTFilter
RegLock::
[HKEY_USERS\.Default\Software\Microsoft\Windows NT\CurrentVersion\Windows]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
Rootkit::
c:\Windows\system32\Microsoft.com
Registry::
[HKU\.Default\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"Load"=-
         
Speichere dies als CFScript.txt auf Deinem Desktop.

Wichtig:
  • Stelle deine Anti Viren Software temprär ab. Dies kann ComboFix nämlich bei der Arbeit behindern.
    Danach wieder anstellen nicht vergessen!
  • Bewege nicht die Maus über das ComboFix-Fenster oder klicke in dieses hinein.
    Dies kann dazu führen, dass ComboFix sich aufhängt.
  • Schließe alle laufenden Programme. Gehe sicher das ComboFix ungehindert arbeiten kann.
  • Mache nichts am PC solange ComboFix läuft.
  • In Bezug auf obiges Bild, ziehe CFScript.txt in die ComboFix.exe
  • Wenn ComboFix fertig ist, wird es ein Log erstellen, C:\ComboFix.txt. Bitte füge es hier als Antwort ein.
Falls im Skript die Anweisung Suspect:: oder Collect:: enthalten ist, wird eine Message-Box erscheinen, nachdem Combofix fertig ist. Klicke OK und folge den Aufforderungen/Anweisungen, um die Dateien hochzuladen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.05.2014, 18:39   #23
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Combofix Logfile:
Code:
ATTFilter
ComboFix 14-05-19.01 - bender90 19.05.2014  19:26:43.2.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.16328.13703 [GMT 2:00]
ausgeführt von:: c:\users\bender90\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\bender90\Desktop\CFScript.txt
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\bender90\Desktop\Search.lnk
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-19 bis 2014-05-19  ))))))))))))))))))))))))))))))
.
.
2014-05-19 17:36 . 2014-05-19 17:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-16 20:02 . 2014-05-16 20:02	--------	d-----w-	c:\users\bender90\AppData\Roaming\OpenCandy
2014-05-15 11:48 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{19396A90-7752-4CBE-B19B-B2F4C48898A7}\mpengine.dll
2014-05-13 09:58 . 2014-05-13 09:58	--------	d-----w-	c:\programdata\Malwarebytes
2014-05-13 09:58 . 2014-05-13 10:29	119000	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-13 09:56 . 2014-05-13 10:29	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-05-08 11:25 . 2014-05-08 11:25	--------	d-----w-	C:\Mozilla
2014-05-08 10:47 . 2014-04-29 16:00	23133184	----a-w-	c:\windows\system32\mshtml.dll
2014-05-08 10:47 . 2014-04-29 15:24	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-08 10:47 . 2014-04-29 14:14	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-08 10:44 . 2014-01-24 02:37	1684928	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-05-08 09:23 . 2014-05-08 09:23	--------	d-----w-	c:\program files (x86)\ESET
2014-05-08 08:25 . 2014-05-08 08:25	--------	d-----w-	c:\users\bender90\AppData\Local\AviraResume
2014-05-07 19:39 . 2014-05-13 10:23	--------	d-sh--w-	c:\program files (x86)\Windows Manager
2014-05-07 18:56 . 2014-05-07 18:56	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-05-07 18:27 . 2014-05-19 05:21	--------	d-----w-	C:\FRST
2014-04-30 16:16 . 2014-05-19 10:49	--------	d-----w-	c:\users\bender90\AppData\Roaming\UseNeXT
2014-04-30 16:16 . 2014-04-30 16:16	--------	d-----w-	c:\program files (x86)\UseNeXT
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 11:40 . 2012-03-30 07:21	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-15 11:40 . 2011-07-28 19:38	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-08 10:46 . 2011-07-30 17:32	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-05-05 15:55 . 2011-07-28 16:02	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-05-02 15:25 . 2011-07-28 16:02	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-04-08 16:00 . 2014-04-08 16:00	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-08 16:00 . 2014-04-08 16:00	312744	----a-w-	c:\windows\system32\javaws.exe
2014-04-08 16:00 . 2014-04-08 16:00	189352	----a-w-	c:\windows\system32\javaw.exe
2014-04-08 16:00 . 2014-04-08 16:00	189352	----a-w-	c:\windows\system32\java.exe
2014-04-05 09:12 . 2011-09-06 12:29	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-03-31 07:35 . 2011-06-20 16:50	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-29 09:02 . 2014-03-29 09:02	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-03-29 09:02 . 2014-03-29 09:02	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-29 09:02 . 2014-03-29 09:02	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-03-29 09:02 . 2014-03-29 09:02	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-03-29 09:02 . 2014-03-29 09:02	34816	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-29 09:02 . 2014-03-29 09:02	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-03-29 09:02 . 2014-03-29 09:02	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-03-29 09:02 . 2014-03-29 09:02	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-03-29 09:02 . 2014-03-29 09:02	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-03-29 09:02 . 2014-03-29 09:02	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-03-29 09:02 . 2014-03-29 09:02	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-03-29 09:02 . 2014-03-29 09:02	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-03-29 09:02 . 2014-03-29 09:02	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-03-29 09:02 . 2014-03-29 09:02	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-03-29 09:02 . 2014-03-29 09:02	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-03-29 09:02 . 2014-03-29 09:02	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-03-29 09:02 . 2014-03-29 09:02	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-03-29 09:02 . 2014-03-29 09:02	81408	----a-w-	c:\windows\system32\icardie.dll
2014-03-29 09:02 . 2014-03-29 09:02	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-03-29 09:02 . 2014-03-29 09:02	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-29 09:02 . 2014-03-29 09:02	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-03-29 09:02 . 2014-03-29 09:02	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-03-29 09:02 . 2014-03-29 09:02	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-03-29 09:02 . 2014-03-29 09:02	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-03-29 09:02 . 2014-03-29 09:02	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-03-29 09:02 . 2014-03-29 09:02	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-03-29 09:02 . 2014-03-29 09:02	453120	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-29 09:02 . 2014-03-29 09:02	413696	----a-w-	c:\windows\system32\html.iec
2014-03-29 09:02 . 2014-03-29 09:02	40448	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-29 09:02 . 2014-03-29 09:02	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-03-29 09:02 . 2014-03-29 09:02	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-03-29 09:02 . 2014-03-29 09:02	296960	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-29 09:02 . 2014-03-29 09:02	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2014-03-29 09:02 . 2014-03-29 09:02	247808	----a-w-	c:\windows\system32\msls31.dll
2014-03-29 09:02 . 2014-03-29 09:02	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-03-29 09:02 . 2014-03-29 09:02	235520	----a-w-	c:\windows\system32\url.dll
2014-03-29 09:02 . 2014-03-29 09:02	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-03-29 09:02 . 2014-03-29 09:02	147968	----a-w-	c:\windows\system32\occache.dll
2014-03-29 09:02 . 2014-03-29 09:02	143872	----a-w-	c:\windows\system32\wextract.exe
2014-03-29 09:02 . 2014-03-29 09:02	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-03-29 09:02 . 2014-03-29 09:02	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-03-29 09:02 . 2014-03-29 09:02	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-03-29 09:02 . 2014-03-29 09:02	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-03-29 09:02 . 2014-03-29 09:02	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-03-29 09:02 . 2014-03-29 09:02	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-03-29 09:02 . 2014-03-29 09:02	101376	----a-w-	c:\windows\system32\inseng.dll
2014-03-29 09:02 . 2014-03-29 09:02	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-03-29 09:02 . 2014-03-29 09:02	774144	----a-w-	c:\windows\system32\jscript.dll
2014-03-29 09:02 . 2014-03-29 09:02	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-03-29 09:02 . 2014-03-29 09:02	13824	----a-w-	c:\windows\system32\mshta.exe
2014-03-29 09:02 . 2014-03-29 09:02	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-03-04 09:17 . 2014-05-08 10:45	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-03-01 05:16 . 2014-04-08 13:43	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-03-01 04:58 . 2014-04-08 13:43	2765824	----a-w-	c:\windows\system32\iertutil.dll
2014-03-01 04:52 . 2014-04-08 13:43	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-03-01 04:51 . 2014-04-08 13:43	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-03-01 04:42 . 2014-04-08 13:43	53760	----a-w-	c:\windows\system32\jsproxy.dll
2014-03-01 04:40 . 2014-04-08 13:43	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-03-01 04:37 . 2014-04-08 13:43	574976	----a-w-	c:\windows\system32\ieui.dll
2014-03-01 04:33 . 2014-04-08 13:43	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-03-01 04:33 . 2014-04-08 13:43	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-03-01 04:32 . 2014-04-08 13:43	708608	----a-w-	c:\windows\system32\jscript9diag.dll
2014-03-01 04:23 . 2014-04-08 13:43	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:17 . 2014-04-08 13:43	218624	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-01 04:02 . 2014-04-08 13:43	195584	----a-w-	c:\windows\system32\msrating.dll
2014-03-01 03:54 . 2014-04-08 13:43	5768704	----a-w-	c:\windows\system32\jscript9.dll
2014-03-01 03:52 . 2014-04-08 13:43	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-01 03:51 . 2014-04-08 13:43	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:42 . 2014-04-08 13:43	627200	----a-w-	c:\windows\system32\msfeeds.dll
2014-03-01 03:38 . 2014-04-08 13:43	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-03-01 03:37 . 2014-04-08 13:43	553472	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-03-01 03:35 . 2014-04-08 13:43	2041856	----a-w-	c:\windows\system32\inetcpl.cpl
2014-03-01 03:18 . 2014-04-08 13:43	13051904	----a-w-	c:\windows\system32\ieframe.dll
2014-03-01 03:14 . 2014-04-08 13:43	4244480	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-03-01 03:10 . 2014-04-08 13:43	2334208	----a-w-	c:\windows\system32\wininet.dll
2014-03-01 03:00 . 2014-04-08 13:43	1964032	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-03-01 02:38 . 2014-04-08 13:43	1393664	----a-w-	c:\windows\system32\urlmon.dll
2014-03-01 02:32 . 2014-04-08 13:43	1820160	----a-w-	c:\windows\SysWow64\wininet.dll
2014-03-01 02:25 . 2014-04-08 13:43	817664	----a-w-	c:\windows\system32\ieapfltr.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 11:22	1186616	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18	120104	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-04-23 1825984]
"OscarEditor"="c:\program files (x86)\MOUSE Editor\MouseEditor.exe" [2010-12-23 3344384]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-04-11 55360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-08-12 261888]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2009-08-18 629280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-23 689744]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-07-22 162856]
"Live Update 5"="c:\program files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe" [2012-01-30 315392]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-08-13 490480]
"CommandCenter"="c:\program files (x86)\MSI\CommandCenter\StartCommandCenter.exe" [2013-09-26 809968]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2014-2-4 846848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Browser companion helper"=c:\program files (x86)\BrowserCompanion\BCHelper.exe
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
"PlayMovie"="c:\program files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"PlusService"=c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
"ArcadeDeluxeAgent"="c:\program files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
.
R2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MSICTL_CC;MSICTL_CC;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe;c:\program files (x86)\MSI\CommandCenter\MSIControlService.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MSIBIOSData_CC;MSIBIOSData_CC;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe;c:\program files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [x]
R3 MSIClock_CC;MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe;c:\program files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [x]
R3 MSICOMM_CC;MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe;c:\program files (x86)\MSI\CommandCenter\MSICommService.exe [x]
R3 MSICPU_CC;MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe;c:\program files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [x]
R3 MSIDDR_CC;MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe;c:\program files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [x]
R3 MSISaveLoad_CC;MSISaveLoad_CC;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe;c:\program files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [x]
R3 MSISMB_CC;MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe;c:\program files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [x]
R3 MSISuperIO_CC;MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe;c:\program files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [x]
R3 MSIWMI_CC;MSIWMI_CC;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe;c:\program files (x86)\MSI\CommandCenter\MSIWMIService.exe [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;c:\msi\MSI SUITE\NTIOLib_X64.sys;c:\msi\MSI SUITE\NTIOLib_X64.sys [x]
R3 NTIOLib_1_1_S;NTIOLib_1_1_S;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys;c:\msi\MSI SUITE\Super-Charger\NTIOLib_X64.sys [x]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteComCen;NTIOLib_SuiteComCen;c:\msi\MSI SUITE\ControlCenter\NTIOLib_X64.sys;c:\msi\MSI SUITE\ControlCenter\NTIOLib_X64.sys [x]
R3 NTIOLib_SuiteFB;NTIOLib_SuiteFB;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys;c:\msi\MSI SUITE\FastBoot\NTIOLib_X64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8023x64;Realtek 10/100-Netzwerkkartenfamilie-NDIS-x64-Treiber;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 tap0901_openvpn_accl;TAP-Win32 Adapter V9 for OpenVPN Accelerator;c:\windows\system32\DRIVERS\tap0901_openvpn_accl.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901_openvpn_accl.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe  [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
S3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 INETMON;INETMON;c:\windows\System32\Drivers\INETMON.sys;c:\windows\SYSNATIVE\Drivers\INETMON.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [x]
S3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [x]
S3 OnlineStorageService;OnlineStorageService;c:\program files\Trend Micro SafeSync\hrfscore.exe;c:\program files\Trend Micro SafeSync\hrfscore.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;300Mbps Wireless USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NTIOLIB_MSICPU_CC
*NewlyCreated* - NTIOLIB_MSISUPERIO_CC
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 11:40]
.
2014-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 08:58]
.
2014-05-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 08:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPaired]
@="{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}"
[HKEY_CLASSES_ROOT\CLSID\{A203F945-39E9-4286-AFA2-F3ADFCD5FAAA}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoPriority]
@="{6F1BB626-1107-4b82-B322-54C5E64461B8}"
[HKEY_CLASSES_ROOT\CLSID\{6F1BB626-1107-4b82-B322-54C5E64461B8}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoProblem]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2B}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2B}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSynced]
@="{7479C9AF-DA81-4944-92E5-23E49390BB2A}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB2A}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoSyncing]
@="{7479C9AF-DA81-4944-92E5-23E49390BB29}"
[HKEY_CLASSES_ROOT\CLSID\{7479C9AF-DA81-4944-92E5-23E49390BB29}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00HumyoUnavailable]
@="{66669544-5639-4922-99C8-CE7A86651364}"
[HKEY_CLASSES_ROOT\CLSID\{66669544-5639-4922-99C8-CE7A86651364}]
2012-07-12 11:23	1748280	----a-w-	c:\program files\Trend Micro SafeSync\HrfsShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19	137512	----a-w-	c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"mwlDaemon"="c:\program files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" [2009-08-06 349480]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-07-26 7194840]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [BU]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [BU]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-08-01 8290584]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.0.1 192.168.1.1
FF - ProfilePath - c:\users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.2.9&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
AddRemove-553E35CD-0415-41bc-B39A-410375E88534 - c:\program files (x86)\Intel\ACPI Driver Installer\Uninstall\setup.exe
AddRemove-Emsisoft HiJackFree_is1 - c:\program files (x86)\Emsisoft HiJackFree\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2637058006-716935516-2651843933-1000\Software\SecuROM\License information*]
"datasecu"=hex:6e,2a,1d,dc,a2,ba,d4,f0,91,8b,3d,29,18,fb,ca,62,0a,c0,df,c3,38,
   06,26,a0,d5,73,9a,b3,e2,c5,1f,0c,70,05,f6,c6,21,15,9b,b3,5d,f8,7b,75,bf,90,\
"rkeysecu"=hex:61,3d,de,cb,43,13,31,9d,b5,47,32,fa,b8,28,0c,37
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-05-19  19:38:23
ComboFix-quarantined-files.txt  2014-05-19 17:38
ComboFix2.txt  2014-05-16 11:23
.
Vor Suchlauf: 24 Verzeichnis(se), 264.436.994.048 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 264.397.754.368 Bytes frei
.
- - End Of File - - CC715D25AAA90235A84FD2197A7515CE
         
--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

Alt 20.05.2014, 12:18   #24
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Nice, das sollte sogar geklappt haben. Frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.05.2014, 18:00   #25
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



das prob mit avira ist trotzdem...startet nicht den echtzeit scanner und upate wird verweigert


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by SYSTEM on MININT-RD1RUEA on 20-05-2014 18:53:04
Running from H:\
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.




==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-17] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [0 ] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\bender90\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\bender90\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-23] (Valve Corporation)
HKU\bender90\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\bender90\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-21] ()

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [0 ] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [0 ] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [0 ] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
S3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
S2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
S2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-03-31] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-21] (AVM Berlin)
S1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-21] (AVM GmbH)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
S2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-06] (Intel Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-20] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-20 08:45 - 2014-05-20 08:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-20 08:45 - 2014-05-20 08:45 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-20 08:45 - 2014-05-20 08:45 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-20 08:45 - 2013-09-20 00:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2014-05-19 10:40 - 2014-05-19 10:40 - 00038279 _____ () C:\ComboFix.txt
2014-05-18 11:11 - 2014-05-20 08:34 - 00040086 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 12:01 - 2014-05-16 12:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 03:13 - 2014-05-19 10:40 - 00000000 ____D () C:\Qoobox
2014-05-16 03:13 - 2014-05-16 03:22 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 03:13 - 2011-06-25 22:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 03:13 - 2010-11-07 09:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 03:13 - 2009-04-19 20:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 03:13 - 2000-08-30 16:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-15 03:10 - 2014-05-15 03:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-13 02:46 - 2014-05-18 11:11 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 01:58 - 2014-05-13 02:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 01:56 - 2014-05-13 02:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 01:56 - 2014-05-13 02:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:25 - 2014-05-19 09:20 - 05200426 ____R (Swearware) C:\Users\bender90\Desktop\ComboFix.exe
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:47 - 2014-04-29 08:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-05-08 02:47 - 2014-04-29 07:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-05-08 02:47 - 2014-04-29 06:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 02:47 - 2014-04-29 06:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 02:45 - 2014-04-13 18:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-05-08 02:45 - 2014-04-13 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-05-08 02:45 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 02:45 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 02:45 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 02:45 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 02:45 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 02:45 - 2014-02-03 18:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-05-08 02:45 - 2014-02-03 18:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-05-08 02:45 - 2014-02-03 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-05-08 02:45 - 2014-02-03 18:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 02:45 - 2014-01-08 18:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 02:45 - 2014-01-03 14:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-05-08 02:44 - 2014-01-23 18:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:53 - 2014-05-07 23:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 11:39 - 2014-05-13 02:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 10:27 - 2014-05-20 18:53 - 00000000 ____D () C:\FRST
2014-05-07 10:26 - 2014-05-18 11:11 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 08:16 - 2014-05-19 02:49 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 08:16 - 2014-05-19 02:49 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-25 23:03 - 2014-04-25 23:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-20 18:53 - 2014-05-07 10:27 - 00000000 ____D () C:\FRST
2014-05-20 08:51 - 2012-06-18 04:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-05-20 08:51 - 2011-06-16 21:45 - 01814367 _____ () C:\Windows\WindowsUpdate.log
2014-05-20 08:46 - 2014-05-20 08:45 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-05-20 08:45 - 2014-05-20 08:45 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-05-20 08:45 - 2014-05-20 08:45 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-05-20 08:40 - 2012-03-29 23:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-20 08:36 - 2013-07-30 00:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-20 08:35 - 2011-06-17 07:37 - 00699884 _____ () C:\Windows\System32\perfh007.dat
2014-05-20 08:35 - 2011-06-17 07:37 - 00149766 _____ () C:\Windows\System32\perfc007.dat
2014-05-20 08:35 - 2009-07-13 21:13 - 01622236 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-05-20 08:34 - 2014-05-18 11:11 - 00040086 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-20 08:31 - 2014-02-04 06:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-20 08:31 - 2013-04-16 10:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-20 08:31 - 2013-02-08 00:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-20 08:19 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 08:19 - 2009-07-13 20:45 - 00022832 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 08:12 - 2009-09-03 01:10 - 00727434 _____ () C:\Windows\PFRO.log
2014-05-20 08:12 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 08:12 - 2009-07-13 20:51 - 00335101 _____ () C:\Windows\setupact.log
2014-05-19 10:40 - 2014-05-19 10:40 - 00038279 _____ () C:\ComboFix.txt
2014-05-19 10:40 - 2014-05-16 03:13 - 00000000 ____D () C:\Qoobox
2014-05-19 10:39 - 2009-07-13 18:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 09:59 - 2013-02-08 00:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 09:20 - 2014-05-09 02:25 - 05200426 ____R (Swearware) C:\Users\bender90\Desktop\ComboFix.exe
2014-05-19 02:49 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-19 02:49 - 2014-04-30 08:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-19 01:30 - 2011-08-10 02:53 - 00000000 ____D () C:\Users\bender90\Documents\Flight Simulator X-Dateien
2014-05-19 00:31 - 2009-07-13 21:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 11:11 - 2014-05-13 02:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-18 11:11 - 2014-05-07 10:26 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-18 11:11 - 2013-05-28 00:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-16 12:38 - 2013-10-30 08:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-16 12:37 - 2012-11-09 06:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-16 12:02 - 2014-05-16 12:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 12:01 - 2014-05-16 12:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 03:22 - 2014-05-16 03:13 - 00000000 ____D () C:\Windows\erdnt
2014-05-15 03:40 - 2012-03-29 23:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 03:40 - 2012-03-29 23:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 03:40 - 2011-07-28 11:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 03:10 - 2014-05-15 03:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-15 02:57 - 2013-01-03 02:17 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-13 02:44 - 2014-05-13 01:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 02:29 - 2014-05-13 01:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-05-13 02:29 - 2014-05-13 01:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamchameleon.sys
2014-05-13 02:24 - 2011-08-27 02:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 02:23 - 2014-05-07 11:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 01:58 - 2014-05-13 01:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 07:49 - 2014-05-12 07:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 04:06 - 2012-04-26 07:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 03:01 - 2014-05-12 03:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 02:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 01:54 - 2013-02-08 00:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 01:54 - 2013-02-08 00:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 04:09 - 2011-06-20 08:33 - 00000000 ____D () C:\users\bender90
2014-05-08 03:25 - 2014-05-08 03:25 - 00000000 ____D () C:\Mozilla
2014-05-08 02:47 - 2013-08-24 05:32 - 00000000 ____D () C:\Windows\System32\MRT
2014-05-08 02:46 - 2011-07-30 09:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-05-08 02:39 - 2014-05-08 02:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 02:03 - 2013-10-01 09:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 01:23 - 2014-05-08 01:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 01:22 - 2014-05-08 01:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 00:38 - 2014-05-08 00:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 00:25 - 2014-05-08 00:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-07 23:54 - 2014-05-07 23:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-07 23:54 - 2014-05-07 23:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 11:47 - 2014-05-07 11:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 10:56 - 2014-05-07 10:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 10:56 - 2014-05-07 10:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 10:55 - 2014-05-07 10:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 09:59 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 09:57 - 2014-05-07 09:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 09:49 - 2012-10-29 01:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 03:23 - 2014-03-06 11:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 07:55 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 07:52 - 2011-09-29 01:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 08:45 - 2013-10-01 09:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 07:25 - 2011-07-28 08:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-30 22:39 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 08:16 - 2014-04-30 08:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 08:16 - 2014-04-30 08:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 08:15 - 2014-04-30 08:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 08:00 - 2014-05-08 02:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-29 07:24 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-29 06:47 - 2014-05-08 02:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 06:14 - 2014-05-08 02:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-25 23:06 - 2014-04-25 23:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-05-07 09:00:26
Restore point made on: 2014-05-08 02:03:20
Restore point made on: 2014-05-08 02:21:38
Restore point made on: 2014-05-08 02:25:37
Restore point made on: 2014-05-08 02:45:35
Restore point made on: 2014-05-08 04:13:12
Restore point made on: 2014-05-13 02:23:17
Restore point made on: 2014-05-15 03:48:39
Restore point made on: 2014-05-19 09:25:31

==================== Memory info =========================== 

Percentage of memory in use: 7%
Total physical RAM: 16328.07 MB
Available physical RAM: 15091.56 MB
Total Pagefile: 16326.22 MB
Available Pagefile: 15081.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:689.04 GB) (Free:245.86 GB) NTFS
Drive e: (DATA) (Fixed) (Total:689.57 GB) (Free:689.43 GB) NTFS
Drive f: (PQSERVICE) (Fixed) (Total:18.55 GB) (Free:4.57 GB) NTFS
Drive h: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: B2B05A62)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=689 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=690 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.


LastRegBack: 2014-05-19 03:38

==================== End Of Log ============================
         
--- --- ---

--- --- ---



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by bender90 (administrator) on SVEN on 20-05-2014 18:33:39
Running from C:\Users\bender90\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe
() C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe
(MSI CO.,LTD.) C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\CPU_Ratio.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro SafeSync\hrfscore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [629280 2009-08-18] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM-x32\...\Run: [Live Update 5] => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe [315392 2012-01-30] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-08-13] (MSI)
HKLM-x32\...\Run: [CommandCenter] => C:\Program Files (x86)\MSI\CommandCenter\StartCommandCenter.exe [809968 2013-09-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3344384 2010-12-23] ()
HKU\S-1-5-21-2637058006-716935516-2651843933-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9CCCD5AD521CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?p=pLsH3anR-Rz0cILJ
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default
FF SearchEngineOrder.1: Web Search
FF SelectedSearchEngine: Google
FF Homepage: https://www.facebook.com/
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.0 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.104.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.96.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @stonetrip.com/ShiVaWebPlayer,version=1.8.1.0 - C:\Users\bender90\AppData\Roaming\..\LocalLow\StoneTrip\WebPlayer1.8.1\npShiVa3D_1.8.1.dll (Stonetrip)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Rain Alarm Extension - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\rain-alarm@mdiener.de [2014-03-27]
FF Extension: WEB.DE MailCheck - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: NoScript - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-19]
FF Extension: Adblock Plus - C:\Users\bender90\AppData\Roaming\Mozilla\Firefox\Profiles\k9e6pubx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-19]

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-23] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-23] (Avira Operations GmbH & Co. KG)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MSIBIOSData_CC; C:\Program Files (x86)\MSI\CommandCenter\BIOSData\MSIBIOSDataService.exe [2100736 2013-09-11] (MSI)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\MSIClockService.exe [307712 2013-09-16] ()
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\MSICommService.exe [2114560 2013-09-12] ()
R3 MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\MSICPUService.exe [4110336 2013-09-12] ()
R2 MSICTL_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIControlService.exe [1985536 2013-08-15] ()
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\MSIDDRService.exe [2224640 2013-09-11] ()
S3 MSISaveLoad_CC; C:\Program Files (x86)\MSI\CommandCenter\MSISaveLoadService.exe [3957248 2013-07-18] ()
S3 MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\MSISMBService.exe [177152 2013-09-11] ()
R3 MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\MSISuperIOService.exe [503808 2013-09-12] ()
S3 MSIWMI_CC; C:\Program Files (x86)\MSI\CommandCenter\MSIWMIService.exe [182272 2013-08-23] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-08-19] (MSI)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 OnlineStorageService; C:\Program Files\Trend Micro SafeSync\hrfscore.exe [7908664 2012-07-12] (Trend Micro Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-28] ()
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [15888 2013-04-01] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-01] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-01] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [25448 2013-01-07] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-08-01] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\CommandCenter\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\CommandCenter\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\CommandCenter\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
R3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\CommandCenter\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\CommandCenter\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\CommandCenter\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation                           )
S1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2012-08-21] (The OpenVPN Project)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_1_0_C; \??\C:\MSI\MSI SUITE\NTIOLib_X64.sys [X]
S3 NTIOLib_1_1_S; \??\C:\MSI\MSI SUITE\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteComCen; \??\C:\MSI\MSI SUITE\ControlCenter\NTIOLib_X64.sys [X]
S3 NTIOLib_SuiteFB; \??\C:\MSI\MSI SUITE\FastBoot\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-19 20:40 - 2014-05-19 20:40 - 00038279 _____ () C:\ComboFix.txt
2014-05-19 10:41 - 2014-05-19 10:41 - 00001164 _____ () C:\Users\bender90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-18 21:11 - 2014-05-20 18:33 - 00021840 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-16 22:02 - 2014-05-16 22:02 - 00002452 _____ () C:\Users\bender90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 22:01 - 2014-05-16 22:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 13:13 - 2014-05-19 20:40 - 00000000 ____D () C:\Qoobox
2014-05-16 13:13 - 2014-05-16 13:22 - 00000000 ____D () C:\Windows\erdnt
2014-05-16 13:13 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-16 13:13 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-16 13:13 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-16 13:13 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-15 13:10 - 2014-05-15 13:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-13 12:46 - 2014-05-18 21:11 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-13 11:58 - 2014-05-13 12:29 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 11:56 - 2014-05-13 12:44 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 11:56 - 2014-05-13 12:29 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:25 - 2014-05-19 19:20 - 05200426 ____R (Swearware) C:\Users\bender90\Desktop\ComboFix.exe
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:47 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-08 12:47 - 2014-04-29 17:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-08 12:47 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 12:47 - 2014-04-29 16:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 12:45 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-08 12:45 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-05-08 12:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-08 12:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-05-08 12:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-05-08 12:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-05-08 12:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-05-08 12:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-05-08 12:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-05-08 12:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-05-08 12:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-05-08 12:45 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-08 12:45 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-08 12:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:42 - 2014-05-08 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:53 - 2014-05-08 09:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 21:39 - 2014-05-13 12:23 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 20:27 - 2014-05-20 18:33 - 00000000 ____D () C:\FRST
2014-05-07 20:26 - 2014-05-18 21:11 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-04-30 18:16 - 2014-05-19 12:49 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-04-30 18:16 - 2014-05-19 12:49 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-26 09:03 - 2014-04-26 09:06 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

==================== One Month Modified Files and Folders =======

2014-05-20 18:34 - 2014-05-18 21:11 - 00021840 _____ () C:\Users\bender90\Desktop\FRST.txt
2014-05-20 18:33 - 2014-05-07 20:27 - 00000000 ____D () C:\FRST
2014-05-20 18:31 - 2014-02-04 16:45 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Raptr
2014-05-20 18:31 - 2013-04-16 20:33 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-20 18:31 - 2013-02-08 10:58 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-20 18:19 - 2011-06-17 17:37 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-20 18:19 - 2011-06-17 17:37 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-20 18:19 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-20 18:19 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 18:19 - 2009-07-14 06:45 - 00022832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-20 18:12 - 2009-09-03 11:10 - 00727434 _____ () C:\Windows\PFRO.log
2014-05-20 18:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-20 18:12 - 2009-07-14 06:51 - 00335101 _____ () C:\Windows\setupact.log
2014-05-19 20:43 - 2011-06-17 07:45 - 01813584 _____ () C:\Windows\WindowsUpdate.log
2014-05-19 20:40 - 2014-05-19 20:40 - 00038279 _____ () C:\ComboFix.txt
2014-05-19 20:40 - 2014-05-16 13:13 - 00000000 ____D () C:\Qoobox
2014-05-19 20:40 - 2012-03-30 09:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-19 20:39 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-19 19:59 - 2013-02-08 10:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 19:20 - 2014-05-09 12:25 - 05200426 ____R (Swearware) C:\Users\bender90\Desktop\ComboFix.exe
2014-05-19 12:49 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\Documents\UseNeXT
2014-05-19 12:49 - 2014-04-30 18:16 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\UseNeXT
2014-05-19 11:30 - 2011-08-10 12:53 - 00000000 ____D () C:\Users\bender90\Documents\Flight Simulator X-Dateien
2014-05-19 10:41 - 2014-05-19 10:41 - 00001164 _____ () C:\Users\bender90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-19 10:31 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 21:11 - 2014-05-13 12:46 - 00000000 ____D () C:\Users\bender90\Desktop\FRST-OlderVersion
2014-05-18 21:11 - 2014-05-07 20:26 - 02067456 _____ (Farbar) C:\Users\bender90\Desktop\FRST64.exe
2014-05-18 21:11 - 2013-05-28 10:52 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0979D09-93B8-4BB6-A5B3-C8605BA24C41}
2014-05-16 22:38 - 2013-10-30 18:43 - 00000000 ____D () C:\Users\bender90\AppData\Local\CrashDumps
2014-05-16 22:37 - 2012-11-09 16:41 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\vlc
2014-05-16 22:02 - 2014-05-16 22:02 - 00002452 _____ () C:\Users\bender90\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-05-16 22:02 - 2014-05-16 22:02 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\OpenCandy
2014-05-16 22:01 - 2014-05-16 22:01 - 33255536 _____ (DVDVideoSoft Ltd. ) C:\Users\bender90\Desktop\FreeAVIVideoConverter.exe
2014-05-16 13:22 - 2014-05-16 13:13 - 00000000 ____D () C:\Windows\erdnt
2014-05-15 13:40 - 2012-03-30 09:21 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 13:40 - 2012-03-30 09:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-15 13:40 - 2011-07-28 21:38 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 13:10 - 2014-05-15 13:10 - 00000017 _____ () C:\Users\bender90\AppData\Local\resmon.resmoncfg
2014-05-15 12:57 - 2013-01-03 12:17 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-13 12:44 - 2014-05-13 11:56 - 00000000 ____D () C:\Users\bender90\Desktop\mbar
2014-05-13 12:29 - 2014-05-13 11:58 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 12:29 - 2014-05-13 11:56 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 12:24 - 2011-08-27 12:04 - 00000000 ____D () C:\Windows\Minidump
2014-05-13 12:23 - 2014-05-07 21:39 - 00000000 __SHD () C:\Program Files (x86)\Windows Manager
2014-05-13 11:58 - 2014-05-13 11:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-12 17:49 - 2014-05-12 17:49 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Desktop\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-12 14:06 - 2012-04-26 17:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-12 13:01 - 2014-05-12 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 12:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-09 11:54 - 2013-02-08 10:58 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-09 11:54 - 2013-02-08 10:58 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 14:09 - 2011-06-20 18:33 - 00000000 ____D () C:\Users\bender90
2014-05-08 13:25 - 2014-05-08 13:25 - 00000000 ____D () C:\Mozilla
2014-05-08 12:47 - 2013-08-24 15:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-08 12:46 - 2011-07-30 19:32 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-08 12:39 - 2014-05-08 12:39 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller(1).zip
2014-05-08 12:08 - 2014-05-08 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-08 12:08 - 2013-07-30 10:44 - 00002070 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-08 12:03 - 2014-05-08 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
2014-05-08 12:03 - 2013-10-01 19:56 - 00000000 ____D () C:\Program Files (x86)\Mirillis
2014-05-08 11:23 - 2014-05-08 11:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-08 11:22 - 2014-05-08 11:22 - 02347384 _____ (ESET) C:\Users\bender90\Downloads\esetsmartinstaller_deu.exe
2014-05-08 10:38 - 2014-05-08 10:38 - 46392680 _____ () C:\Users\bender90\Downloads\spybot-2.3.exe
2014-05-08 10:25 - 2014-05-08 10:25 - 00000000 ____D () C:\Users\bender90\AppData\Local\AviraResume
2014-05-08 09:54 - 2014-05-08 09:54 - 04143997 _____ () C:\Users\bender90\Downloads\tdsskiller.zip
2014-05-08 09:54 - 2014-05-08 09:53 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\bender90\Desktop\tdsskiller.exe
2014-05-07 21:48 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-07 21:47 - 2014-05-07 21:47 - 00003260 _____ () C:\Windows\System32\Tasks\{CFF8B7A5-524C-4C48-9F12-296002285E7A}
2014-05-07 20:56 - 2014-05-07 20:56 - 00001268 _____ () C:\Users\bender90\Desktop\Revo Uninstaller.lnk
2014-05-07 20:56 - 2014-05-07 20:56 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 20:55 - 2014-05-07 20:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\bender90\Downloads\revosetup95.exe
2014-05-07 19:59 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Spotify
2014-05-07 19:57 - 2014-05-07 19:57 - 00629584 _____ (Chip Digital GmbH) C:\Users\bender90\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
2014-05-07 19:49 - 2012-10-29 11:36 - 00000000 ____D () C:\Users\bender90\AppData\Local\Spotify
2014-05-07 13:23 - 2014-03-06 21:49 - 00000000 ____D () C:\ProgramData\PMS
2014-05-05 17:55 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\ProgramData\Origin
2014-05-05 17:52 - 2011-09-29 11:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Roaming\Mirillis
2014-05-02 18:45 - 2013-10-01 19:57 - 00000000 ____D () C:\Users\bender90\AppData\Local\Mirillis
2014-05-02 17:25 - 2011-07-28 18:02 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-01 08:39 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-30 18:16 - 2014-04-30 18:16 - 00001861 _____ () C:\Users\bender90\Desktop\UseNeXT by Tangysoft.lnk
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
2014-04-30 18:16 - 2014-04-30 18:16 - 00000000 ____D () C:\Program Files (x86)\UseNeXT
2014-04-30 18:15 - 2014-04-30 18:15 - 05274000 _____ (Tangysoft Ltd. ) C:\Users\bender90\Downloads\UseNeXTSetup_5.63.exe
2014-04-29 18:00 - 2014-05-08 12:47 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 17:24 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 16:47 - 2014-05-08 12:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 16:14 - 2014-05-08 12:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-26 09:06 - 2014-04-26 09:03 - 295347968 _____ (AMD Inc.) C:\Users\bender90\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe

Some content of TEMP:
====================
C:\Users\bender90\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 13:38

==================== End Of Log ============================
         
--- --- ---

Alt 21.05.2014, 08:45   #26
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Super, das is schon mal weg. jetzt bitte Antivir deinstallieren und neu installiern.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.05.2014, 08:55   #27
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



lässt sich nicht neu installieren....

Code:
ATTFilter
[0F0C:0640][2014-05-21T09:55:39]i001: Burn v3.8.1128.0, Windows v6.1 (Build 7601: Service Pack 1), path: C:\Users\bender90\Desktop\avira_de_av___ws.exe, cmdline: ''
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'SkipSuccessPageAfterInstall' to value 'yes'
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'RebootImmediatly' to value 'yes'
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'ShowSendErrorReport' to value 'yes'
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'LogFileUploadUrl' to value 'https://wl-win.oes.avira.com/sendreport'
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'SERVER_URL' to value ''
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'SHORT_MSG_FORMAT' to value ''
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'TRACKING_TOKEN' to value ''
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing numeric variable 'DISABLE_MIXPANEL_TRACKING' to value '0'
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'CUSTOM_KIT_TOKEN' to value ''
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'DOWNLOAD_SOURCE' to value ''
[0F0C:0640][2014-05-21T09:55:39]i000: Initializing string variable 'BUNDLE_ID' to value ''
[0F0C:0640][2014-05-21T09:55:39]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\bender90\AppData\Local\Temp\Avira_20140521095539.log'
[0F0C:0640][2014-05-21T09:55:39]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Users\bender90\Desktop\avira_de_av___ws.exe'
[0F0C:0640][2014-05-21T09:55:39]i000: Setting string variable 'WixBundleName' to value 'Avira'
[0F0C:14C0][2014-05-21T09:55:39]i000: Setting string variable 'CUSTOM_KIT_TOKEN' to value ''
[0F0C:14C0][2014-05-21T09:55:39]i000: Setting string variable 'DOWNLOAD_SOURCE' to value 'ws'
[0F0C:14C0][2014-05-21T09:55:39]i000: Setting string variable 'BUNDLE_ID' to value 'av'
[0F0C:14C0][2014-05-21T09:55:39]i000: Setting string variable 'LANGUAGE' to value 'de'
[0F0C:0640][2014-05-21T09:55:39]i100: Detect begin, 3 packages
[0F0C:0640][2014-05-21T09:55:39]i000: Setting string variable 'NETFRAMEWORK40CLIENT' to value '1'
[0F0C:0640][2014-05-21T09:55:39]i052: Condition 'NETFRAMEWORK40CLIENT' evaluates to true.
[0F0C:0640][2014-05-21T09:55:39]i101: Detected package: Avira.OE.Setup.Prerequisites.exe, state: Absent, cached: None
[0F0C:0640][2014-05-21T09:55:39]i101: Detected package: NetFx40ClientWeb, state: Present, cached: None
[0F0C:0640][2014-05-21T09:55:39]i101: Detected package: Id.Avira.OE.Setup.Msi, state: Absent, cached: None
[0F0C:0640][2014-05-21T09:55:39]i052: Condition 'NTProductType = 1 AND      (          ((VersionNT = v5.1) AND (ServicePackLevel >= 3)) OR           ((VersionNT64 = v5.2) AND (ServicePackLevel >= 2)) OR           ((VersionNT = v6.0)) OR           ((VersionNT = v6.1)) OR           (VersionNT >= v6.2)      )' evaluates to true.
[0F0C:0640][2014-05-21T09:55:39]i199: Detect complete, result: 0x0
[0F0C:0640][2014-05-21T09:55:41]i200: Plan begin, 3 packages, action: Install
[0F0C:0640][2014-05-21T09:55:41]w321: Skipping dependency registration on package with no dependency providers: Avira.OE.Setup.Prerequisites.exe
[0F0C:0640][2014-05-21T09:55:41]i000: Setting string variable 'WixBundleLog_Avira.OE.Setup.Prerequisites.exe' to value 'C:\Users\bender90\AppData\Local\Temp\Avira_20140521095539_0_Avira.OE.Setup.Prerequisites.exe.log'
[0F0C:0640][2014-05-21T09:55:41]i000: Setting string variable 'WixBundleRollbackLog_Avira.OE.Setup.Prerequisites.exe' to value 'C:\Users\bender90\AppData\Local\Temp\Avira_20140521095539_0_Avira.OE.Setup.Prerequisites.exe_rollback.log'
[0F0C:0640][2014-05-21T09:55:41]i052: Condition 'NOT NETFRAMEWORK40CLIENT' evaluates to false.
[0F0C:0640][2014-05-21T09:55:41]w321: Skipping dependency registration on package with no dependency providers: NetFx40ClientWeb
[0F0C:0640][2014-05-21T09:55:41]i000: Setting string variable 'WixBundleRollbackLog_Id.Avira.OE.Setup.Msi' to value 'C:\Users\bender90\AppData\Local\Temp\Avira_20140521095539_1_Id.Avira.OE.Setup.Msi_rollback.log'
[0F0C:0640][2014-05-21T09:55:41]i000: Setting string variable 'WixBundleLog_Id.Avira.OE.Setup.Msi' to value 'C:\Users\bender90\AppData\Local\Temp\Avira_20140521095539_1_Id.Avira.OE.Setup.Msi.log'
[0F0C:0640][2014-05-21T09:55:41]i201: Planned package: Avira.OE.Setup.Prerequisites.exe, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: None
[0F0C:0640][2014-05-21T09:55:41]i201: Planned package: NetFx40ClientWeb, state: Present, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[0F0C:0640][2014-05-21T09:55:41]i201: Planned package: Id.Avira.OE.Setup.Msi, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: Register
[0F0C:0640][2014-05-21T09:55:41]i299: Plan complete, result: 0x0
[0F0C:0640][2014-05-21T09:55:41]i300: Apply begin
[0C40:1248][2014-05-21T09:55:44]i000: Caching bundle from: 'C:\Users\bender90\AppData\Local\Temp\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}\.be\Avira.OE.Setup.Bundle.AntiVirus.En-us.exe' to: 'C:\ProgramData\Package Cache\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}\Avira.OE.Setup.Bundle.AntiVirus.En-us.exe'
[0C40:1248][2014-05-21T09:55:44]i320: Registering bundle dependency provider: {68e29fba-92b1-4f6f-a604-1d8679da3a9f}, version: 1.1.13.24161
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: Avira.OE.Setup.Prerequisites.exe at path: C:\ProgramData\Package Cache\.unverified\Avira.OE.Setup.Prerequisites.exe, moving to: C:\ProgramData\Package Cache\E75FBD31B4E73289C57CEDD26304A5D64348A842\Avira.OE.Setup.Prerequisites.exe.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: Id.Avira.OE.Setup.Msi at path: C:\ProgramData\Package Cache\.unverified\Id.Avira.OE.Setup.Msi, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\Avira.OE.Setup.Msi.AntiVirus.msi.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: BundlePayload at path: C:\ProgramData\Package Cache\.unverified\BundlePayload, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\BundledProducts.xml.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiDE at path: C:\ProgramData\Package Cache\.unverified\MsiDE, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.de.mst.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiEN at path: C:\ProgramData\Package Cache\.unverified\MsiEN, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.en.mst.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiEs at path: C:\ProgramData\Package Cache\.unverified\MsiEs, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.es.mst.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiFr at path: C:\ProgramData\Package Cache\.unverified\MsiFr, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.fr.mst.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiIt at path: C:\ProgramData\Package Cache\.unverified\MsiIt, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.it.mst.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiPtBr at path: C:\ProgramData\Package Cache\.unverified\MsiPtBr, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.ptbr.mst.
[0C40:1560][2014-05-21T09:55:44]i305: Verified acquired payload: MsiRu at path: C:\ProgramData\Package Cache\.unverified\MsiRu, moving to: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\loc.ru.mst.
[0C40:1248][2014-05-21T09:55:44]i301: Applying execute package: Avira.OE.Setup.Prerequisites.exe, action: Install, path: C:\ProgramData\Package Cache\E75FBD31B4E73289C57CEDD26304A5D64348A842\Avira.OE.Setup.Prerequisites.exe, arguments: '"C:\ProgramData\Package Cache\E75FBD31B4E73289C57CEDD26304A5D64348A842\Avira.OE.Setup.Prerequisites.exe" /enableMsiService /checkRebootRequired'
[0F0C:0640][2014-05-21T09:55:44]i319: Applied execute package: Avira.OE.Setup.Prerequisites.exe, result: 0x0, restart: None
[0C40:1248][2014-05-21T09:55:44]i323: Registering package dependency provider: {D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}, version: 1.1.13.24161, package: Id.Avira.OE.Setup.Msi
[0C40:1248][2014-05-21T09:55:44]i301: Applying execute package: Id.Avira.OE.Setup.Msi, action: Install, path: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\Avira.OE.Setup.Msi.AntiVirus.msi, arguments: ' ARPSYSTEMCOMPONENT="1" TRANSFORMS="loc.de.mst" SERVER_URL="" SHORT_MSG_FORMAT="" TRACKING_TOKEN="" DISABLE_MIXPANEL_TRACKING="0" CUSTOM_KIT_TOKEN="" DOWNLOAD_SOURCE="ws" BUNDLE_ID="av" WCF_AUTH_VERIFY_SIGNATURE="TRUE"'
[0C40:1248][2014-05-21T09:55:47]e000: Error 0x80070643: Failed to install MSI package.
[0C40:1248][2014-05-21T09:55:47]e000: Error 0x80070643: Failed to execute MSI package.
[0F0C:0640][2014-05-21T09:55:47]e000: Error 0x80070643: Failed to configure per-machine MSI package.
[0F0C:0640][2014-05-21T09:55:47]i319: Applied execute package: Id.Avira.OE.Setup.Msi, result: 0x80070643, restart: None
[0F0C:0640][2014-05-21T09:55:47]e000: Error 0x80070643: Failed to execute MSI package.
[0C40:1248][2014-05-21T09:55:47]i318: Skipped rollback of package: Id.Avira.OE.Setup.Msi, action: Uninstall, already: Absent
[0F0C:0640][2014-05-21T09:55:47]i319: Applied rollback package: Id.Avira.OE.Setup.Msi, result: 0x0, restart: None
[0C40:1248][2014-05-21T09:55:47]i329: Removed package dependency provider: {D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}, package: Id.Avira.OE.Setup.Msi
[0C40:1248][2014-05-21T09:55:47]i351: Removing cached package: Id.Avira.OE.Setup.Msi, from path: C:\ProgramData\Package Cache\{D0DB3714-CFA1-4FA7-ABA3-B1DCB5998895}v1.1.13.24161\
[0C40:1248][2014-05-21T09:55:47]i301: Applying rollback package: Avira.OE.Setup.Prerequisites.exe, action: Uninstall, path: C:\ProgramData\Package Cache\E75FBD31B4E73289C57CEDD26304A5D64348A842\Avira.OE.Setup.Prerequisites.exe, arguments: '"C:\ProgramData\Package Cache\E75FBD31B4E73289C57CEDD26304A5D64348A842\Avira.OE.Setup.Prerequisites.exe" /enableMsiService'
[0F0C:0640][2014-05-21T09:55:47]i319: Applied rollback package: Avira.OE.Setup.Prerequisites.exe, result: 0x0, restart: None
[0C40:1248][2014-05-21T09:55:47]i351: Removing cached package: Avira.OE.Setup.Prerequisites.exe, from path: C:\ProgramData\Package Cache\E75FBD31B4E73289C57CEDD26304A5D64348A842\
[0C40:1248][2014-05-21T09:55:47]i330: Removed bundle dependency provider: {68e29fba-92b1-4f6f-a604-1d8679da3a9f}
[0C40:1248][2014-05-21T09:55:47]i352: Removing cached bundle: {68e29fba-92b1-4f6f-a604-1d8679da3a9f}, from path: C:\ProgramData\Package Cache\{68e29fba-92b1-4f6f-a604-1d8679da3a9f}\
[0F0C:0640][2014-05-21T09:55:48]i399: Apply complete, result: 0x80070643, restart: None, ba requested restart:  No
         

Alt 22.05.2014, 08:33   #28
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



Vorher deinstalliert? Bitte den Installer mal mit Rechtsklick als Admin starten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.05.2014, 19:18   #29
bender84
 
winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



alles gemacht schrauber...feinstall...neustart...install...fehler....auch via rechtsklick als Admin starten geht es nicht...

Alt 23.05.2014, 16:16   #30
schrauber
/// the machine
/// TB-Ausbilder
 

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Standard

winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?



hab ich schon erwähnt dass ich avira hasse? Installier mal Avast, nur so zum Spass.

Und poste bitte ein frisches FRST log.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?
antivir, association, bifrose.trace, blockiert, branding, browser, converter, desktop, dvdvideosoft ltd., excel, firefox, flash player, homepage, launch, malware.trace, msiexec.exe, prozess, realtek, registry, safer networking, scan, security, software, spotify web helper, spyware, stolen.data, svchost.exe, system, trojan.agent.cmo, warum




Ähnliche Themen: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?


  1. Avira Echtzeit-Scanner: Zugriff auf Registry wurde blockiert - die Zweite -
    Plagegeister aller Art und deren Bekämpfung - 26.05.2015 (21)
  2. Avira Echtzeit-Scanner: Zugriff auf Registry wurde blockiert
    Plagegeister aller Art und deren Bekämpfung - 07.05.2015 (28)
  3. Avira meldet Zugriff auf Registry wurde blockiert, Windows Log File zeigt asiatische Zeichen an
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (3)
  4. Win7 - Speicherplatz verringert sich, Zugriff auf eigene Ordner blockiert
    Log-Analyse und Auswertung - 10.02.2015 (11)
  5. winmgr.exe blockiert Zugriff auf Antivirenprogramme
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (1)
  6. ESET meldet Zugriff auf Seite blockiert - im Log steht Variante von Win32/Kryptik.BEFI
    Plagegeister aller Art und deren Bekämpfung - 27.06.2013 (19)
  7. Weißer Bildschirm (Polizei-Trojaner) blockiert jeglichen Zugriff (Vista)
    Log-Analyse und Auswertung - 12.05.2013 (13)
  8. Polizei-Trojaner blockiert jeglichen Zugriff
    Plagegeister aller Art und deren Bekämpfung - 09.05.2013 (3)
  9. avast! hat den Zugriff auf eine infizierte Webseite blockiert
    Plagegeister aller Art und deren Bekämpfung - 22.09.2012 (23)
  10. Kein Zugriff auf PC - "Aus Sicherheitsgründen wurde Ihr Windowssystem blockiert"
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (6)
  11. Windows blockiert (Bundestrojaner) - Wie soll ich OTL installieren, da kein Zugriff!
    Log-Analyse und Auswertung - 20.12.2011 (23)
  12. Warnmeldung von Avira Y: autorun.inf' - Zugriff aus Sicherheitsgründen blockiert
    Plagegeister aller Art und deren Bekämpfung - 23.09.2011 (40)
  13. Virus blockiert alle Antivirenprogramme !
    Log-Analyse und Auswertung - 26.08.2010 (1)
  14. winmgr.exe ?
    Log-Analyse und Auswertung - 10.05.2010 (16)
  15. Firefox leitet ungewollt um, Antivirenprogramme werden blockiert
    Plagegeister aller Art und deren Bekämpfung - 12.02.2010 (48)
  16. Zugriff auf Taskmanager u. Anwendungen wird blockiert, aufpoppende Alerts u. a.
    Plagegeister aller Art und deren Bekämpfung - 05.02.2010 (17)
  17. avast blockiert Zugriff auf roore.ws/updatet.exe
    Plagegeister aller Art und deren Bekämpfung - 16.11.2009 (15)

Zum Thema winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? - Ich habe keine Adminrechte wenn ich was löschen will sagt er halt "Sie müssen Administratorberechtigungen angeben..." Und der Echtzeit-scanner lässt sich nicht Aktivieren... FRST Logfile: Code: Alles auswählen Aufklappen ATTFilter - winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ?...
Archiv
Du betrachtest: winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.