|
Log-Analyse und Auswertung: Spyhunter lässt sich nicht entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
23.05.2014, 10:57 | #16 |
/// the machine /// TB-Ausbilder | Spyhunter lässt sich nicht entfernen Der ist sauber, dann bitte den Rest von oben
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
24.05.2014, 17:27 | #17 |
| Spyhunter lässt sich nicht entfernen Morgen!
__________________Es sieht so aus als wäre er sauber, aber wie gesagt taucht spyhunter immer noch in den aufgelisteten Programmen vor,wenn man eins deinstallieren möchte. Bei SecurityCheck öffnet sich das Dos-Fenster, man wird aufgefordert eine Taste zu drücken und danach kommt diese Fehlermeldung: UNSUPPORTED OPERATING SYSTEM! ABORTED! Bin ich irgendwie zu doof? Letztens hat das Programm doch noch funktioniert... Gruss, JackRien Code:
ATTFilter Results of screen317's Security Check version 0.99.83 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` G Data TotalProtection Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Adobe Flash Player 13.0.0.214 Adobe Reader 10.1.10 Adobe Reader out of Date! Google Chrome 22.0.1229.95 ````````Process Check: objlist.exe by Laurent```````` G Data TotalProtection Firewall GDFwSvcx64.exe G Data TotalProtection Firewall GDFirewallTray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014 1 Ran by Zahnhaus-Pc (administrator) on ZH-PC on 24-05-2014 18:20:27 Running from C:\Users\Zahnhaus-Pc\Downloads Platform: Windows 8.1 Pro with Media Center (Update 1) (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Deutsche Telekom AG) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\Browser7.exe (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(3).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-20] (ASUS) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2012-07-03] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-23] (cyberlink) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG) HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] ( (Atheros Communications)) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1775808 2014-05-21] (Valve Corporation) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Policies\Explorer: [NoSaveSettings] 0 AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-01] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com/" ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG) S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [117560 2014-05-17] (Deutsche Telekom AG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink) R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3831416 2014-03-20] (G Data Software AG) R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG) S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1637496 2013-12-19] (G Data Software AG) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] () S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-02-03] (G Data Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-09] (G Data Software AG) R3 gddcd; C:\WINDOWS\system32\drivers\gddcd64.sys [78848 2014-05-09] (G Data Software AG) R1 gddcv; C:\WINDOWS\system32\drivers\gddcv64.sys [58880 2014-05-09] (G Data Software AG) R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [22016 2014-05-09] (G Data Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-05-09] (G Data Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-05-09] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-05-09] (G Data Software AG) R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-05-09] (G Data Software) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-05-09] (G Data Software AG) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [300320 2014-03-04] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2014-05-09] (G Data Software) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation) R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== Code:
ATTFilter ==================== One Month Created Files and Folders ======== 2014-05-24 18:15 - 2014-05-24 18:16 - 02066432 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(3).exe 2014-05-24 18:12 - 2014-05-24 18:12 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(4).exe 2014-05-24 11:06 - 2014-05-24 18:04 - 00045539 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-24 10:22 - 2014-05-24 10:22 - 00017214 _____ () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland).htm 2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland)-Dateien 2014-05-24 07:32 - 2014-05-24 07:32 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(3).exe 2014-05-24 07:26 - 2014-05-24 07:26 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(2).exe 2014-05-24 07:24 - 2014-05-24 07:24 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(1).exe 2014-05-22 12:58 - 2014-05-22 12:58 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck.exe 2014-05-22 12:55 - 2014-05-22 12:55 - 00015234 _____ () C:\Users\Zahnhaus-Pc\Desktop\Gdata.txt 2014-05-22 12:51 - 2014-05-22 12:51 - 00021388 _____ () C:\Users\Zahnhaus-Pc\Desktop\G Data Protokoll ID 48.html 2014-05-19 18:40 - 2014-05-19 18:40 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-19 18:38 - 2014-05-19 18:38 - 02347384 _____ (ESET) C:\Users\Zahnhaus-Pc\Downloads\esetsmartinstaller_deu.exe 2014-05-18 17:47 - 2014-05-18 17:47 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\02 2014-05-18 17:46 - 2014-05-18 17:47 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\01 2014-05-18 17:22 - 2014-05-18 17:22 - 02067456 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(2).exe 2014-05-18 17:14 - 2014-05-18 17:14 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(3).exe 2014-05-18 15:19 - 2014-05-18 15:19 - 01325827 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner_3.208.exe 2014-05-18 14:50 - 2014-05-18 14:50 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-18 14:50 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-05-18 14:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-05-18 14:50 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-05-18 14:49 - 2014-05-18 14:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004(1).exe 2014-05-17 10:31 - 2014-05-17 10:31 - 00001594 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iPod 2014-05-17 07:54 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-05-17 07:54 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-05-17 07:54 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-05-17 07:54 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe 2014-05-17 07:54 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe 2014-05-17 07:53 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-17 07:53 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-17 07:53 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-17 07:53 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-17 07:53 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-05-17 07:53 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-05-17 07:53 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2014-05-17 07:53 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-05-17 07:53 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-05-17 07:53 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-05-17 07:53 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-05-17 07:53 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-05-17 07:53 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-05-17 07:53 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-05-17 07:53 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-17 07:53 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-05-17 07:53 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-17 07:53 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-05-17 07:53 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-05-17 07:53 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-05-17 07:53 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-05-17 07:53 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2014-05-17 07:53 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-05-17 07:53 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-05-17 07:53 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-05-17 07:53 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-05-17 07:53 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-05-17 07:53 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-05-17 07:53 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-05-17 07:53 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-05-17 07:53 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-05-17 07:53 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll 2014-05-17 07:53 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll 2014-05-17 07:53 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll 2014-05-17 07:53 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll 2014-05-17 07:53 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-05-17 07:53 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-05-12 23:13 - 2014-05-12 23:13 - 02066944 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(1).exe 2014-05-12 18:22 - 2014-05-12 18:23 - 02066944 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64.exe 2014-05-12 18:22 - 2014-05-12 18:22 - 00000484 _____ () C:\Users\Zahnhaus-Pc\Downloads\defogger_disable.log 2014-05-12 18:22 - 2014-05-12 18:22 - 00000000 _____ () C:\Users\Zahnhaus-Pc\defogger_reenable 2014-05-12 18:21 - 2014-05-12 18:21 - 00050477 _____ () C:\Users\Zahnhaus-Pc\Downloads\Defogger.exe 2014-05-09 20:36 - 2014-05-09 20:36 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys 2014-05-09 20:36 - 2014-05-09 20:36 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys 2014-05-09 20:29 - 2014-05-09 20:29 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(2).exe 2014-05-09 20:28 - 2014-05-09 20:28 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe 2014-05-09 20:27 - 2014-05-09 20:28 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe 2014-05-09 20:19 - 2014-05-09 20:19 - 00135168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00098760 _____ (G Data Software) C:\WINDOWS\system32\Drivers\TS4nt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00078848 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00071168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00065024 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00058880 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcv64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00057344 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00002065 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\G DATA Software 2014-05-09 19:55 - 2014-05-09 20:19 - 00022016 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys 2014-05-09 19:55 - 2014-05-09 20:19 - 00001558 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdscan.log 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdfw.log 2014-05-09 19:45 - 2014-05-09 19:46 - 00029344 _____ () C:\Users\Zahnhaus-Pc\Documents\cc_20140509_194556.reg 2014-05-09 19:34 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2014-05-09 19:29 - 2014-05-09 19:29 - 00411144 _____ () C:\Users\Zahnhaus-Pc\Downloads\AVCleaner.exe 2014-05-09 19:17 - 2014-05-09 19:23 - 502900048 _____ (G Data Software AG) C:\Users\Zahnhaus-Pc\Downloads\INT_R_FUL_2015_TP.exe 2014-05-09 15:49 - 2014-05-18 15:08 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-05-09 15:31 - 2014-05-09 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-09 15:30 - 2014-05-09 15:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-09 15:25 - 2014-05-09 15:25 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(2).exe 2014-05-09 15:23 - 2014-05-09 15:23 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-05-09 15:22 - 2014-05-09 15:22 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(1).exe 2014-05-09 15:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-05-09 15:17 - 2014-05-09 15:17 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(1).exe 2014-05-09 15:16 - 2014-05-09 15:16 - 00000000 ____D () C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP 2014-05-09 15:09 - 2014-05-09 15:09 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT.exe 2014-05-09 15:04 - 2014-05-18 15:49 - 00000000 ____D () C:\AdwCleaner 2014-05-09 15:04 - 2014-05-09 15:04 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner.exe 2014-05-09 15:02 - 2014-05-09 15:02 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe 2014-05-07 21:47 - 2014-05-07 21:47 - 00919936 _____ (Enigma Software Group USA, LLC.) C:\Users\Zahnhaus-Pc\Downloads\RegHunter-Installer.exe 2014-05-07 21:02 - 2014-05-07 21:02 - 00000000 _____ () C:\autoexec.bat 2014-05-07 21:01 - 2014-05-09 19:57 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-05-07 20:49 - 2014-05-07 22:16 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Roaming\Nico Mak Computing 2014-05-07 20:48 - 2014-05-07 20:48 - 04892480 _____ (WinZip International LLC ) C:\Users\Zahnhaus-Pc\Downloads\wzmp_8.exe 2014-05-07 20:38 - 2014-05-07 20:38 - 00002784 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-05-07 20:38 - 2014-05-07 20:38 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-07 20:38 - 2014-05-07 20:38 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-07 20:37 - 2014-05-07 20:37 - 03671432 _____ (Piriform Ltd) C:\Users\Zahnhaus-Pc\Downloads\ccsetup413_slim.exe 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieUserList 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieSiteList 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-04-27 15:39 - 2014-04-27 15:39 - 00000222 _____ () C:\Users\Zahnhaus-Pc\Desktop\Crusader Kings II.url ==================== One Month Modified Files and Folders ======= 2014-05-24 18:20 - 2014-04-18 11:58 - 00025058 _____ () C:\Users\Zahnhaus-Pc\Downloads\FRST.txt 2014-05-24 18:20 - 2014-04-18 11:58 - 00000000 ____D () C:\FRST 2014-05-24 18:16 - 2014-05-24 18:15 - 02066432 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(3).exe 2014-05-24 18:12 - 2014-05-24 18:12 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(4).exe 2014-05-24 18:07 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-05-24 18:07 - 2013-09-30 05:58 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2014-05-24 18:07 - 2013-09-30 05:58 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2014-05-24 18:04 - 2014-05-24 11:06 - 00045539 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-24 18:04 - 2013-03-01 21:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-24 18:01 - 2014-04-05 07:23 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-24 18:01 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-24 18:01 - 2013-01-16 00:54 - 00000401 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\sp_data.sys 2014-05-24 18:00 - 2014-03-04 23:40 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service 2014-05-24 18:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-05-24 18:00 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-05-24 18:00 - 2013-02-03 19:33 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1E17A8A-5B48-402D-87AD-B3C102C255C3} 2014-05-24 17:33 - 2014-04-05 07:23 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-24 10:22 - 2014-05-24 10:22 - 00017214 _____ () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland).htm 2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland)-Dateien 2014-05-24 07:35 - 2014-01-10 00:33 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Local\CrashDumps 2014-05-24 07:32 - 2014-05-24 07:32 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(3).exe 2014-05-24 07:26 - 2014-05-24 07:26 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(2).exe 2014-05-24 07:24 - 2014-05-24 07:24 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(1).exe 2014-05-24 06:26 - 2013-01-16 00:59 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-694943857-1465044934-2268448326-1002 2014-05-23 15:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-05-22 12:58 - 2014-05-22 12:58 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck.exe 2014-05-22 12:55 - 2014-05-22 12:55 - 00015234 _____ () C:\Users\Zahnhaus-Pc\Desktop\Gdata.txt 2014-05-22 12:51 - 2014-05-22 12:51 - 00021388 _____ () C:\Users\Zahnhaus-Pc\Desktop\G Data Protokoll ID 48.html 2014-05-19 18:40 - 2014-05-19 18:40 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-19 18:38 - 2014-05-19 18:38 - 02347384 _____ (ESET) C:\Users\Zahnhaus-Pc\Downloads\esetsmartinstaller_deu.exe 2014-05-18 17:47 - 2014-05-18 17:47 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\02 2014-05-18 17:47 - 2014-05-18 17:46 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\01 2014-05-18 17:22 - 2014-05-18 17:22 - 02067456 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(2).exe 2014-05-18 17:14 - 2014-05-18 17:14 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(3).exe 2014-05-18 17:13 - 2014-03-04 23:40 - 00000000 ____D () C:\Program Files (x86)\Deutsche Telekom AG 2014-05-18 17:09 - 2013-01-16 22:25 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2014-05-18 17:09 - 2012-08-17 02:52 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-18 17:08 - 2013-01-16 00:54 - 00000000 ___RD () C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-18 17:08 - 2013-01-16 00:54 - 00000000 ___RD () C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-18 16:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-05-18 15:49 - 2014-05-09 15:04 - 00000000 ____D () C:\AdwCleaner 2014-05-18 15:19 - 2014-05-18 15:19 - 01325827 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner_3.208.exe 2014-05-18 15:08 - 2014-05-09 15:49 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-05-18 14:50 - 2014-05-18 14:50 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-18 14:49 - 2014-05-18 14:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004(1).exe 2014-05-17 10:31 - 2014-05-17 10:31 - 00001594 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iPod 2014-05-17 10:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates 2014-05-17 10:26 - 2013-01-16 00:52 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Local\Packages 2014-05-17 10:25 - 2013-09-03 14:24 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-17 10:23 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-05-17 10:23 - 2013-01-17 00:09 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-17 08:04 - 2013-03-01 21:52 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-05-12 23:16 - 2014-04-18 11:58 - 00034789 _____ () C:\Users\Zahnhaus-Pc\Downloads\Addition.txt 2014-05-12 23:13 - 2014-05-12 23:13 - 02066944 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64(1).exe 2014-05-12 18:23 - 2014-05-12 18:22 - 02066944 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64.exe 2014-05-12 18:22 - 2014-05-12 18:22 - 00000484 _____ () C:\Users\Zahnhaus-Pc\Downloads\defogger_disable.log 2014-05-12 18:22 - 2014-05-12 18:22 - 00000000 _____ () C:\Users\Zahnhaus-Pc\defogger_reenable 2014-05-12 18:22 - 2013-10-22 00:41 - 00000000 ____D () C:\Users\Zahnhaus-Pc 2014-05-12 18:21 - 2014-05-12 18:21 - 00050477 _____ () C:\Users\Zahnhaus-Pc\Downloads\Defogger.exe 2014-05-09 20:36 - 2014-05-09 20:36 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys 2014-05-09 20:36 - 2014-05-09 20:36 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys 2014-05-09 20:29 - 2014-05-09 20:29 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(2).exe 2014-05-09 20:29 - 2013-01-16 22:27 - 00000000 ____D () C:\ProgramData\G DATA 2014-05-09 20:28 - 2014-05-09 20:28 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe 2014-05-09 20:28 - 2014-05-09 20:27 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe 2014-05-09 20:19 - 2014-05-09 20:19 - 00135168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00098760 _____ (G Data Software) C:\WINDOWS\system32\Drivers\TS4nt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00078848 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00071168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00065024 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00058880 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcv64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00057344 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00002065 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\G DATA Software 2014-05-09 20:19 - 2014-05-09 19:55 - 00022016 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys 2014-05-09 20:19 - 2014-05-09 19:55 - 00001558 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdscan.log 2014-05-09 20:18 - 2013-01-16 22:27 - 00000000 ____D () C:\Program Files (x86)\G Data 2014-05-09 19:57 - 2014-05-07 21:01 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-05-09 19:57 - 2014-03-14 23:14 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdfw.log 2014-05-09 19:46 - 2014-05-09 19:45 - 00029344 _____ () C:\Users\Zahnhaus-Pc\Documents\cc_20140509_194556.reg 2014-05-09 19:29 - 2014-05-09 19:29 - 00411144 _____ () C:\Users\Zahnhaus-Pc\Downloads\AVCleaner.exe 2014-05-09 19:23 - 2014-05-09 19:17 - 502900048 _____ (G Data Software AG) C:\Users\Zahnhaus-Pc\Downloads\INT_R_FUL_2015_TP.exe 2014-05-09 15:31 - 2014-05-09 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-09 15:30 - 2014-05-09 15:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-09 15:25 - 2014-05-09 15:25 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(2).exe 2014-05-09 15:23 - 2014-05-09 15:23 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-05-09 15:22 - 2014-05-09 15:22 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(1).exe 2014-05-09 15:17 - 2014-05-09 15:17 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(1).exe 2014-05-09 15:16 - 2014-05-09 15:16 - 00000000 ____D () C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP 2014-05-09 15:09 - 2014-05-09 15:09 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT.exe 2014-05-09 15:04 - 2014-05-09 15:04 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner.exe 2014-05-09 15:02 - 2014-05-09 15:02 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe 2014-05-07 22:16 - 2014-05-07 20:49 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Roaming\Nico Mak Computing 2014-05-07 21:53 - 2013-09-13 10:07 - 00000000 ___RD () C:\Users\Zahnhaus-Pc\Desktop\Asus 2014-05-07 21:52 - 2013-10-22 12:44 - 00001452 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-05-07 21:47 - 2014-05-07 21:47 - 00919936 _____ (Enigma Software Group USA, LLC.) C:\Users\Zahnhaus-Pc\Downloads\RegHunter-Installer.exe 2014-05-07 21:02 - 2014-05-07 21:02 - 00000000 _____ () C:\autoexec.bat 2014-05-07 20:48 - 2014-05-07 20:48 - 04892480 _____ (WinZip International LLC ) C:\Users\Zahnhaus-Pc\Downloads\wzmp_8.exe 2014-05-07 20:38 - 2014-05-07 20:38 - 00002784 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-05-07 20:38 - 2014-05-07 20:38 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-07 20:38 - 2014-05-07 20:38 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-07 20:37 - 2014-05-07 20:37 - 03671432 _____ (Piriform Ltd) C:\Users\Zahnhaus-Pc\Downloads\ccsetup413_slim.exe 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieUserList 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieSiteList 2014-05-06 09:28 - 2014-04-05 07:23 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-06 09:28 - 2014-04-05 07:23 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-06 06:40 - 2014-05-17 07:53 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-06 05:25 - 2014-05-17 07:53 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-06 05:00 - 2014-05-17 07:53 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-17 07:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-05-01 22:30 - 2014-04-18 19:54 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-05-01 22:30 - 2014-04-18 19:54 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-01 18:37 - 2014-01-07 00:16 - 00578720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-27 15:39 - 2014-04-27 15:39 - 00000222 _____ () C:\Users\Zahnhaus-Pc\Desktop\Crusader Kings II.url Some content of TEMP: ==================== C:\Users\Zahnhaus-Pc\AppData\Local\Temp\Quarantine.exe C:\Users\Zahnhaus-Pc\AppData\Local\Temp\RHSetup.exe C:\Users\Zahnhaus-Pc\AppData\Local\Temp\SHSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-18 16:00 ==================== End Of Log ============================ --- --- --- Steht noch immer da: Spyhunter, Enigma Software Group, 50,6mb, 4.17.6.4336 |
25.05.2014, 18:12 | #18 |
/// the machine /// TB-Ausbilder | Spyhunter lässt sich nicht entfernen Öffne mal bitte FRST, setz nen Haken bei Addition und scanne, poste beide Logs. Das ist nur ein Rest in der Registry.
__________________Adobe updaten.
__________________ |
25.05.2014, 18:54 | #19 |
| Spyhunter lässt sich nicht entfernenCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 01 Ran by Zahnhaus-Pc at 2014-05-25 19:46:30 Running from C:\Users\Zahnhaus-Pc\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: G Data TotalProtection (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: G Data TotalProtection (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installed Programs ====================== Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.) Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.9.142.62248 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.9.142.62248 - Alcor Micro Corp.) Hidden Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASUS Foto Designer (HKLM-x32\...\MAGIX_{2B962F32-78E6-4585-AF24-073AD36B6590}) (Version: 7.0.1.2 - MAGIX AG) ASUS Foto Designer (x32 Version: 7.0.1.2 - MAGIX AG) Hidden ASUS Foto Manager (HKLM-x32\...\MAGIX_{2A3A883D-B2AB-427D-B094-27D6241E0944}) (Version: 8.0.3.222 - MAGIX AG) ASUS Foto Manager (x32 Version: 8.0.3.217 - MAGIX AG) Hidden ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS) ASUS Instant Key (HKLM-x32\...\{D97A1B80-131F-4692-9543-E652956D8B99}) (Version: 1.0.5 - ASUS) ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS) ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS) ASUS Music Maker (HKLM-x32\...\MAGIX_{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}) (Version: 17.0.2.38 - MAGIX AG) ASUS Music Maker (x32 Version: 17.0.2.38 - MAGIX AG) Hidden ASUS N Series Demo (HKLM-x32\...\{246B4AFF-6540-4B72-93E8-B9EB86D37589}) (Version: 1.0.0003 - ASUS) ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS) ASUS Product Demo Movie (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS ) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS) ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS) ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4712 - CyberLink Corp.) ASUS Video Magic (x32 Version: 6.0.4712 - CyberLink Corp.) Hidden ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.26 - ASUS) ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation) ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.) ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 18414980.4759644.48.2000303944 - Audible, Inc.) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.2 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Browser 7 der Telekom (HKLM-x32\...\Browser 7 der Telekom 28.0.28 (x86 de)) (Version: 28.0.28 - Deutsche Telekom AG) Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 28.0.28 - Deutsche Telekom AG) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5415 - CyberLink Corp.) CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3019_44673 - CyberLink Corp.) CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3019_44673 - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.3625 - CyberLink Corp.) CyberLink Power2Go (x32 Version: 7.0.0.3625 - CyberLink Corp.) Hidden CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.4905d - CyberLink Corp.) CyberLink PowerDirector (x32 Version: 8.0.4905d - CyberLink Corp.) Hidden eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio) Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG) G Data TotalProtection (HKLM-x32\...\{6715BEB5-01F1-41AC-B44B-0A78CD50C433}) (Version: 25.0.1.2 - G Data Software AG) GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version: - Paradox Interactive) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel PROSet Wireless (Version: - ) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{5D871D59-6D4C-4619-AC2A-A63604E426B5}) (Version: 15.05.5000.1567 - Intel Corporation) Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden Internet Explorer (x32 Version: 9 - Microsoft Corporation) Hidden iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH) MAGIX Online Druck Service (x32 Version: 1.1.0 - myphotobook GmbH) Hidden Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Microsoft Office 365 Small Business Premium - de-de (HKLM\...\O365SmallBusPremRetail - de-de) (Version: 15.0.4615.1002 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation) NVIDIA Grafiktreiber 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation) NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (Version: 15.0.4615.1002 - Microsoft Corporation) Hidden OMC ModPack Version 0.9.0.0 (HKLM-x32\...\{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1) (Version: 0.9.0.0 - Odem Mortis) Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.) Port Royale 3 (HKLM-x32\...\Steam App 205610) (Version: - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6710 - Realtek Semiconductor Corp.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly) Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly) Victoria II (HKLM-x32\...\Steam App 42960) (Version: - Paradox Interactive) Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS) World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net) World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net) World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version: - Wargaming.net) ==================== Restore Points ========================= 17-05-2014 06:08:32 Windows Update 24-05-2014 17:07:26 Geplanter Prüfpunkt ==================== Hosts content: ========================== 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {010B14FD-6085-4F91-BCD7-C704A09C664F} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS) Task: {04D1E118-3CF6-441D-96CF-A734060E5683} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {06F30642-D5A5-46F9-93B8-2D1DBA34CC22} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {13CA8121-1CEB-4E0C-AC7D-1C9E5F86F195} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {16B7D9AC-0495-4E8E-9330-204E3BE5A489} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-05-24] (Microsoft Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2C9B88A9-F7ED-4167-BB16-97640B2A3A2B} - \SpyHunter4Startup No Task File <==== ATTENTION Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {56ED4A32-742E-4CFC-949F-3829E9EA2561} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek) Task: {5E0D41A0-96DA-4568-AD95-942004CF061E} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6CF6B014-D5E5-4EC1-83DE-921ACAA014CD} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {720373FA-6D78-4CD1-899A-5D1B33F8D054} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.) Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {89DED3A1-2FF6-4784-A538-7B21A1F2DE4B} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {8DD2687F-39A9-4FBE-A798-6767391B8076} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd) Task: {92E8E1A7-7AE4-4A9B-86EF-F621E372BAE2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-05-17] (Microsoft Corporation) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A4DC6B61-EE83-4DAA-BDFD-9895C81F6B8F} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {ADA2D623-9D60-47D8-8FC7-5276AD4FED75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.) Task: {B939C6D4-B681-4339-9F86-49546A3E4CDE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-17] (Adobe Systems Incorporated) Task: {C456F798-750D-44E9-A9C4-71626390850C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-05] (Google Inc.) Task: {C78A255F-BEE0-4A64-B296-0CFEE80F9657} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EF6ED376-FB12-47EC-A5D9-D2C5AD5B4514} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {FAFC75EF-F732-41FB-8810-7DEE2CFF06C4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-04-15] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-11-03 19:12 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2012-11-13 08:57 - 2013-12-19 20:53 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2007-01-12 11:04 - 2007-01-12 11:04 - 00022016 _____ () C:\WINDOWS\System32\sugo1l6.dll 2014-03-30 07:55 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-03-17 13:52 - 2014-04-15 03:39 - 00630952 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2012-11-13 09:13 - 2009-04-17 12:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll 2013-09-25 04:04 - 2013-09-25 04:04 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-25 04:01 - 2013-09-25 04:01 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll 2013-09-25 04:08 - 2013-09-25 04:08 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-04-18 14:09 - 2014-04-18 14:09 - 00393384 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-09-11 16:01 - 2012-09-11 16:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll 2013-11-03 19:12 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2014-05-24 18:01 - 2014-04-30 02:08 - 01135104 _____ () D:\Program Files (x86)\Steam\libavcodec-55.dll 2014-05-24 18:01 - 2014-04-30 02:08 - 00404992 _____ () D:\Program Files (x86)\Steam\libavformat-55.dll 2014-05-24 18:01 - 2014-04-30 02:08 - 00340992 _____ () D:\Program Files (x86)\Steam\libavresample-1.dll 2014-05-24 18:01 - 2014-04-30 02:08 - 00471552 _____ () D:\Program Files (x86)\Steam\libavutil-53.dll 2014-05-24 18:01 - 2014-05-17 03:36 - 00756224 _____ () D:\Program Files (x86)\Steam\SDL2.dll 2014-05-24 18:01 - 2014-04-29 02:37 - 02198720 _____ () D:\Program Files (x86)\Steam\video.dll 2014-05-24 18:01 - 2014-04-29 02:37 - 00519168 _____ () D:\Program Files (x86)\Steam\libswscale-2.dll 2014-05-24 18:01 - 2014-05-21 19:39 - 01145536 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL 2014-05-24 18:01 - 2014-05-02 01:35 - 20628160 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll 2013-07-18 14:51 - 2013-06-15 01:49 - 01100800 _____ () D:\Program Files (x86)\Steam\bin\avcodec-53.dll 2013-07-18 14:51 - 2013-06-15 01:49 - 00124416 _____ () D:\Program Files (x86)\Steam\bin\avutil-51.dll 2013-07-18 14:51 - 2013-06-15 01:49 - 00192000 _____ () D:\Program Files (x86)\Steam\bin\avformat-53.dll 2012-07-04 19:14 - 2012-07-04 19:14 - 01875056 _____ () C:\Program Files (x86)\CyberLink\Power2Go\Language\DEU\P2GRC.dll 2011-03-09 15:21 - 2011-03-09 15:21 - 00144680 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLVistaAudioMixer.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2012-05-24 22:19 - 2012-05-24 22:19 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 15:21 - 2011-03-09 15:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2014-05-17 08:00 - 2014-05-17 08:00 - 03330360 _____ () C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\mozjs.dll 2012-11-13 08:53 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/25/2014 07:41:17 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/25/2014 11:49:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3172 Error: (05/25/2014 11:49:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3172 Error: (05/25/2014 11:49:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/25/2014 11:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2125 Error: (05/25/2014 11:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2125 Error: (05/25/2014 11:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/25/2014 11:49:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1078 Error: (05/25/2014 11:49:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1078 Error: (05/25/2014 11:49:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (05/25/2014 07:41:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst GDBackupSvc erreicht. Error: (05/25/2014 10:15:29 AM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (05/25/2014 10:14:58 AM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/24/2014 06:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/24/2014 06:01:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (05/24/2014 06:00:35 PM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/24/2014 06:00:35 PM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/24/2014 11:17:43 AM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/24/2014 11:17:13 AM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (05/24/2014 11:06:35 AM) (Source: DCOM) (EventID: 10010) (User: ZH-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Microsoft Office Sessions: ========================= Error: (05/25/2014 07:41:17 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (05/25/2014 11:49:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3172 Error: (05/25/2014 11:49:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 3172 Error: (05/25/2014 11:49:35 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/25/2014 11:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 2125 Error: (05/25/2014 11:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 2125 Error: (05/25/2014 11:49:34 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/25/2014 11:49:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1078 Error: (05/25/2014 11:49:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1078 Error: (05/25/2014 11:49:33 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second ==================== Memory info =========================== Percentage of memory in use: 26% Total physical RAM: 8013.43 MB Available physical RAM: 5884.79 MB Total Pagefile: 9293.43 MB Available Pagefile: 6670.42 MB Total Virtual: 131072 MB Available Virtual: 131071.85 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:190.38 GB) (Free:14.74 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (DATA) (Fixed) (Total:271.75 GB) (Free:73.9 GB) NTFS Drive e: (Volume) (Fixed) (Total:698.64 GB) (Free:698.4 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 477 GB) (Disk ID: C4A8745A) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 699 GB) (Disk ID: C2CADF18) Partition: GPT Partition Type. ==================== End Of Log ============================ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01 Ran by Zahnhaus-Pc (administrator) on ZH-PC on 25-05-2014 19:46:03 Running from C:\Users\Zahnhaus-Pc\Downloads Platform: Windows 8.1 Pro with Media Center (Update 1) (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (Deutsche Telekom AG) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\Browser7.exe (Mozilla Corporation) C:\Program Files (x86)\Deutsche Telekom AG\Browser 7\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ASUS InstantKey] => C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-20] (ASUS) HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2012-07-03] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-23] (cyberlink) HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG) HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] ( (Atheros Communications)) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [Steam] => D:\Program Files (x86)\Steam\Steam.exe [1775808 2014-05-21] (Valve Corporation) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-694943857-1465044934-2268448326-1002\...\Policies\Explorer: [NoSaveSettings] 0 AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation) AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation) Startup: C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) ==================== Internet (Whitelisted) ==================== HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-01] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "hxxp://www.google.com/" ==================== Services (Whitelisted) ================= R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG) S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [117560 2014-05-17] (Deutsche Telekom AG) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2266296 2014-05-16] (Microsoft Corporation) S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink) R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3831416 2014-03-20] (G Data Software AG) R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG) S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1637496 2013-12-19] (G Data Software AG) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-24] () R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] () S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-02-03] (G Data Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-24] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-09] (G Data Software AG) R3 gddcd; C:\WINDOWS\system32\drivers\gddcd64.sys [78848 2014-05-09] (G Data Software AG) R1 gddcv; C:\WINDOWS\system32\drivers\gddcv64.sys [58880 2014-05-09] (G Data Software AG) R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [22016 2014-05-09] (G Data Software AG) R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-05-09] (G Data Software AG) R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-05-09] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-05-09] (G Data Software AG) R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-05-09] (G Data Software) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.) R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-05-09] (G Data Software AG) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( ) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation) R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [300320 2014-03-04] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2014-05-09] (G Data Software) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation) R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== Code:
ATTFilter ==================== One Month Created Files and Folders ======== 2014-05-25 19:44 - 2014-05-25 19:44 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Downloads\FRST-OlderVersion 2014-05-25 19:42 - 2014-05-25 19:42 - 00002956 _____ () C:\WINDOWS\PFRO.log 2014-05-24 19:25 - 2014-05-24 19:25 - 00262144 _____ () C:\WINDOWS\SysWOW64\18 2014-05-24 19:25 - 2014-05-24 19:25 - 00000000 __SHD () C:\#GDATA.Trash.Store# 2014-05-24 19:24 - 2014-05-24 19:24 - 00262144 _____ () C:\WINDOWS\SysWOW64\?« 2014-05-24 18:21 - 2014-05-24 18:23 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\03 2014-05-24 18:12 - 2014-05-24 18:12 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(4).exe 2014-05-24 11:06 - 2014-05-25 19:41 - 00097512 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-24 10:22 - 2014-05-24 10:22 - 00017214 _____ () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland).htm 2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland)-Dateien 2014-05-24 07:32 - 2014-05-24 07:32 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(3).exe 2014-05-24 07:26 - 2014-05-24 07:26 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(2).exe 2014-05-24 07:24 - 2014-05-24 07:24 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(1).exe 2014-05-22 12:58 - 2014-05-22 12:58 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck.exe 2014-05-22 12:55 - 2014-05-22 12:55 - 00015234 _____ () C:\Users\Zahnhaus-Pc\Desktop\Gdata.txt 2014-05-22 12:51 - 2014-05-22 12:51 - 00021388 _____ () C:\Users\Zahnhaus-Pc\Desktop\G Data Protokoll ID 48.html 2014-05-19 18:40 - 2014-05-19 18:40 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-19 18:38 - 2014-05-19 18:38 - 02347384 _____ (ESET) C:\Users\Zahnhaus-Pc\Downloads\esetsmartinstaller_deu.exe 2014-05-18 17:47 - 2014-05-18 17:47 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\02 2014-05-18 17:46 - 2014-05-18 17:47 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\01 2014-05-18 17:14 - 2014-05-18 17:14 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(3).exe 2014-05-18 15:19 - 2014-05-18 15:19 - 01325827 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner_3.208.exe 2014-05-18 14:50 - 2014-05-18 14:50 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-18 14:50 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-05-18 14:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-05-18 14:50 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-05-18 14:49 - 2014-05-18 14:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004(1).exe 2014-05-17 10:31 - 2014-05-17 10:31 - 00001594 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iPod 2014-05-17 07:54 - 2014-03-24 04:30 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-05-17 07:54 - 2014-03-24 04:30 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-05-17 07:54 - 2014-03-24 04:27 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-05-17 07:54 - 2014-03-13 09:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe 2014-05-17 07:54 - 2014-03-13 08:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe 2014-05-17 07:53 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-17 07:53 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-17 07:53 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-17 07:53 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-17 07:53 - 2014-04-11 12:03 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-05-17 07:53 - 2014-04-11 12:03 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-05-17 07:53 - 2014-04-11 10:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2014-05-17 07:53 - 2014-04-11 08:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-05-17 07:53 - 2014-04-11 07:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-05-17 07:53 - 2014-04-11 07:22 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-05-17 07:53 - 2014-04-11 05:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-05-17 07:53 - 2014-04-11 05:36 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-05-17 07:53 - 2014-04-11 05:24 - 13288960 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-05-17 07:53 - 2014-04-11 05:06 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-05-17 07:53 - 2014-04-11 05:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-17 07:53 - 2014-04-11 05:05 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-05-17 07:53 - 2014-04-11 05:02 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-05-17 07:53 - 2014-04-11 05:02 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-05-17 07:53 - 2014-04-11 05:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-05-17 07:53 - 2014-04-11 05:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-05-17 07:53 - 2014-04-11 04:59 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-05-17 07:53 - 2014-04-11 04:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2014-05-17 07:53 - 2014-04-11 04:56 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-05-17 07:53 - 2014-04-11 04:55 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-05-17 07:53 - 2014-04-11 04:53 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-05-17 07:53 - 2014-04-11 04:52 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-05-17 07:53 - 2014-04-11 04:46 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-05-17 07:53 - 2014-04-11 04:36 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-05-17 07:53 - 2014-04-11 04:34 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-05-17 07:53 - 2014-04-11 04:29 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-05-17 07:53 - 2014-04-11 04:25 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-05-17 07:53 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll 2014-05-17 07:53 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll 2014-05-17 07:53 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll 2014-05-17 07:53 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll 2014-05-17 07:53 - 2014-03-27 11:12 - 21225584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-05-17 07:53 - 2014-03-27 09:48 - 18679728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-05-12 18:22 - 2014-05-25 19:44 - 02066944 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64.exe 2014-05-12 18:22 - 2014-05-12 18:22 - 00000484 _____ () C:\Users\Zahnhaus-Pc\Downloads\defogger_disable.log 2014-05-12 18:22 - 2014-05-12 18:22 - 00000000 _____ () C:\Users\Zahnhaus-Pc\defogger_reenable 2014-05-12 18:21 - 2014-05-12 18:21 - 00050477 _____ () C:\Users\Zahnhaus-Pc\Downloads\Defogger.exe 2014-05-09 20:36 - 2014-05-09 20:36 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys 2014-05-09 20:36 - 2014-05-09 20:36 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys 2014-05-09 20:29 - 2014-05-09 20:29 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(2).exe 2014-05-09 20:28 - 2014-05-09 20:28 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe 2014-05-09 20:27 - 2014-05-09 20:28 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe 2014-05-09 20:19 - 2014-05-09 20:19 - 00135168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00098760 _____ (G Data Software) C:\WINDOWS\system32\Drivers\TS4nt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00078848 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00071168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00065024 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00058880 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcv64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00057344 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00002065 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\G DATA Software 2014-05-09 19:55 - 2014-05-09 20:19 - 00022016 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys 2014-05-09 19:55 - 2014-05-09 20:19 - 00001558 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdscan.log 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdfw.log 2014-05-09 19:45 - 2014-05-09 19:46 - 00029344 _____ () C:\Users\Zahnhaus-Pc\Documents\cc_20140509_194556.reg 2014-05-09 19:34 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2014-05-09 19:29 - 2014-05-09 19:29 - 00411144 _____ () C:\Users\Zahnhaus-Pc\Downloads\AVCleaner.exe 2014-05-09 19:17 - 2014-05-09 19:23 - 502900048 _____ (G Data Software AG) C:\Users\Zahnhaus-Pc\Downloads\INT_R_FUL_2015_TP.exe 2014-05-09 15:49 - 2014-05-18 15:08 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-05-09 15:31 - 2014-05-09 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-09 15:30 - 2014-05-09 15:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-09 15:25 - 2014-05-09 15:25 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(2).exe 2014-05-09 15:23 - 2014-05-09 15:23 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-05-09 15:22 - 2014-05-09 15:22 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(1).exe 2014-05-09 15:18 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-05-09 15:17 - 2014-05-09 15:17 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(1).exe 2014-05-09 15:16 - 2014-05-09 15:16 - 00000000 ____D () C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP 2014-05-09 15:09 - 2014-05-09 15:09 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT.exe 2014-05-09 15:04 - 2014-05-18 15:49 - 00000000 ____D () C:\AdwCleaner 2014-05-09 15:04 - 2014-05-09 15:04 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner.exe 2014-05-09 15:02 - 2014-05-09 15:02 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe 2014-05-07 21:47 - 2014-05-07 21:47 - 00919936 _____ (Enigma Software Group USA, LLC.) C:\Users\Zahnhaus-Pc\Downloads\RegHunter-Installer.exe 2014-05-07 21:02 - 2014-05-07 21:02 - 00000000 _____ () C:\autoexec.bat 2014-05-07 21:01 - 2014-05-09 19:57 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-05-07 20:49 - 2014-05-07 22:16 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Roaming\Nico Mak Computing 2014-05-07 20:48 - 2014-05-07 20:48 - 04892480 _____ (WinZip International LLC ) C:\Users\Zahnhaus-Pc\Downloads\wzmp_8.exe 2014-05-07 20:38 - 2014-05-07 20:38 - 00002784 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-05-07 20:38 - 2014-05-07 20:38 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-07 20:38 - 2014-05-07 20:38 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-07 20:37 - 2014-05-07 20:37 - 03671432 _____ (Piriform Ltd) C:\Users\Zahnhaus-Pc\Downloads\ccsetup413_slim.exe 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieUserList 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieSiteList 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-04-27 15:39 - 2014-04-27 15:39 - 00000222 _____ () C:\Users\Zahnhaus-Pc\Desktop\Crusader Kings II.url ==================== One Month Modified Files and Folders ======= 2014-05-25 19:46 - 2014-04-18 11:58 - 00025333 _____ () C:\Users\Zahnhaus-Pc\Downloads\FRST.txt 2014-05-25 19:46 - 2014-04-18 11:58 - 00000000 ____D () C:\FRST 2014-05-25 19:44 - 2014-05-25 19:44 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Downloads\FRST-OlderVersion 2014-05-25 19:44 - 2014-05-12 18:22 - 02066944 _____ (Farbar) C:\Users\Zahnhaus-Pc\Downloads\FRST64.exe 2014-05-25 19:42 - 2014-05-25 19:42 - 00002956 _____ () C:\WINDOWS\PFRO.log 2014-05-25 19:42 - 2014-04-05 07:23 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-25 19:42 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-05-25 19:42 - 2013-01-16 00:54 - 00000401 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\sp_data.sys 2014-05-25 19:41 - 2014-05-24 11:06 - 00097512 _____ () C:\WINDOWS\WindowsUpdate.log 2014-05-25 19:41 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-05-25 19:34 - 2013-02-03 19:33 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B1E17A8A-5B48-402D-87AD-B3C102C255C3} 2014-05-25 19:33 - 2014-04-05 07:23 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-25 19:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-05-25 11:22 - 2013-01-16 00:59 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-694943857-1465044934-2268448326-1002 2014-05-25 11:04 - 2013-03-01 21:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-05-24 19:25 - 2014-05-24 19:25 - 00262144 _____ () C:\WINDOWS\SysWOW64\18 2014-05-24 19:25 - 2014-05-24 19:25 - 00000000 __SHD () C:\#GDATA.Trash.Store# 2014-05-24 19:25 - 2012-11-13 08:57 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-24 19:24 - 2014-05-24 19:24 - 00262144 _____ () C:\WINDOWS\SysWOW64\?« 2014-05-24 18:24 - 2013-03-17 13:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-05-24 18:23 - 2014-05-24 18:21 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\03 2014-05-24 18:12 - 2014-05-24 18:12 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(4).exe 2014-05-24 18:07 - 2013-09-30 06:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-05-24 18:07 - 2013-09-30 05:58 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat 2014-05-24 18:07 - 2013-09-30 05:58 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat 2014-05-24 18:00 - 2014-03-04 23:40 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service 2014-05-24 10:22 - 2014-05-24 10:22 - 00017214 _____ () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland).htm 2014-05-24 10:22 - 2014-05-24 10:22 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Downloads\Reglementierte Berufe - Zahntechniker_in (Deutschland)-Dateien 2014-05-24 07:35 - 2014-01-10 00:33 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Local\CrashDumps 2014-05-24 07:32 - 2014-05-24 07:32 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(3).exe 2014-05-24 07:26 - 2014-05-24 07:26 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(2).exe 2014-05-24 07:24 - 2014-05-24 07:24 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck(1).exe 2014-05-23 15:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-05-22 12:58 - 2014-05-22 12:58 - 00854367 _____ () C:\Users\Zahnhaus-Pc\Downloads\SecurityCheck.exe 2014-05-22 12:55 - 2014-05-22 12:55 - 00015234 _____ () C:\Users\Zahnhaus-Pc\Desktop\Gdata.txt 2014-05-22 12:51 - 2014-05-22 12:51 - 00021388 _____ () C:\Users\Zahnhaus-Pc\Desktop\G Data Protokoll ID 48.html 2014-05-19 18:40 - 2014-05-19 18:40 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-19 18:38 - 2014-05-19 18:38 - 02347384 _____ (ESET) C:\Users\Zahnhaus-Pc\Downloads\esetsmartinstaller_deu.exe 2014-05-18 17:47 - 2014-05-18 17:47 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\02 2014-05-18 17:47 - 2014-05-18 17:46 - 00000000 ____D () C:\Users\Zahnhaus-Pc\Desktop\01 2014-05-18 17:14 - 2014-05-18 17:14 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(3).exe 2014-05-18 17:13 - 2014-03-04 23:40 - 00000000 ____D () C:\Program Files (x86)\Deutsche Telekom AG 2014-05-18 17:09 - 2013-01-16 22:25 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2014-05-18 17:09 - 2012-08-17 02:52 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-05-18 17:08 - 2013-01-16 00:54 - 00000000 ___RD () C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-18 17:08 - 2013-01-16 00:54 - 00000000 ___RD () C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-18 16:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-05-18 15:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-05-18 15:49 - 2014-05-09 15:04 - 00000000 ____D () C:\AdwCleaner 2014-05-18 15:19 - 2014-05-18 15:19 - 01325827 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner_3.208.exe 2014-05-18 15:08 - 2014-05-09 15:49 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-05-18 14:50 - 2014-05-18 14:50 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-18 14:50 - 2014-05-18 14:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-18 14:49 - 2014-05-18 14:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004(1).exe 2014-05-17 10:31 - 2014-05-17 10:31 - 00001594 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iTunes 2014-05-17 10:31 - 2014-05-17 10:31 - 00000000 ____D () C:\Program Files\iPod 2014-05-17 10:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates 2014-05-17 10:26 - 2013-01-16 00:52 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Local\Packages 2014-05-17 10:25 - 2013-09-03 14:24 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-05-17 10:23 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-05-17 10:23 - 2013-01-17 00:09 - 93223848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-05-17 08:04 - 2013-03-01 21:52 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-05-12 23:16 - 2014-04-18 11:58 - 00034789 _____ () C:\Users\Zahnhaus-Pc\Downloads\Addition.txt 2014-05-12 18:22 - 2014-05-12 18:22 - 00000484 _____ () C:\Users\Zahnhaus-Pc\Downloads\defogger_disable.log 2014-05-12 18:22 - 2014-05-12 18:22 - 00000000 _____ () C:\Users\Zahnhaus-Pc\defogger_reenable 2014-05-12 18:22 - 2013-10-22 00:41 - 00000000 ____D () C:\Users\Zahnhaus-Pc 2014-05-12 18:21 - 2014-05-12 18:21 - 00050477 _____ () C:\Users\Zahnhaus-Pc\Downloads\Defogger.exe 2014-05-09 20:36 - 2014-05-09 20:36 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys 2014-05-09 20:36 - 2014-05-09 20:36 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys 2014-05-09 20:29 - 2014-05-09 20:29 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(2).exe 2014-05-09 20:29 - 2013-01-16 22:27 - 00000000 ____D () C:\ProgramData\G DATA 2014-05-09 20:28 - 2014-05-09 20:28 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe 2014-05-09 20:28 - 2014-05-09 20:27 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe 2014-05-09 20:19 - 2014-05-09 20:19 - 00135168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00098760 _____ (G Data Software) C:\WINDOWS\system32\Drivers\TS4nt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00078848 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00071168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00065024 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00058880 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gddcv64.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00057344 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys 2014-05-09 20:19 - 2014-05-09 20:19 - 00002065 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014-05-09 20:19 - 2014-05-09 20:19 - 00000000 ____D () C:\ProgramData\G DATA Software 2014-05-09 20:19 - 2014-05-09 19:55 - 00022016 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys 2014-05-09 20:19 - 2014-05-09 19:55 - 00001558 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdscan.log 2014-05-09 20:18 - 2013-01-16 22:27 - 00000000 ____D () C:\Program Files (x86)\G Data 2014-05-09 19:57 - 2014-05-07 21:01 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP 2014-05-09 19:57 - 2014-03-14 23:14 - 00000000 ____D () C:\WINDOWS\system32\appmgmt 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf 2014-05-09 19:55 - 2014-05-09 19:55 - 00000000 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\gdfw.log 2014-05-09 19:46 - 2014-05-09 19:45 - 00029344 _____ () C:\Users\Zahnhaus-Pc\Documents\cc_20140509_194556.reg 2014-05-09 19:29 - 2014-05-09 19:29 - 00411144 _____ () C:\Users\Zahnhaus-Pc\Downloads\AVCleaner.exe 2014-05-09 19:23 - 2014-05-09 19:17 - 502900048 _____ (G Data Software AG) C:\Users\Zahnhaus-Pc\Downloads\INT_R_FUL_2015_TP.exe 2014-05-09 15:31 - 2014-05-09 15:31 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-09 15:30 - 2014-05-09 15:30 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Zahnhaus-Pc\Downloads\mbam-setup-2.0.1.1004.exe 2014-05-09 15:25 - 2014-05-09 15:25 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(2).exe 2014-05-09 15:23 - 2014-05-09 15:23 - 00000000 ____D () C:\WINDOWS\ERUNT 2014-05-09 15:22 - 2014-05-09 15:22 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT(1).exe 2014-05-09 15:17 - 2014-05-09 15:17 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner(1).exe 2014-05-09 15:16 - 2014-05-09 15:16 - 00000000 ____D () C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP 2014-05-09 15:09 - 2014-05-09 15:09 - 01016261 _____ (Thisisu) C:\Users\Zahnhaus-Pc\Downloads\JRT.exe 2014-05-09 15:04 - 2014-05-09 15:04 - 01316991 _____ () C:\Users\Zahnhaus-Pc\Downloads\adwcleaner.exe 2014-05-09 15:02 - 2014-05-09 15:02 - 00464381 ____N () C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe 2014-05-07 22:16 - 2014-05-07 20:49 - 00000000 ____D () C:\Users\Zahnhaus-Pc\AppData\Roaming\Nico Mak Computing 2014-05-07 21:53 - 2013-09-13 10:07 - 00000000 ___RD () C:\Users\Zahnhaus-Pc\Desktop\Asus 2014-05-07 21:52 - 2013-10-22 12:44 - 00001452 _____ () C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-05-07 21:47 - 2014-05-07 21:47 - 00919936 _____ (Enigma Software Group USA, LLC.) C:\Users\Zahnhaus-Pc\Downloads\RegHunter-Installer.exe 2014-05-07 21:02 - 2014-05-07 21:02 - 00000000 _____ () C:\autoexec.bat 2014-05-07 20:48 - 2014-05-07 20:48 - 04892480 _____ (WinZip International LLC ) C:\Users\Zahnhaus-Pc\Downloads\wzmp_8.exe 2014-05-07 20:38 - 2014-05-07 20:38 - 00002784 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-05-07 20:38 - 2014-05-07 20:38 - 00000836 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-05-07 20:38 - 2014-05-07 20:38 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-07 20:37 - 2014-05-07 20:37 - 03671432 _____ (Piriform Ltd) C:\Users\Zahnhaus-Pc\Downloads\ccsetup413_slim.exe 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieUserList 2014-05-07 19:48 - 2014-05-07 19:48 - 00000000 __SHD () C:\Users\Zahnhaus-Pc\AppData\Local\EmieSiteList 2014-05-06 09:28 - 2014-04-05 07:23 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-06 09:28 - 2014-04-05 07:23 - 00003868 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-06 06:40 - 2014-05-17 07:53 - 23544320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-06 05:25 - 2014-05-17 07:53 - 17382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-06 05:00 - 2014-05-17 07:53 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-06 04:10 - 2014-05-17 07:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-05-05 09:14 - 2014-05-05 09:14 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-05-01 22:30 - 2014-04-18 19:54 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-05-01 22:30 - 2014-04-18 19:54 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-01 18:37 - 2014-01-07 00:16 - 00578720 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-27 15:39 - 2014-04-27 15:39 - 00000222 _____ () C:\Users\Zahnhaus-Pc\Desktop\Crusader Kings II.url ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-24 18:48 ==================== End Of Log ============================ --- --- --- Für mich sieht das aber genauso wie am Anfang aus. Und wenn ich versuche die Datei zu löschen, bleibt der PC hängen-wette ich.....! Aber genau wissen tue ich es natürlich nicht. |
26.05.2014, 12:49 | #20 |
/// the machine /// TB-Ausbilder | Spyhunter lässt sich nicht entfernen Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop. SystemLook (64 bit)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
27.05.2014, 21:14 | #21 |
| Spyhunter lässt sich nicht entfernenCode:
ATTFilter SystemLook 30.07.11 by jpshortstuff Log created at 22:09 on 27/05/2014 by Zahnhaus-Pc Administrator - Elevation successful ========== regfind ========== Searching for "SpyHunter" [HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\B1EF5FCA27738604B878D2A2E6DFA050] "ProductName"="SpyHunter" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\167ED423049710645A22436AA88D0A99] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\1F94163E4B8E8524AB2D208677C1C639] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\AutoCheckUpdate" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\270D6EC2A97B99548BA1F764A91027A1] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\2BAC083D35096B44C91BE7BCF2A9BE35] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\325484F6157B534449A295F31E20CC49] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\EsgScanner.inf" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\3A1F744C14FB4E14A93C1628CDE36240] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\MonitorWinCom_remember" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\3B801397615ADA446AA0C0D27F8C35F5] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\ShieldOnBoot" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\4EE16055EDFAB8E46BCE054F706E7050] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Users\Zahnhaus-Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\53838070BC439074A85BDB6338C858D4] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\54F23924A8B2A594D8F3B34555F857DB] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\Defs\def.dat" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\5942B0FB3B0060E4FB3008F9D51CFC26] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\native.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\5A2C306FF7B069949928B69774A9C8A0] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\GuardStatus" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\64717EB28EB8ECA4A9584B6BA7934B83] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\ActiveDesktop_remember" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\79455857BB467F24D81891AAD09F7079] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\ESGScanner.sys" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\8014B476AFF7674499E83E22C791A5A2] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\8D95E4363DF07F44FB6986E629D65FDB] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\ActHomePageProt" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\96F935B48BE0455459DB1E7E97E04BDF] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\MonitorDNS" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\9BDCF589B9440364E8DB3F9535DDBB9F] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\B435C9AD1BF350D48BE80D5A79BA2EEE] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\ESGRKCHK.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\B8759E73AEB287C4485B33F51B7DE868] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\MonitorIEImages" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\C2E30ACAB517FB744ACF4672E649BE7F] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\Language" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\CA1A35F40F64E2C419551606C418D4C6] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\AutoUpdateDownload" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\D23A4A6BB4BD7474197B486733BBB37A] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\D69C9067CD45885488F1E05319EDD023] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\D75FE63EDA1D54A4CA6F51CADD11E656] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\CheckShOsCompatibility" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\D91BE455A0889C4458F258847859EC6F] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\MonitorHosts" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\DD372D2F4DF0D0540B2F37ED85511E4C] "B1EF5FCA27738604B878D2A2E6DFA050"="22:\Software\EnigmaSoftwareGroup\SpyHunter\SpyHunterConfig\MonitorSystem" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\F87702C2D0F509E4FB7923DA78F44976] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\license.txt" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Components\FD27396ADF8235D449146899FD9100FE] "B1EF5FCA27738604B878D2A2E6DFA050"="C:\Program Files\Enigma Software Group\SpyHunter\Common.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Products\B1EF5FCA27738604B878D2A2E6DFA050\InstallProperties] "DisplayName"="SpyHunter" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-694943857-1465044934-2268448326-1002\Products\B1EF5FCA27738604B878D2A2E6DFA050\InstallProperties] "InstallLocation"="C:\Program Files\Enigma Software Group\SpyHunter\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}] "DisplayIcon"="C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe,0" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}] "DisplayName"="SpyHunter" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}] "InstallLocation"="C:\Program Files\Enigma Software Group\SpyHunter\" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9B88A9-F7ED-4167-BB16-97640B2A3A2B}] "Path"="\SpyHunter4Startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup] [HKEY_USERS\S-1-5-21-694943857-1465044934-2268448326-1002\Software\Microsoft\Installer\Products\B1EF5FCA27738604B878D2A2E6DFA050] "ProductName"="SpyHunter" ========== filefind ========== Searching for "*SpyHunter*" C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe ------- 464381 bytes [18:28 09/05/2014] [18:28 09/05/2014] FEED2857EE796A7F82234E47A6362341 C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe ------- 464381 bytes [18:27 09/05/2014] [18:28 09/05/2014] FEED2857EE796A7F82234E47A6362341 C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe ------- 464381 bytes [13:02 09/05/2014] [13:02 09/05/2014] FEED2857EE796A7F82234E47A6362341 C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-F1EBA0E9.pf --a---- 26654 bytes [19:00 07/05/2014] [19:00 07/05/2014] 1461830D14DCD4EA969CA6CFA55AB226 C:\Windows\Prefetch\SPYHUNTERKILLER(1).EXE-5093276B.pf --a---- 28776 bytes [18:29 09/05/2014] [18:29 09/05/2014] B6BC790016733D9FB720752F496E3FA4 C:\Windows\Prefetch\SPYHUNTERKILLER(2).EXE-B60598A8.pf --a---- 32164 bytes [18:28 09/05/2014] [18:28 09/05/2014] A18E44FBDF468BE1E005622130B2DC35 C:\Windows\Prefetch\SPYHUNTERKILLER.EXE-014B1CE1.pf --a---- 31096 bytes [13:02 09/05/2014] [13:02 09/05/2014] 3F909F4D49C76910E82E422DA9919009 -= EOF =- |
28.05.2014, 19:22 | #22 |
/// the machine /// TB-Ausbilder | Spyhunter lässt sich nicht entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}" /f reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\B1EF5FCA27738604B878D2A2E6DFA050" /f reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9B88A9-F7ED-4167-BB16-97640B2A3A2B}" /f Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
28.05.2014, 22:49 | #23 |
| Spyhunter lässt sich nicht entfernenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-05-2014 01 Ran by Zahnhaus-Pc at 2014-05-28 23:48:42 Run:1 Running from C:\Users\Zahnhaus-Pc\Desktop\04 Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}" /f reg: reg delete "HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\B1EF5FCA27738604B878D2A2E6DFA050" /f reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9B88A9-F7ED-4167-BB16-97640B2A3A2B}" /f ***************** C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(1).exe => Moved successfully. C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller(2).exe => Moved successfully. C:\Users\Zahnhaus-Pc\Downloads\SpyHunterKiller.exe => Moved successfully. ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}" /f ========= Der Vorgang wurde erfolgreich beendet. ========= End of Reg: ========= ========= reg delete "HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\B1EF5FCA27738604B878D2A2E6DFA050" /f ========= Der Vorgang wurde erfolgreich beendet. ========= End of Reg: ========= ========= reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9B88A9-F7ED-4167-BB16-97640B2A3A2B}" /f ========= FEHLER: Zugriff verweigert ========= End of Reg: ========= ==== End of Fixlog ==== |
29.05.2014, 21:05 | #24 |
/// the machine /// TB-Ausbilder | Spyhunter lässt sich nicht entfernen Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
30.05.2014, 10:09 | #25 |
| Spyhunter lässt sich nicht entfernen Hi! Nee-ist jetzt alles weg! Sehe zumindest nichts mehr. Gibt es irgendeinen Tipp, wie ich mir solche Plagegeister vom Hals halte? Vielleicht mit einem Programm? Denke das mir GData da wohl nicht bei hilft. |
31.05.2014, 10:28 | #26 |
/// the machine /// TB-Ausbilder | Spyhunter lässt sich nicht entfernen Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Spyhunter lässt sich nicht entfernen |
angeblich, anleitung, eingefangen, entdeck, entdeckt, entferne, entfernen, files, gefangen, geladen, gen, nichts, problem, programm, programme, reagiert, richtig, seite, spyhunter nicht löschbar, troja, upload, versucht, vorhanden, win, woche, wochen |