| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus!? Browser schließt, Programme nicht öffbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.05.2014, 19:30
| #1 |
| |  Virus!? Browser schließt, Programme nicht öffbar Hallo zusammen, ich habe vor kurzem BitDefender deinstalliert da ich unzufrieden war. Dummerweise habe ich aber vergessen direkt danach ein anderes Virenprogramm runterzuladen. Nun hab ich seit ca. 4 Tagen das Problem das ich nichts mehr runterladen kann, da bei 99% immer mein Google Chrome abstürzt, ich kann auch keine sonstigen Dateien runterladen. Ausserdem stürzt Chrome ebenfalls ab wenn ich bestimmte Seiten wie z.B. chip.de öffne. Bei Internet Explorer stürzt es zwar nicht ab aber ein Fehler wird vorgerufen: "Die Anweisung 0x7415ee32 verweist auf Speicher 0x00000400. Der Vorgang written konnte nicht im Speicher durchgeführt werden." Die gleiche Fehlermeldung kommt auch wenn ich Programme wie Skype o.ä. öffne. Ich kann leider keine Logdateien posten da ich im Moment kein Virenprogramm besitze, da wenn ich eins runterladen will abbricht, wie bereits weiter oben genannt. Ist es überhaupt ein Virus, oder hat es andere Ursachen. Mein Windows neu aufzusetzen währe mein letzter Wunsch aber wenn es nicht vermeidbar ist, lässt sich nichts machen. Ich hoffe ihr könnt mir trotzdem weiterhelfen  |
|
20.05.2014, 05:54
| #2 |
| /// the machine /// TB-Ausbilder    |  Virus!? Browser schließt, Programme nicht öffbar hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.05.2014, 18:33
| #3 |
| | Virus!? Browser schließt, Programme nicht öffbar FRST Logfile:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Merlin (administrator) on MERLIN on 20-05-2014 19:27:51
Running from C:\Users\Merlin\Downloads
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(HEAVEN KILLERS RELEASE GROUP) C:\Users\Merlin\Desktop\JClicker (3).exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Akamai Technologies, Inc.) C:\Users\Merlin\AppData\Local\Akamai\netsession_win.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Akamai Technologies, Inc.) C:\Users\Merlin\AppData\Local\Akamai\netsession_win.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [D-Link D-Link DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1826496 2014-04-09] (Valve Corporation)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Spotify Web Helper] => C:\Users\Merlin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-31] (Spotify Ltd)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Facebook Update] => C:\Users\Merlin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-26] (Facebook Inc.)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-26] (Samsung)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Server] => C:\Program Files (x86)\Java\jre7\bin\javaw.exe -jar "C:\Users\Merlin\AppData\Local\Temp\Server3847414724023975124.jar" <===== ATTENTION
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Merlin\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [GoogleChromeAutoLaunch_CD140F5AAD8E6FC651893248525622D4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google)
Startup: C:\Users\Merlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Merlin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.holasearch.com/?affID=121962&babsrc=HP_ss&mntrId=D8464C72B9575B8E
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {4903127F-D81F-4479-B688-5A158D3EDD04} URL =
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.holasearch.com/?q={searchTerms}&affID=121962&babsrc=SP_ss&mntrId=D8464C72B9575B8E
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {4903127F-D81F-4479-B688-5A158D3EDD04} URL =
SearchScopes: HKCU - {771C4718-9940-4067-801B-03B112522E9E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=HIP&o=102875&src=kw&q={searchTerms}&locale=&apn_ptnrs=^6F&apn_dtid=^YYYYYY^YY^DE&apn_uid=0ef72aa5-3458-4cc8-b5d3-eee0f1d2a1ad&apn_sauid=B770922A-ECF2-4B69-A247-833A4BA55E75
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default
FF user.js: detected! => C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\user.js
FF SelectedSearchEngine: Hola Search
FF Homepage: hxxp://www.holasearch.com/?affID=121962&babsrc=HP_ss&mntrId=D8464C72B9575B8E
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF DefaultSearchEngine: Google
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC Media Player\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VLC Media Player\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Merlin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\searchplugins\holasearch.xml
FF Extension: No Name - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\116 [2013-07-07]
FF Extension: No Name - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\ffxtlbr@babylon.com [2013-06-05]
FF Extension: No Name - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\staged [2013-05-06]
FF Extension: Free Hide IP - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\support@free-hideip.com.xpi [2013-05-06]
FF Extension: NoScript - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-17]
FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: No Name - C:\Program Files\McAfee\MSK [2012-08-02]
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] - C:\Program Files (x86)\LyricsPal\116.xpi
FF Extension: Lyrics-Pal - C:\Program Files (x86)\LyricsPal\116.xpi [2013-06-25]
Chrome:
=======
CHR StartupUrls: "hxxp://www.iloveradio.de/voting.html", "https://mail.google.com/mail/u/0/?tab=wm#inbox", "https://www.facebook.com/", "hxxp://www.hsv.de/ticket/dauerkarten/", "hxxp://www.minecraftpvp.com/"
CHR Extension: (Google Docs) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13]
CHR Extension: (Google Drive) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13]
CHR Extension: (YouTube) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25]
CHR Extension: (Adblock Plus) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-30]
CHR Extension: (Google-Suche) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25]
CHR Extension: (Adblock für Facebook™) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2014-01-15]
CHR Extension: (sunsteps.org Addon) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm [2014-04-18]
CHR Extension: (Google Wallet) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Marc Ecko) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-01-15]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-05-17]
CHR Extension: (Google Mail) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-25]
CHR HKLM-x32\...\Chrome\Extension: [mmiopbgcekanlhpjkonogoljpfmhpkhf] - C:\Program Files (x86)\LyricsPal\116.crx [2013-06-25]
==================== Services (Whitelisted) =================
R2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] ()
S3 GSService; C:\Windows\SysWOW64\GSService.exe [122880 2010-05-20] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5017968 2013-01-08] (INCA Internet Co., Ltd.)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-28] ()
S2 SystemStoreService; C:\Program Files (x86)\SelfUpdater\SystemStore.exe [297984 2014-04-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S2 0162251362329979mcinstcleanup; C:\Users\Merlin\AppData\Local\Temp\016225~1.EXE -cleanup -nolog [X]
S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
==================== Drivers (Whitelisted) ====================
S1 anodlwf; C:\Windows\system32\DRIVERS\anodlwfx.sys [15872 2011-02-21] ()
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [452432 2013-03-06] (Intel Corporation)
S3 EverestDriver; C:\Users\Merlin\AppData\Local\Temp\EverestDriver.sys [9728 2005-08-18] ()
S3 GameKB; C:\Windows\system32\drivers\GameKB.sys [27648 2012-05-11] ()
R3 netr28ux; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-20 19:27 - 2014-05-20 19:28 - 00019076 _____ () C:\Users\Merlin\Downloads\FRST.txt
2014-05-20 19:27 - 2014-05-20 19:27 - 00000000 ____D () C:\FRST
2014-05-20 19:26 - 2014-05-20 19:26 - 02067456 _____ (Farbar) C:\Users\Merlin\Downloads\FRST64.exe
2014-05-20 19:26 - 2014-05-20 19:26 - 00001456 _____ () C:\Users\Merlin\Desktop\FRST64.exe - Verknüpfung.lnk
2014-05-19 19:48 - 2014-05-19 19:49 - 16558656 _____ () C:\Users\Merlin\Downloads\Nicht bestätigt 883208.crdownload
2014-05-18 01:03 - 2014-05-18 01:04 - 28413552 _____ (Panda Security ) C:\Users\Merlin\Downloads\PandaCloudCleaner.exe
2014-05-17 20:07 - 2014-05-17 20:07 - 00000000 _____ () C:\Users\Merlin\AppData\Local\{2BEF511A-2D4E-4993-9C74-56320EE9CB6D}
2014-05-14 19:01 - 2014-05-14 19:03 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018 (1).exe
2014-05-14 18:59 - 2014-05-14 19:00 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-05-14 15:55 - 2014-05-14 15:55 - 00003784 ____N () C:\bootsqm.dat
2014-05-14 15:55 - 2014-05-14 15:55 - 00000000 __SHD () C:\found.001
2014-05-10 20:06 - 2014-05-10 20:06 - 00282775 _____ () C:\Users\Merlin\Downloads\YouTube-Unblocker-055.crx
2014-05-10 15:03 - 2014-05-10 15:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-10 15:03 - 2014-05-10 15:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-10 15:03 - 2014-05-10 15:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-10 15:03 - 2014-05-10 15:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 ____D () C:\Windows\Sun
2014-05-10 15:01 - 2014-05-10 15:02 - 29164456 _____ (Oracle Corporation) C:\Users\Merlin\Downloads\jre-7u55-windows-i586.exe
2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-10 14:25 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-10 14:25 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-10 14:25 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-10 14:25 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-26 16:54 - 2014-04-26 16:55 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\Win32
2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1.zip
2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1 (1).zip
2014-04-26 16:51 - 2014-04-26 16:51 - 00351232 _____ () C:\Users\Merlin\Downloads\ClashofClansGemsHackv22__6858_il6040247.exe
2014-04-26 16:46 - 2014-04-26 16:46 - 00211608 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack Setup_2014.rar.rar
2014-04-26 16:40 - 2014-04-26 16:40 - 01167788 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack No Survey Updated 2013.zip
2014-04-26 16:38 - 2014-04-26 16:38 - 00605561 _____ () C:\Users\Merlin\Downloads\Clash-of-Clans-Hack-v25.zip
2014-04-25 23:59 - 2014-04-25 23:59 - 00000470 _____ () C:\Users\Merlin\Downloads\listen-dsl.asx
2014-04-25 21:02 - 2014-05-20 19:20 - 00000000 ___RD () C:\Users\Merlin\Google Drive
2014-04-25 21:02 - 2014-04-25 21:02 - 00001716 _____ () C:\Users\Merlin\Desktop\Google Drive.lnk
2014-04-25 21:00 - 2014-05-10 14:40 - 00002046 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-04-25 21:00 - 2014-05-10 14:40 - 00002044 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-04-25 21:00 - 2014-05-10 14:40 - 00002034 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-04-25 21:00 - 2014-05-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-04-25 20:59 - 2014-04-25 20:59 - 00884672 _____ (Google Inc.) C:\Users\Merlin\Downloads\googledrivesync.exe
2014-04-25 20:59 - 2014-04-25 20:59 - 00021698 _____ () C:\Users\Merlin\Downloads\documents-export-2014-04-25.zip
2014-04-23 00:42 - 2014-04-23 00:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified Files and Folders =======
2014-05-20 19:28 - 2014-05-20 19:27 - 00019076 _____ () C:\Users\Merlin\Downloads\FRST.txt
2014-05-20 19:27 - 2014-05-20 19:27 - 00000000 ____D () C:\FRST
2014-05-20 19:27 - 2012-11-14 12:33 - 02056911 _____ () C:\Windows\WindowsUpdate.log
2014-05-20 19:26 - 2014-05-20 19:26 - 02067456 _____ (Farbar) C:\Users\Merlin\Downloads\FRST64.exe
2014-05-20 19:26 - 2014-05-20 19:26 - 00001456 _____ () C:\Users\Merlin\Desktop\FRST64.exe - Verknüpfung.lnk
2014-05-20 19:23 - 2012-12-25 11:53 - 00000000 ____D () C:\Users\Merlin\AppData\Local\CrashDumps
2014-05-20 19:22 - 2013-07-07 19:42 - 00004200 _____ () C:\Windows\System32\Tasks\Software Updater
2014-05-20 19:22 - 2013-01-12 20:13 - 00000000 ____D () C:\Users\Merlin\AppData\Local\Adobe
2014-05-20 19:20 - 2014-04-25 21:02 - 00000000 ___RD () C:\Users\Merlin\Google Drive
2014-05-20 19:19 - 2012-12-30 15:47 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-20 19:19 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-19 20:34 - 2013-07-22 21:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-19 20:34 - 2012-12-25 10:20 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-19 20:34 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-19 19:49 - 2014-05-19 19:48 - 16558656 _____ () C:\Users\Merlin\Downloads\Nicht bestätigt 883208.crdownload
2014-05-19 19:38 - 2012-12-30 15:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-19 19:09 - 2014-03-03 21:32 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\.minecraft
2014-05-18 02:04 - 2012-12-25 12:18 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\TS3Client
2014-05-18 01:04 - 2014-05-18 01:03 - 28413552 _____ (Panda Security ) C:\Users\Merlin\Downloads\PandaCloudCleaner.exe
2014-05-17 21:08 - 2014-03-15 02:14 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\QuickScan
2014-05-17 20:27 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-17 20:07 - 2014-05-17 20:07 - 00000000 _____ () C:\Users\Merlin\AppData\Local\{2BEF511A-2D4E-4993-9C74-56320EE9CB6D}
2014-05-14 19:03 - 2014-05-14 19:01 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018 (1).exe
2014-05-14 19:00 - 2014-05-14 18:59 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018.exe
2014-05-14 16:00 - 2012-11-11 10:15 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-05-14 16:00 - 2012-11-11 10:15 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-05-14 16:00 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-14 15:56 - 2012-11-14 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-14 15:56 - 2012-08-02 17:04 - 00465566 _____ () C:\Windows\PFRO.log
2014-05-14 15:56 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-14 15:55 - 2014-05-14 15:55 - 00003784 ____N () C:\bootsqm.dat
2014-05-14 15:55 - 2014-05-14 15:55 - 00000000 __SHD () C:\found.001
2014-05-11 16:11 - 2012-12-31 17:48 - 02566656 ___SH () C:\Users\Merlin\Desktop\Thumbs.db
2014-05-10 20:06 - 2014-05-10 20:06 - 00282775 _____ () C:\Users\Merlin\Downloads\YouTube-Unblocker-055.crx
2014-05-10 15:58 - 2012-12-25 00:32 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-505795367-1035587087-3783900401-1001
2014-05-10 15:03 - 2014-05-10 15:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-05-10 15:03 - 2014-05-10 15:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-05-10 15:03 - 2014-05-10 15:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-05-10 15:03 - 2014-05-10 15:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 ____D () C:\Windows\Sun
2014-05-10 15:03 - 2014-01-12 00:48 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-10 15:03 - 2013-03-08 11:35 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-10 15:02 - 2014-05-10 15:01 - 29164456 _____ (Oracle Corporation) C:\Users\Merlin\Downloads\jre-7u55-windows-i586.exe
2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-05-10 14:40 - 2014-04-25 21:00 - 00002046 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-05-10 14:40 - 2014-04-25 21:00 - 00002044 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-05-10 14:40 - 2014-04-25 21:00 - 00002034 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-05-10 14:40 - 2014-04-25 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-05-10 14:33 - 2012-12-30 15:47 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 14:33 - 2012-12-30 15:47 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-29 16:14 - 2014-05-10 14:25 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-10 14:25 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-10 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-10 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-26 16:55 - 2014-04-26 16:54 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\Win32
2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1.zip
2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1 (1).zip
2014-04-26 16:51 - 2014-04-26 16:51 - 00351232 _____ () C:\Users\Merlin\Downloads\ClashofClansGemsHackv22__6858_il6040247.exe
2014-04-26 16:46 - 2014-04-26 16:46 - 00211608 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack Setup_2014.rar.rar
2014-04-26 16:40 - 2014-04-26 16:40 - 01167788 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack No Survey Updated 2013.zip
2014-04-26 16:38 - 2014-04-26 16:38 - 00605561 _____ () C:\Users\Merlin\Downloads\Clash-of-Clans-Hack-v25.zip
2014-04-26 02:46 - 2013-12-19 00:39 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\AbiSuite
2014-04-26 02:46 - 2013-01-07 22:39 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\vlc
2014-04-25 23:59 - 2014-04-25 23:59 - 00000470 _____ () C:\Users\Merlin\Downloads\listen-dsl.asx
2014-04-25 21:02 - 2014-04-25 21:02 - 00001716 _____ () C:\Users\Merlin\Desktop\Google Drive.lnk
2014-04-25 21:02 - 2012-12-25 00:22 - 00000000 ____D () C:\Users\Merlin
2014-04-25 21:00 - 2012-12-27 22:11 - 00000000 ____D () C:\Users\Merlin\AppData\Local\Google
2014-04-25 21:00 - 2012-12-27 22:11 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-25 20:59 - 2014-04-25 20:59 - 00884672 _____ (Google Inc.) C:\Users\Merlin\Downloads\googledrivesync.exe
2014-04-25 20:59 - 2014-04-25 20:59 - 00021698 _____ () C:\Users\Merlin\Downloads\documents-export-2014-04-25.zip
2014-04-24 21:28 - 2014-04-05 21:53 - 00000000 ____D () C:\Users\Merlin\AppData\Local\Akamai
2014-04-23 19:13 - 2013-01-07 22:40 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\dvdcss
2014-04-23 01:47 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-23 00:42 - 2014-04-23 00:42 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-20 01:54 - 2012-12-25 11:58 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\Skype
Some content of TEMP:
====================
C:\Users\Merlin\AppData\Local\Temp\6_Offer_11.exe
C:\Users\Merlin\AppData\Local\Temp\ANPDApi.dll
C:\Users\Merlin\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Merlin\AppData\Local\Temp\DelB12.exe
C:\Users\Merlin\AppData\Local\Temp\DeltaTB.exe
C:\Users\Merlin\AppData\Local\Temp\DM1393080421.exe
C:\Users\Merlin\AppData\Local\Temp\DM1393081977.exe
C:\Users\Merlin\AppData\Local\Temp\DownloadManager.exe
C:\Users\Merlin\AppData\Local\Temp\gbinit.exe
C:\Users\Merlin\AppData\Local\Temp\htmlayout.dll
C:\Users\Merlin\AppData\Local\Temp\ICReinstall_free-mouse-auto-clicker-3-0-en-win-setup.exe
C:\Users\Merlin\AppData\Local\Temp\j4nmpaa5.dll
C:\Users\Merlin\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Merlin\AppData\Local\Temp\npp.6.4.5.Installer.exe
C:\Users\Merlin\AppData\Local\Temp\setup.exe
C:\Users\Merlin\AppData\Local\Temp\SHSetup.exe
C:\Users\Merlin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Merlin\AppData\Local\Temp\sonarinst.exe
C:\Users\Merlin\AppData\Local\Temp\tmp160B.exe
C:\Users\Merlin\AppData\Local\Temp\tmp1D9B.exe
C:\Users\Merlin\AppData\Local\Temp\tmp2BF5.exe
C:\Users\Merlin\AppData\Local\Temp\tmp2EDA.exe
C:\Users\Merlin\AppData\Local\Temp\tmp38D8.exe
C:\Users\Merlin\AppData\Local\Temp\tmp45BB.exe
C:\Users\Merlin\AppData\Local\Temp\tmp4E4B.exe
C:\Users\Merlin\AppData\Local\Temp\tmp601F.exe
C:\Users\Merlin\AppData\Local\Temp\tmp6F63.exe
C:\Users\Merlin\AppData\Local\Temp\tmp830D.exe
C:\Users\Merlin\AppData\Local\Temp\tmp89B.exe
C:\Users\Merlin\AppData\Local\Temp\tmpBC47.exe
C:\Users\Merlin\AppData\Local\Temp\tmpD5CC.exe
C:\Users\Merlin\AppData\Local\Temp\tmpDB4B.exe
C:\Users\Merlin\AppData\Local\Temp\tmpE32C.exe
C:\Users\Merlin\AppData\Local\Temp\tmpEE49.exe
C:\Users\Merlin\AppData\Local\Temp\tmpF03.exe
C:\Users\Merlin\AppData\Local\Temp\tmpF1A5.exe
C:\Users\Merlin\AppData\Local\Temp\tmpFBC8.exe
C:\Users\Merlin\AppData\Local\Temp\tmpFF05.exe
C:\Users\Merlin\AppData\Local\Temp\uninst1.exe
C:\Users\Merlin\AppData\Local\Temp\Uninstall.exe
C:\Users\Merlin\AppData\Local\Temp\vlc-2.0.7-win64.exe
C:\Users\Merlin\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-17 20:17
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Merlin at 2014-05-20 19:28:28
Running from C:\Users\Merlin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Die Polizei 2013 (HKLM-x32\...\Die Polizei 2013) (Version: - Quadriga Games)
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: - D-Link)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube Download version 3.2.16.1030 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.16.1030 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 17.2 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LibreOffice 4.0.1.2 (HKLM-x32\...\{604B2A5C-B1CE-45B2-ADCC-6B7C721AC3AC}) (Version: 4.0.1.2 - The Document Foundation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Acer Incorporated)
Lyrics-Pal (HKLM-x32\...\lrcspal@lyricspal.co) (Version: - LyricsPal Soft. LTD) <==== ATTENTION
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar)
Media Buddy 1.2.2 (HKLM-x32\...\{AD98E3F2-3AC5-47f1-8DD3-473BF3AF3D3E}_is1) (Version: - Ramka Ltd.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Minecraft Texturepack Editor (HKLM-x32\...\Minecraft Texturepack Editor) (Version: - )
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}) (Version: 12.5.00000 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.14500.0.45 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.16900.1.27 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.16001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 305.29 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 305.29 - NVIDIA Corporation)
NVIDIA Grafiktreiber 305.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.29 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.82.513 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0529 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 305.29 (Version: 305.29 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SpyHunter (HKLM\...\{BCD55450-77AC-4347-B24F-654B1189F8D4}) (Version: 4.13.6.4253 - Enigma Software Group USA, LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)
Tunatic (HKLM-x32\...\Tunatic) (Version: - )
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.0.0.0 - Manuel Hoefs (Zottel))
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.3 - WildTangent) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: 5.2.0.16826 - Blizzard Entertainment)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Restore Points =========================
22-04-2014 22:42:11 avast! antivirus system restore point
10-05-2014 13:02:25 Installed Java 7 Update 55
14-05-2014 13:56:59 avast! antivirus system restore point
19-05-2014 18:24:21 Windows Update
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2CFA792F-2249-454E-A079-6ED65849DA5D} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {31FC6167-F301-4AF3-8E2C-101CE3FDE706} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-merlinwehde-spezial@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {419BCECD-A68D-4F89-BFAF-E3FBB5B7EF4D} - System32\Tasks\Bitdefender Autoscan => C:\Program Files\Bitdefender\Bitdefender\mtasklaunch.exe
Task: {541C5B45-D20D-43F4-8BB7-1FD9E2741E82} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {7EF12FAE-39C8-43FD-9B4F-FADDC9D11CDE} - System32\Tasks\Software Updater => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-19] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ABD80A29-666E-4907-BDAB-1C3B8417AECA} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {AD904766-4E72-4277-8B55-7EACAEB8263D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-30] (Google Inc.)
Task: {BBF6A55F-CE95-401E-84A3-DA1C7B3E5B35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-30] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FED7AFB0-CCAD-4B92-A1EE-D0C17368E29A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-505795367-1035587087-3783900401-1001Core.job => C:\Users\Merlin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-07-01 11:42 - 2010-07-12 14:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-12-25 00:39 - 2012-12-25 00:39 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-07-01 11:42 - 2010-05-13 10:58 - 00294912 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\WlanApp.dll
2013-07-01 11:42 - 2013-07-01 11:42 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANPDApi.dll
2014-05-20 19:20 - 2014-05-20 19:20 - 00098816 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32api.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00110080 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\pywintypes27.dll
2014-05-20 19:19 - 2014-05-20 19:19 - 00364544 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\pythoncom27.dll
2014-05-20 19:20 - 2014-05-20 19:20 - 00045568 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\_socket.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 01159680 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\_ssl.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00320512 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32com.shell.shell.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00713216 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\_hashlib.pyd
2014-05-20 19:19 - 2014-05-20 19:19 - 01175040 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._core_.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00805888 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._gdi_.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00811008 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._windows_.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 01062400 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._controls_.pyd
2014-05-20 19:19 - 2014-05-20 19:19 - 00735232 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._misc_.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00128512 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\_elementtree.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00127488 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\pyexpat.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00557056 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\pysqlite2._sqlite.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00087552 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\_ctypes.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00119808 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32file.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00108544 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32security.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00018432 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32event.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00038912 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32inet.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00070656 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._html2.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00167936 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32gui.pyd
2014-05-20 19:19 - 2014-05-20 19:19 - 00011264 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32crypt.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00027136 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\_multiprocessing.pyd
2014-05-20 19:19 - 2014-05-20 19:19 - 00122368 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._wizard.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00010240 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\select.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00024064 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32pipe.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00686080 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\unicodedata.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00025600 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32pdh.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00525640 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\windows._lib_cacheinvalidation.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00035840 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32process.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00017408 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32profile.pyd
2014-05-20 19:20 - 2014-05-20 19:20 - 00022528 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\win32ts.pyd
2014-05-20 19:19 - 2014-05-20 19:19 - 00078336 _____ () C:\Users\Merlin\AppData\Local\Temp\_MEI43882\wx._animate.pyd
2014-05-10 14:41 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-10 14:41 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-05-10 14:41 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-05-10 14:41 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-10 14:41 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-10 14:41 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Merlin\Cookies:uqak1JLdRjFZy6PEUJRRegcO9
AlternateDataStreams: C:\Users\Merlin\Desktop\JClicker (3).exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\battlelog-web-plugins_2.3.2_131 (1).exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\battlelog-web-plugins_2.3.2_131.exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\CheatEngine63.exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\dotnetfx2.exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\FIFA 14 COINS Hack Tool v.3.3 SETUP.exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\JClicker (1).exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\JClicker (2).exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\JClicker.exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\my_downloader_installer.exe:BDU
AlternateDataStreams: C:\Users\Merlin\Downloads\vioplayerv.exe:BDU
AlternateDataStreams: C:\Users\Merlin\AppData\Local\Temp:nzfPYEmqVCylrV2YTWJHRQaBBbR
AlternateDataStreams: C:\Users\Merlin\AppData\Local\Temp:WD8F4Cwd1hDS2CajSlec
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: WAN Miniport (IP)
Description: WAN-Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: WAN Miniport (IPv6)
Description: WAN-Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Canon MP620 ser Network
Description: Canon MP620 ser Network
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Canon
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: WAN Miniport (Network Monitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (05/20/2014 07:27:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: winhttp.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50986fa4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee32
ID des fehlerhaften Prozesses: 0x15f0
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3
Vollständiger Name des fehlerhaften Pakets: GoogleUpdate.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GoogleUpdate.exe5
Error: (05/20/2014 07:27:12 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\83c72a19-9ca9-4ad8-a5ac-601fde357ab4.dmp
Error: (05/20/2014 07:26:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: winhttp.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50986fa4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee32
ID des fehlerhaften Prozesses: 0xc38
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3
Vollständiger Name des fehlerhaften Pakets: GoogleUpdate.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GoogleUpdate.exe5
Error: (05/20/2014 07:26:46 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\a3a5b5ab-6e11-4acc-ba51-03c6ee4f3f0a.dmp
Error: (05/20/2014 07:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.2.9200.16659, Zeitstempel: 0x51db6e34
Name des fehlerhaften Moduls: WINHTTP.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50986fa4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee32
ID des fehlerhaften Prozesses: 0x1b40
Startzeit der fehlerhaften Anwendung: 0xWerFault.exe0
Pfad der fehlerhaften Anwendung: WerFault.exe1
Pfad des fehlerhaften Moduls: WerFault.exe2
Berichtskennung: WerFault.exe3
Vollständiger Name des fehlerhaften Pakets: WerFault.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WerFault.exe5
Error: (05/20/2014 07:23:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AAM Updates Notifier.exe, Version: 7.0.0.470, Zeitstempel: 0x52a70f66
Name des fehlerhaften Moduls: WINHTTP.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50986fa4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee32
ID des fehlerhaften Prozesses: 0x104c
Startzeit der fehlerhaften Anwendung: 0xAAM Updates Notifier.exe0
Pfad der fehlerhaften Anwendung: AAM Updates Notifier.exe1
Pfad des fehlerhaften Moduls: AAM Updates Notifier.exe2
Berichtskennung: AAM Updates Notifier.exe3
Vollständiger Name des fehlerhaften Pakets: AAM Updates Notifier.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AAM Updates Notifier.exe5
Error: (05/20/2014 07:21:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: winhttp.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50986fa4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee32
ID des fehlerhaften Prozesses: 0x101c
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3
Vollständiger Name des fehlerhaften Pakets: GoogleUpdate.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GoogleUpdate.exe5
Error: (05/20/2014 07:21:31 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\8bec1062-691d-45cb-96ed-4307ece20173.dmp
Error: (05/20/2014 07:21:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.3.21.103, Zeitstempel: 0x4f3c6d6c
Name des fehlerhaften Moduls: winhttp.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50986fa4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ee32
ID des fehlerhaften Prozesses: 0x1a7c
Startzeit der fehlerhaften Anwendung: 0xGoogleUpdate.exe0
Pfad der fehlerhaften Anwendung: GoogleUpdate.exe1
Pfad des fehlerhaften Moduls: GoogleUpdate.exe2
Berichtskennung: GoogleUpdate.exe3
Vollständiger Name des fehlerhaften Pakets: GoogleUpdate.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GoogleUpdate.exe5
Error: (05/20/2014 07:21:19 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6d3257cd-757f-46f2-9b22-a8f4fdd28825.dmp
System errors:
=============
Error: (05/20/2014 07:19:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Internet Explorer Flash Player für Windows 8 für x64-Systeme (KB2957151)
Error: (05/20/2014 07:19:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2926765)
Error: (05/20/2014 07:19:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2939153)
Error: (05/20/2014 07:19:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2822241)
Error: (05/20/2014 07:19:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2920189)
Error: (05/19/2014 08:34:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2871997)
Error: (05/19/2014 08:02:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet. Dies ist bereits 25 Mal passiert.
Error: (05/19/2014 07:38:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet. Dies ist bereits 24 Mal passiert.
Error: (05/19/2014 07:02:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet. Dies ist bereits 23 Mal passiert.
Error: (05/19/2014 06:38:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update-Dienst (gupdate)" wurde unerwartet beendet. Dies ist bereits 22 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/20/2014 07:27:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cwinhttp.dll6.2.9200.1645150986fa4c00000050000ee3215f001cf7450bc5d9cebC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\winhttp.dllfa5fc5ab-e043-11e3-bed1-4c72b9575b8e
Error: (05/20/2014 07:27:12 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\83c72a19-9ca9-4ad8-a5ac-601fde357ab4.dmp
Error: (05/20/2014 07:26:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cwinhttp.dll6.2.9200.1645150986fa4c00000050000ee32c3801cf7450acf989d6C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\winhttp.dllead85d09-e043-11e3-bed1-4c72b9575b8e
Error: (05/20/2014 07:26:46 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\a3a5b5ab-6e11-4acc-ba51-03c6ee4f3f0a.dmp
Error: (05/20/2014 07:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WerFault.exe6.2.9200.1665951db6e34WINHTTP.dll6.2.9200.1645150986fa4c00000050000ee321b4001cf745029101846C:\Windows\SysWOW64\WerFault.exeC:\Windows\SYSTEM32\WINHTTP.dll67a0e3c6-e043-11e3-bed1-4c72b9575b8e
Error: (05/20/2014 07:23:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AAM Updates Notifier.exe7.0.0.47052a70f66WINHTTP.dll6.2.9200.1645150986fa4c00000050000ee32104c01cf74501bb610d9C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exeC:\Windows\SYSTEM32\WINHTTP.dll66cf7b0d-e043-11e3-bed1-4c72b9575b8e
Error: (05/20/2014 07:21:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cwinhttp.dll6.2.9200.1645150986fa4c00000050000ee32101c01cf744ff0e7bac5C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\winhttp.dll2ed2005c-e043-11e3-bed1-4c72b9575b8e
Error: (05/20/2014 07:21:31 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\8bec1062-691d-45cb-96ed-4307ece20173.dmp
Error: (05/20/2014 07:21:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GoogleUpdate.exe1.3.21.1034f3c6d6cwinhttp.dll6.2.9200.1645150986fa4c00000050000ee321a7c01cf744fe796b5f7C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Windows\SYSTEM32\winhttp.dll2951b30a-e043-11e3-bed1-4c72b9575b8e
Error: (05/20/2014 07:21:19 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.131;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\6d3257cd-757f-46f2-9b22-a8f4fdd28825.dmp
CodeIntegrity Errors:
===================================
Date: 2014-05-14 15:56:23.092
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-21 02:24:50.137
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-17 23:52:55.780
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-17 23:29:02.950
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-17 23:27:22.559
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-14 21:37:25.858
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-14 21:02:17.294
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-14 20:08:27.928
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-30 15:15:04.726
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-03-19 14:54:29.541
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\Drivers\anodlwfx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8133.95 MB
Available physical RAM: 5474.45 MB
Total Pagefile: 9349.97 MB
Available Pagefile: 6513.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:452.6 GB) (Free:191.51 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.11 GB) (Free:452.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 9E363D6C)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ist das so richtig? |
|
21.05.2014, 08:55
| #4 |
| /// the machine /// TB-Ausbilder | Virus!? Browser schließt, Programme nicht öffbar Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.05.2014, 18:23
| #5 |
| | Virus!? Browser schließt, Programme nicht öffbar Da mein Browser immer abgestürzt ist als ich Revo Uninstaller installieren wollte habe ich das mit ComboFix gemacht. Als das Programm die Logdateien vorbereitet hat kamen ununterbrochen Fehlermeldungen: hxxp://www11.pic-upload.de/21.05.14/tcrwkj5by85.jpg (hxxp zu http umändern) Ich weiss nicht ob es wichtig ist, ich wollte es trotzdem gesagt haben. Nun die Log Datei: Code:
ATTFilter ComboFix 14-05-19.01 - Merlin 21.05.2014 18:23:56.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.8134.5574 [GMT 2:00]
ausgeführt von:: c:\users\Merlin\Desktop\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsPal
c:\program files (x86)\LyricsPal\116.crx
c:\program files (x86)\LyricsPal\116.dat
c:\program files (x86)\LyricsPal\116.xpi
c:\program files (x86)\LyricsPal\sqlite3.dll
c:\program files (x86)\LyricsPal\Uninstall.exe
c:\programdata\1394842492.bdinstall.bin
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0\23
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\background.html
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\crossriderManifest.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\manifest.xml
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\1_base.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\17_jQuery.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\182_openUrl.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\21_debug.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\22_resources.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\28_initializer.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\47_resources_background.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\64_appApiMessage.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\72_appApiValidation.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\userCode\background.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\userCode\extension.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\actions\1.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\icon128.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\icon16.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\icon48.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\chrome.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\cookie.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\message.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\pageAction.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\pageActionBG.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\background.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\app_api.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\bg_app_api.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\consts.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\cookie_store.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\crossriderAPI.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\delegate.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\events.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\extensionDataStore.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\installer.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\logFile.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\logging.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\onBGDocumentLoad.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\popupResource\newPopup.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\popupResource\popup.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\reports.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\storageWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\updateManager.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\util.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\xhr.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\main.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\manifest.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\popup.html
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\version.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000129.ldb
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000155.ldb
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000187.ldb
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000200.log
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\CURRENT
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\LOCK
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\LOG
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\LOG.old
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\MANIFEST-000198
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0.localstorage-journal
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0.localstorage
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_ctypes.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_elementtree.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_hashlib.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_multiprocessing.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_socket.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_ssl.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\pyexpat.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\pysqlite2._sqlite.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\python27.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\pythoncom27.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\PyWinTypes27.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\select.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\unicodedata.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32api.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32com.shell.shell.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32crypt.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32event.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32file.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32gui.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32inet.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32pdh.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32pipe.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32process.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32profile.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32security.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32ts.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\windows._lib_cacheinvalidation.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._animate.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._controls_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._core_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._gdi_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._html2.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._misc_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._windows_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._wizard.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxbase294u_net_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxbase294u_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_adv_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_core_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_html_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_webview_vc90.dll
c:\users\Merlin\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\users\Merlin\AppData\Roaming\win32
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-21 bis 2014-05-21 ))))))))))))))))))))))))))))))
.
.
2014-05-21 16:37 . 2014-05-21 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-21 16:37 . 2014-05-21 16:37 -------- d-----w- c:\users\...Merlin\AppData\Local\temp
2014-05-20 17:27 . 2014-05-20 17:28 -------- d-----w- C:\FRST
2014-05-17 18:26 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-17 18:26 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
2014-05-14 13:55 . 2014-05-14 13:55 -------- d-----w- C:\found.001
2014-05-10 13:03 . 2014-05-10 13:03 -------- d-----w- c:\windows\Sun
2014-05-10 13:03 . 2014-05-10 13:03 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-10 12:40 . 2014-05-10 12:40 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-04-25 19:02 . 2014-05-21 16:57 -------- d-----r- c:\users\Merlin\Google Drive
2014-04-22 22:42 . 2014-04-22 22:42 43152 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 18:34 . 2012-12-25 08:20 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-04-22 23:47 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-22 23:47 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-22 16:50 . 2013-02-28 19:29 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-22 16:50 . 2013-02-28 18:48 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-22 16:50 . 2013-02-28 18:48 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-03-22 16:42 . 2013-06-20 21:13 207008 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1031\ResourceCache.dll
2014-03-15 00:31 . 2014-03-15 00:22 74512 ----a-w- c:\windows\SysWow64\bdsandboxuiskin32.dll
2014-03-15 00:31 . 2014-03-15 00:15 74512 ----a-w- c:\windows\system32\bdsandboxuiskin32.dll
2014-03-14 23:23 . 2014-03-14 23:24 312744 ----a-w- c:\windows\system32\javaws.exe
2014-03-14 23:23 . 2014-03-14 23:23 189352 ----a-w- c:\windows\system32\javaw.exe
2014-03-14 23:23 . 2014-03-14 23:23 189352 ----a-w- c:\windows\system32\java.exe
2014-03-14 23:23 . 2014-03-14 23:23 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-03-07 00:48 . 2014-04-14 18:30 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-07 00:47 . 2014-04-14 18:30 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-07 00:08 . 2014-04-14 18:30 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-07 00:08 . 2014-04-14 18:30 2240000 ----a-w- c:\windows\system32\wininet.dll
2014-03-07 00:08 . 2014-04-14 18:30 1365504 ----a-w- c:\windows\system32\urlmon.dll
2014-03-07 00:08 . 2014-04-14 18:30 915968 ----a-w- c:\windows\system32\uxtheme.dll
2014-03-07 00:08 . 2014-04-14 18:30 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-07 00:08 . 2014-04-14 18:30 855552 ----a-w- c:\windows\system32\jscript.dll
2014-03-07 00:08 . 2014-04-14 18:30 3959808 ----a-w- c:\windows\system32\jscript9.dll
2014-03-07 00:08 . 2014-04-14 18:30 15404544 ----a-w- c:\windows\system32\ieframe.dll
2014-03-07 00:08 . 2014-04-14 18:30 2648576 ----a-w- c:\windows\system32\iertutil.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[7] 2012-07-26 . 74DBAEC35366C4EE7670428808715A6A . 26624 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.2.9200.16384_none_7d217647be9d7466\asyncmac.sys
[7] 2012-07-26 . 74DBAEC35366C4EE7670428808715A6A . 26624 . . [6.2.9200.16384] .. c:\windows\system32\Drivers\asyncmac.sys
.
.
.
.
[7] 2012-07-26 . 4163ADE07DB51843AE31F65B94F5398D . 5632 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-null_31bf3856ad364e35_6.2.9200.16384_none_022f94e1a4c140be\null.sys
[7] 2012-07-26 . 4163ADE07DB51843AE31F65B94F5398D . 5632 . . [6.2.9200.16384] .. c:\windows\system32\Drivers\null.sys
.
.
[7] 2012-07-26 . 73DC722CE5DF26D7638CE2446F2655C7 . 117248 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.2.9200.16384_none_43076fb065d9deae\tdx.sys
[7] 2012-07-26 . 73DC722CE5DF26D7638CE2446F2655C7 . 117248 . . [6.2.9200.16384] .. c:\windows\system32\Drivers\tdx.sys
.
[7] 2012-07-26 . 310068BDA80B1D55C36580FD8A873FAF . 134144 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.2.9200.16384_none_d1b2ce1e27c2ab64\browser.dll
[7] 2012-07-26 . 310068BDA80B1D55C36580FD8A873FAF . 134144 . . [6.2.9200.16384] .. c:\windows\system32\browser.dll
.
[7] 2014-03-11 . F1DA34D64F2BA200D28A7451804E2FEE . 35840 . . [6.2.9200.16864] .. c:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16865_none_964bf2a21c01704e\lsass.exe
[7] 2012-09-20 . F702AB6181513303AB0FC8D59E52708B . 35840 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3b\lsass.exe
[7] 2012-09-20 . 3950680E83482D369B57BD2241730AB1 . 35840 . . [6.2.9200.20521] .. c:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20985_none_96bfef95352f47fa\lsass.exe
[7] 2012-09-20 . F702AB6181513303AB0FC8D59E52708B . 35840 . . [6.2.9200.16420] .. c:\windows\system32\lsass.exe
.
[7] 2012-07-26 . 89519D29CBEC2121CA65CC29C4D345E0 . 255488 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-netman_31bf3856ad364e35_6.2.9200.16384_none_6886c2fadb94092a\netman.dll
[7] 2012-07-26 . 89519D29CBEC2121CA65CC29C4D345E0 . 255488 . . [6.2.9200.16384] .. c:\windows\system32\netman.dll
.
[7] 2012-07-26 . D598C44A7072D3108D8D8102EC5E07F7 . 826368 . . [7.6.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.2.9200.16384_none_7c5a6c5183364183\qmgr.dll
[7] 2012-07-26 . D598C44A7072D3108D8D8102EC5E07F7 . 826368 . . [7.6.9200.16384] .. c:\windows\system32\qmgr.dll
.
[7] 2012-07-26 . 1EC6E533C954BDDF2A37E7851A7E58FD . 817152 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.2.9200.16384_none_c2948360c7a43433\rpcss.dll
[7] 2012-07-26 . 1EC6E533C954BDDF2A37E7851A7E58FD . 817152 . . [6.2.9200.16384] .. c:\windows\system32\rpcss.dll
.
[7] 2012-09-20 . 8F226143046435C75C033B0C52E90FFE . 410624 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[7] 2012-09-20 . 8F226143046435C75C033B0C52E90FFE . 410624 . . [6.2.9200.16384] .. c:\windows\system32\services.exe
.
[7] 2012-07-26 . 3F215BF2D4D8D6756298B25B579772C2 . 769024 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.2.9200.16384_none_2f154a864b4cfb0d\spoolsv.exe
[7] 2012-07-26 . 3F215BF2D4D8D6756298B25B579772C2 . 769024 . . [6.2.9200.16384] .. c:\windows\system32\spoolsv.exe
.
[7] 2014-04-12 . 75DD70A14145499C9F7D903CF9A8C91B . 578048 . . [6.2.9200.16891] .. c:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_c87ee12f5ec0739b\winlogon.exe
[7] 2014-04-12 . 69ED828D121EA8FD0D84184DB60E2B06 . 578048 . . [6.2.9200.21012] .. c:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_c95fd5c6779c8076\winlogon.exe
[7] 2012-10-11 . BCF2036A0DD579E47C008C133550283E . 517120 . . [6.2.9200.16433] .. c:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[7] 2012-10-11 . BCF2036A0DD579E47C008C133550283E . 517120 . . [6.2.9200.16384] .. c:\windows\system32\winlogon.exe
.
.
[7] 2013-07-06 . 8A8DB47DDF6B2118DF4D1561CEA586B3 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16658_none_928a3d03619fc26f\comctl32.dll
[7] 2013-07-06 . 8A8DB47DDF6B2118DF4D1561CEA586B3 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16658_none_776622cb3175a40c\comctl32.dll
[7] 2013-07-04 . EC945242390DB1231D1BEB4787A15455 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.20765_none_794d7f0d2e9b2a42\comctl32.dll
[7] 2013-04-09 . 08B3A62B406421E7D4A03B2F93F6CFDA . 2516992 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef\comctl32.dll
[7] 2013-04-06 . 78C1A4668441CBACC25D34FB763B5782 . 2512896 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.20683_none_2abe9a298b310786\comctl32.dll
[7] 2012-07-26 . 03E223CC4AE2D2B55E400AD9C55449F6 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_7762d5fd3178b04e\comctl32.dll
[7] 2012-07-25 . ABA350274707D09D91826ED8EAF886B5 . 2512896 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f\comctl32.dll
[7] 2013-07-06 . 8A8DB47DDF6B2118DF4D1561CEA586B3 . 652288 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2012-07-26 . 9F5A8404ABE4BBABCD2821575B275E23 . 1297408 . . [2001.12.10130.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.2.9200.16384_none_857a823c6ff60f1a\comres.dll
[7] 2012-07-26 . 9F5A8404ABE4BBABCD2821575B275E23 . 1297408 . . [2001.12.10130.16384] .. c:\windows\system32\comres.dll
.
[7] 2013-07-13 . 5CE2742F063731EC10C1B2EE386A2C08 . 68096 . . [6.2.9200.16666] .. c:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[7] 2013-07-13 . 5CE2742F063731EC10C1B2EE386A2C08 . 68096 . . [6.2.9200.16384] .. c:\windows\system32\cryptsvc.dll
.
[7] 2012-07-26 . F9E01C2D9F8BC049E04CF5DC24A5F638 . 507904 . . [2001.12.10130.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.2.9200.16384_none_65b74681db81d620\es.dll
[7] 2012-07-26 . F9E01C2D9F8BC049E04CF5DC24A5F638 . 507904 . . [2001.12.10130.16384] .. c:\windows\system32\es.dll
.
[7] 2012-07-26 . DA66D6D4A0B77D57F5CF449B1231010F . 213504 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.2.9200.16384_none_b51fc57b042f32f9\imm32.dll
[7] 2012-07-26 . DA66D6D4A0B77D57F5CF449B1231010F . 213504 . . [6.2.9200.16384] .. c:\windows\system32\imm32.dll
.
[7] 2012-07-26 . C6B2D1AE7F957BCA38C6C86E800BDC3F . 77312 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-usp_31bf3856ad364e35_6.2.9200.16384_none_05c42072e2409625\usp10.dll
[7] 2012-07-26 . C6B2D1AE7F957BCA38C6C86E800BDC3F . 77312 . . [6.2.9200.16384] .. c:\windows\system32\usp10.dll
.
[7] 2014-03-01 . 7BDE8F40FF491D8507CE3A6BF4EF0851 . 1258496 . . [6.2.9200.16859] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16859_none_ecad0759dff2db48\kernel32.dll
[7] 2014-03-01 . 615363C9D1CE6D3DC81703E1E3D32EF4 . 1258496 . . [6.2.9200.20978] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20978_none_ed200402f921999d\kernel32.dll
[7] 2014-02-05 . 8E6F76FC4937DA47F905107757616E1B . 1257984 . . [6.2.9200.16815] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16815_none_ecd445e1dfd60628\kernel32.dll
[7] 2014-03-01 . 7BDE8F40FF491D8507CE3A6BF4EF0851 . 1258496 . . [6.2.9200.16384] .. c:\windows\system32\kernel32.dll
.
[7] 2012-07-26 . 5EFD801A12FB267405B24945012F5E1A . 28160 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.2.9200.16384_none_912ed9812f1847a9\linkinfo.dll
[7] 2012-07-26 . 5EFD801A12FB267405B24945012F5E1A . 28160 . . [6.2.9200.16384] .. c:\windows\system32\linkinfo.dll
.
[7] 2012-11-08 . CC81790E0A18535853C33BABBFF15D56 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16624_none_02dda516e419e312\lpk.dll
[7] 2012-11-08 . CC81790E0A18535853C33BABBFF15D56 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\Temp\InFlight\2519698832ffce018a000000e016c015\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16481_none_0299c0e4e44d4465\lpk.dll
[7] 2012-07-26 . 8B51BBAE42176AAB95026C2D07D13FDC . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16384_none_029cbfdce44a9343\lpk.dll
[7] 2012-07-26 . 8B51BBAE42176AAB95026C2D07D13FDC . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.20729_none_036c4353fd33018f\lpk.dll
[7] 2012-11-08 . CC81790E0A18535853C33BABBFF15D56 . 3072 . . [6.2.9200.16453] .. c:\windows\system32\lpk.dll
.
[7] 2012-07-26 . 335C4488A14AC4B52B3E1CDF6D6F7780 . 532992 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.2.9200.16384_none_08ffed191e5dbc88\hnetcfg.dll
[7] 2012-07-26 . 335C4488A14AC4B52B3E1CDF6D6F7780 . 532992 . . [6.2.9200.16384] .. c:\windows\system32\hnetcfg.dll
.
[7] 2014-05-06 . EE5B8FE4C7B9769C7DC5C3C856E140C3 . 19274752 . . [10.00.9200.16899] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16899_none_b25faa6960a437cd\mshtml.dll
[7] 2014-05-06 . 57050C0441EAA93FFE9273635A966303 . 19523072 . . [10.00.9200.21026] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21026_none_9be1c7657a10b6dd\mshtml.dll
[7] 2014-04-29 . 0B2B9288401D0C67F4E8B83A389EFFD8 . 19275264 . . [10.00.9200.16897] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16897_none_b25fd7f960a4048b\mshtml.dll
[7] 2014-04-29 . B194732553255AE138FA3346BB5240FE . 19517440 . . [10.00.9200.21024] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21024_none_9be1f4f57a10839b\mshtml.dll
[7] 2014-03-07 . 4BCADB6D3A03A690EC7F6B8AA7D3C5E4 . 19273216 . . [10.00.9200.16863] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16863_none_b25d323b60a65202\mshtml.dll
[7] 2014-05-06 . EE5B8FE4C7B9769C7DC5C3C856E140C3 . 19274752 . . [10.00.9200.16384] .. c:\windows\system32\mshtml.dll
.
[7] 2012-07-26 . AECED95ACFDCF96757EDD8D0CFFE34B8 . 654848 . . [7.0.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.2.9200.16384_none_2a1edd8528aa53a4\msvcrt.dll
[7] 2012-07-26 . AECED95ACFDCF96757EDD8D0CFFE34B8 . 654848 . . [7.0.9200.16384] .. c:\windows\system32\msvcrt.dll
.
[7] 2012-10-11 . 1AC307A2F7317007BC382046B3835202 . 355328 . . [6.2.9200.16433] .. c:\windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_11520fa2b6e84ca0\mswsock.dll
[7] 2012-10-11 . 1AC307A2F7317007BC382046B3835202 . 355328 . . [6.2.9200.16384] .. c:\windows\system32\mswsock.dll
.
[7] 2012-07-26 . FDC70965F0FC9DFEBC919627DED5DDFF . 743936 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll
[7] 2012-07-26 . FDC70965F0FC9DFEBC919627DED5DDFF . 743936 . . [6.2.9200.16384] .. c:\windows\system32\netlogon.dll
.
[7] 2012-07-26 . EF72CFB67C73A8751F3BC4F4C98EAD4C . 260608 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.2.9200.16384_none_fbe345c5869c9568\powrprof.dll
[7] 2012-07-26 . EF72CFB67C73A8751F3BC4F4C98EAD4C . 260608 . . [6.2.9200.16384] .. c:\windows\system32\powrprof.dll
.
[7] 2012-07-26 . 4F6E1CA672370A9BCAC049CE3AB7F666 . 224768 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[7] 2012-07-26 . 4F6E1CA672370A9BCAC049CE3AB7F666 . 224768 . . [6.2.9200.16384] .. c:\windows\system32\scecli.dll
.
[7] 2012-07-26 . B1E63281081B64BB570EA5B3EC5146C5 . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.2.9200.16384_none_ffff6ab0e5f5db6f\sfc.dll
[7] 2012-07-26 . B1E63281081B64BB570EA5B3EC5146C5 . 3072 . . [6.2.9200.16384] .. c:\windows\system32\sfc.dll
.
[7] 2012-09-20 . EDE27EACE742EE2888C5DD36400A2EC0 . 29696 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe
[7] 2012-09-20 . EDE27EACE742EE2888C5DD36400A2EC0 . 29696 . . [6.2.9200.16384] .. c:\windows\system32\svchost.exe
.
[7] 2012-07-26 . 88B7721AB551C4325036B25A34A2BF7B . 305664 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.2.9200.16384_none_3c0680406eb6ce76\tapisrv.dll
[7] 2012-07-26 . 88B7721AB551C4325036B25A34A2BF7B . 305664 . . [6.2.9200.16384] .. c:\windows\system32\tapisrv.dll
.
[7] 2012-09-20 . A99AD14F26BDA7D7F27F76BC91B7EED7 . 1342464 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_263ef3ebf6f3a54e\user32.dll
[7] 2012-09-20 . A99AD14F26BDA7D7F27F76BC91B7EED7 . 1342464 . . [6.2.9200.16384] .. c:\windows\system32\user32.dll
.
[7] 2012-07-26 . 0E925F7BA032920D58DD284B6181A247 . 25088 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[7] 2012-07-26 . 0E925F7BA032920D58DD284B6181A247 . 25088 . . [6.2.9200.16384] .. c:\windows\system32\userinit.exe
.
[7] 2014-03-07 . 2B7920C7885AC45FD0E27DD860F095A1 . 2240000 . . [10.00.9200.16862] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16863_none_a103131ce04fe8cc\wininet.dll
[7] 2014-03-07 . 2B7920C7885AC45FD0E27DD860F095A1 . 2240000 . . [10.00.9200.16384] .. c:\windows\system32\wininet.dll
.
[7] 2012-07-26 . 2E5B349ACDA36C20612795754DB93312 . 345088 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_4b815827581a3bbb\ws2_32.dll
[7] 2012-07-26 . 2E5B349ACDA36C20612795754DB93312 . 345088 . . [6.2.9200.16384] .. c:\windows\system32\ws2_32.dll
.
[7] 2012-07-26 . C0D1F9ADE8800424BD8094302CC59EC1 . 4608 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.2.9200.16384_none_5d4ea9d2811f3160\ws2help.dll
[7] 2012-07-26 . C0D1F9ADE8800424BD8094302CC59EC1 . 4608 . . [6.2.9200.16384] .. c:\windows\system32\ws2help.dll
.
.
.
[7] 2012-07-26 . FE9AB232B56A12224E8A3F3F9878C9A3 . 132608 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_89bc60338e14dc99\wininit.exe
[7] 2012-07-26 . FE9AB232B56A12224E8A3F3F9878C9A3 . 132608 . . [6.2.9200.16384] .. c:\windows\system32\wininit.exe
.
[7] 2012-07-26 . 7978B91B70462045B01F114223FA5871 . 10240 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.2.9200.16384_none_f5fa34381a55c01e\ctfmon.exe
[7] 2012-07-26 . 7978B91B70462045B01F114223FA5871 . 10240 . . [6.2.9200.16384] .. c:\windows\system32\ctfmon.exe
.
[7] 2012-07-26 . A77F3ABE13FCC698511E5DEC7ACEBD5F . 565760 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.2.9200.16384_none_25fa048ea6b1ccd9\shsvcs.dll
[7] 2012-07-26 . A77F3ABE13FCC698511E5DEC7ACEBD5F . 565760 . . [6.2.9200.16384] .. c:\windows\system32\shsvcs.dll
.
[7] 2012-07-26 . E80DD61E52EDFFF9DA1ED7260A68855B . 159744 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.2.9200.16384_none_e22fad1e0d3b86f8\regsvc.dll
[7] 2012-07-26 . E80DD61E52EDFFF9DA1ED7260A68855B . 159744 . . [6.2.9200.16384] .. c:\windows\system32\regsvc.dll
.
[7] 2013-04-09 . ED40ED9A65F3E79A8C43DD50C5FDADBF . 1285632 . . [6.2.9200.16579] .. c:\windows\WinSxS\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.2.9200.16579_none_87da9b2020ba0bbf\schedsvc.dll
[7] 2013-04-09 . ED40ED9A65F3E79A8C43DD50C5FDADBF . 1285632 . . [6.2.9200.16384] .. c:\windows\system32\schedsvc.dll
.
[7] 2012-07-26 . 7A20882D76D4A78240A5AC9F2C2EBA21 . 266240 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.2.9200.16384_none_d8931a505afc7fac\ssdpsrv.dll
[7] 2012-07-26 . 7A20882D76D4A78240A5AC9F2C2EBA21 . 266240 . . [6.2.9200.16384] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2012-07-26 . 541EE228D0DEF392F7B2DFD885DD021B . 723968 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.2.9200.16384_none_e768e92cde084d59\termsrv.dll
[7] 2012-07-26 . 541EE228D0DEF392F7B2DFD885DD021B . 723968 . . [6.2.9200.16384] .. c:\windows\system32\termsrv.dll
.
.
.
[7] 2012-07-26 . AF433565E5E02857C5D0AFFD932AF150 . 8704 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.2.9200.16384_none_d0357f7fa5d047b8\msimg32.dll
[7] 2012-07-26 . AF433565E5E02857C5D0AFFD932AF150 . 8704 . . [6.2.9200.16384] .. c:\windows\system32\msimg32.dll
.
[-] 2013-10-30 19:38 . 7042BFF01618B8BFB1C6B97CCCD50E85 . 31137 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.20765_none_36e76d80c26ac0ef\comctl32.dll
[-] 2013-10-30 19:38 . 59D57E52A26C4786CB5B63E3CAC5FE90 . 33712 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16384_none_36472ae1a95e483b\comctl32.dll
[-] 2013-10-30 18:31 . E8D05C675E94EC50839CF8F7DEE5645E . 43244 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.20765_none_930609047ac83225\comctl32.dll
[-] 2013-10-30 18:31 . 6B729BAF8661FF66E25E19D290119D74 . 28730 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16384_none_9265c66561bbb971\comctl32.dll
[7] 2013-07-04 . E1BE2B701DA9FD6BDF2A46B1665B8734 . 541184 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.20765_none_c0fab5e443175348\comctl32.dll
[7] 2013-07-04 . 1136EC767D7915D0F945E38BBC64024C . 541696 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2013-07-04 . 1136EC767D7915D0F945E38BBC64024C . 541696 . . [5.82] .. c:\windows\WinSxS\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16658_none_366ba17fa9425139\comctl32.dll
[7] 2013-07-04 . 1136EC767D7915D0F945E38BBC64024C . 541696 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16658_none_bf1359a245f1cd12\comctl32.dll
[7] 2013-04-06 . 043862860006BDEE014234A112F0B5CC . 2046976 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.20683_none_726bd1009fad308c\comctl32.dll
[7] 2013-04-06 . BA34C32F67F91AD0DA3D3A3425C9236A . 2050560 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5\comctl32.dll
[7] 2012-07-26 . 7A3B96DE45ED3AB1B6BAA1D0B7B9869B . 541184 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_bf100cd445f4d954\comctl32.dll
[7] 2012-07-25 . 4E743FA4D61A2EF8CA1642F49DC4784D . 2046976 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.dll
.
[7] 2012-07-26 . 39FB0D2C74D4201F01BA30D06162525A . 394240 . . [2001.12.10130.16384] .. c:\windows\SysWOW64\es.dll
[7] 2012-07-26 . 39FB0D2C74D4201F01BA30D06162525A . 394240 . . [2001.12.10130.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.2.9200.16384_none_700bf0d40fe2981b\es.dll
.
[7] 2012-07-26 . 51E886381803D55926A6D50643B9436C . 121344 . . [6.2.9200.16384] .. c:\windows\SysWOW64\imm32.dll
[7] 2012-07-26 . 51E886381803D55926A6D50643B9436C . 121344 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.2.9200.16384_none_bf746fcd388ff4f4\imm32.dll
.
[-] 2014-04-23 12:49 . 46295898FCA2EB48A51BFF103AB9649E . 46536 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20935_none_f79ced272d649fcf\kernel32.dll
[-] 2014-04-23 12:49 . F099884E02C7AFE305D098209F707E30 . 49574 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16627_none_f7201d10143d1c74\kernel32.dll
[-] 2014-04-23 12:45 . 6EF1AE9EFC8B38D9A2D8072664DA13BC . 146627 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20935_none_ed4842d4f903ddd4\kernel32.dll
[-] 2014-04-23 12:45 . 8AC3D8120E65A1411797C24992F9289A . 88845 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16627_none_eccb72bddfdc5a79\kernel32.dll
[7] 2014-03-01 . B754C9E628719644174783FAA1786EBE . 974848 . . [6.2.9200.20978] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20978_none_f774ae552d825b98\kernel32.dll
[7] 2014-03-01 . 985A570128DAEB86F77DE843028BDC9C . 974848 . . [6.2.9200.16384] .. c:\windows\SysWOW64\kernel32.dll
[7] 2014-03-01 . 985A570128DAEB86F77DE843028BDC9C . 974848 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16859_none_f701b1ac14539d43\kernel32.dll
[7] 2014-02-05 . BCD38BCC68BAE9585576C5223421229B . 974848 . . [6.2.9200.16815] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16815_none_f728f0341436c823\kernel32.dll
[-] 2013-07-10 19:19 . D465FE9BA0C489FB5FC5E9FC14BDC9C6 . 190 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20732_none_f799e87d2d67597c\kernel32.dll
[-] 2013-07-10 19:19 . 67A1A40C9663BCCDBB819ED9223C604E . 43698 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20708_none_f7c059fd2d499db3\kernel32.dll
[-] 2013-07-10 19:19 . 6520509618183D85035BA2554F887E2F . 43697 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16604_none_f732bc0a142f988d\kernel32.dll
[-] 2013-07-10 19:19 . E81E74D8C1C00B47B07A933A2255E40C . 52285 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16384_none_f6dc36f8147080a0\kernel32.dll
[-] 2013-07-07 19:06 . DD7E3F83748AB3C5D247F045D82F0B02 . 140299 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20732_none_ed453e2af9069781\kernel32.dll
[-] 2013-07-07 19:06 . B98480D0055F70B829D96FAE9FFC14D8 . 147542 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20708_none_ed6bafaaf8e8dbb8\kernel32.dll
[-] 2013-07-07 19:06 . 9F2BE52E5C28A78FA5E26D1BCE792BB6 . 122358 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16604_none_ecde11b7dfced692\kernel32.dll
[-] 2013-07-07 19:06 . 37D23D6140518439B217342BD4FFEB88 . 146568 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16384_none_ec878ca5e00fbea5\kernel32.dll
.
[7] 2012-07-26 . 860BBE64C0BDC46E8548C8767103CB1A . 19968 . . [6.2.9200.16384] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2012-07-26 . 860BBE64C0BDC46E8548C8767103CB1A . 19968 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.2.9200.16384_none_9b8383d3637909a4\linkinfo.dll
.
[7] 2012-11-08 . 36D755FFED947A08B1650ACE9644FAB8 . 3072 . . [6.2.9200.16453] .. c:\windows\SysWOW64\lpk.dll
[7] 2012-11-08 . 36D755FFED947A08B1650ACE9644FAB8 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\Temp\InFlight\2519698832ffce018a000000e016c015\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16481_none_0cee6b3718ae0660\lpk.dll
[7] 2012-11-08 . 36D755FFED947A08B1650ACE9644FAB8 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16624_none_0d324f69187aa50d\lpk.dll
[7] 2012-07-26 . 562CAFDB2B2B004CDF4A3A97390CE18D . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16384_none_0cf16a2f18ab553e\lpk.dll
[7] 2012-07-26 . 562CAFDB2B2B004CDF4A3A97390CE18D . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.20729_none_0dc0eda63193c38a\lpk.dll
.
[7] 2014-05-06 . 09E7C1165BDE00E99C3B9F2BC50A2291 . 14391808 . . [10.00.9200.21026] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21026_none_a63671b7ae7178d8\mshtml.dll
[7] 2014-05-06 . F2E912C438B0BB201391B831DA63BE06 . 14367232 . . [10.00.9200.16384] .. c:\windows\SysWOW64\mshtml.dll
[7] 2014-05-06 . F2E912C438B0BB201391B831DA63BE06 . 14367232 . . [10.00.9200.16899] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16899_none_bcb454bb9504f9c8\mshtml.dll
[7] 2014-04-29 . ACA93994D1F82136AA51BEE6F42D8C6B . 14379520 . . [10.00.9200.21024] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21024_none_a6369f47ae714596\mshtml.dll
[7] 2014-04-29 . DC4D93C813DF8235BD8502AF6A6E044F . 14357504 . . [10.00.9200.16897] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16897_none_bcb4824b9504c686\mshtml.dll
[-] 2014-04-23 12:49 . AD17E5DE8B5E31BF29179DE564823DB6 . 2733605 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20982_none_a5db7d61aeb4a8b0\mshtml.dll
[-] 2014-04-23 12:48 . B8C64ED6BE7C660712CEFAC70FC6728B . 2271337 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16843_none_bcafdbf99508e14f\mshtml.dll
[-] 2014-04-20 13:34 . B1D41CE152B080E2923A61CF5DEEEC9F . 3635557 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20982_none_9b86d30f7a53e6b5\mshtml.dll
[-] 2014-04-20 13:34 . 427364DF5BA14D446CB85449841FC9C2 . 2812587 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16843_none_b25b31a760a81f54\mshtml.dll
[-] 2014-03-22 18:58 . 4A73905BD9167E2B51A19050F08B4A64 . 2888228 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20544_none_a6028e59ae9806d2\mshtml.dll
[-] 2014-03-22 18:57 . 8E9051DE7E2EAE25121DD9227A1483E1 . 2886453 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20534_none_a6018e0fae98ed7b\mshtml.dll
[-] 2014-03-22 18:57 . DBD39391B0E345093FDC11F080A9578E . 2877101 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20521_none_a600d21dae998741\mshtml.dll
[-] 2014-03-22 18:56 . 7CAB25DB40A8606F1675F1B1BF5CFC82 . 2876392 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20486_none_a61131ddae8c837f\mshtml.dll
[-] 2014-03-22 18:55 . 47C9E492B674729F009620C361A5B46D . 2888137 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16442_none_bcdb327194e857ea\mshtml.dll
[-] 2014-03-22 18:55 . D82B7519F8608D310D85CEBCFFB9CA6A . 2885848 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16433_none_bcda1b5f94e95834\mshtml.dll
[-] 2014-03-22 18:54 . E8E172E8BA130A6BF5FFA68360BD0C61 . 2876814 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16420_none_bcd95f6d94e9f1fa\mshtml.dll
[-] 2014-03-22 18:53 . 07A9027A8B05B07E48755D7ACA28A62D . 2876375 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16390_none_bceb315f94db876a\mshtml.dll
[-] 2014-03-22 18:53 . C0664AA784757511A9D31D7E085E3F47 . 2869914 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16384_none_bce9d5f594dcd497\mshtml.dll
[-] 2014-03-22 18:49 . D2D2989870F547F15B2980CE1C70158E . 3752504 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20544_none_9bade4077a3744d7\mshtml.dll
[-] 2014-03-22 18:49 . 01C272E5091B02D5A2FEA1F4B2CF9AA2 . 3755096 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20534_none_9bace3bd7a382b80\mshtml.dll
[-] 2014-03-22 18:49 . C9D68EA56C408A67801F9A41F1CFF1C3 . 3751235 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20521_none_9bac27cb7a38c546\mshtml.dll
[-] 2014-03-22 18:48 . E6A35CC9473114087C46E041503DF1AC . 3739640 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20486_none_9bbc878b7a2bc184\mshtml.dll
[-] 2014-03-22 18:48 . 21E4A2B8F0E91D04AC4C4CD021EF9743 . 3753408 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16442_none_b286881f608795ef\mshtml.dll
[-] 2014-03-22 18:47 . 86FC98566FB81154E720E0D61CE4CEB3 . 3756988 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16433_none_b285710d60889639\mshtml.dll
[-] 2014-03-22 18:47 . CD3B29AC1CE62B043819C761A204ED61 . 3750361 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16420_none_b284b51b60892fff\mshtml.dll
[-] 2014-03-22 18:46 . 8907EDE82B7B0F5BEE4146218A65BB82 . 3739637 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16390_none_b296870d607ac56f\mshtml.dll
[-] 2014-03-22 18:46 . 76CC3A483848AC4F332A34A5CE44F82D . 3725575 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16384_none_b2952ba3607c129c\mshtml.dll
[-] 2014-03-15 22:39 . D94505D5220C63D724252BD51415419E . 2755362 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20963_none_a5d96605aeb68fa3\mshtml.dll
[-] 2014-03-15 22:24 . D0AEC85254CF56A77218BA090979D14C . 3646925 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20963_none_9b84bbb37a55cda8\mshtml.dll
[7] 2014-03-07 . DA90FBE37A73383BD12B472452C543EE . 14357504 . . [10.00.9200.16863] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16863_none_bcb1dc8d950713fd\mshtml.dll
.
[7] 2012-07-26 . B59E9810F8A416B9E5354834F26969D4 . 709632 . . [7.0.9200.16384] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2012-07-26 . B59E9810F8A416B9E5354834F26969D4 . 709632 . . [7.0.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.2.9200.16384_none_ce004201704ce26e\msvcrt.dll
.
[-] 2013-07-21 16:06 . 56265E82603272B4118098BAA2348560 . 998 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_b5be113417a7948b\mswsock.dll
[-] 2013-07-21 16:06 . C50FA3F7B03717073339BA9A786E70C9 . 9902 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_b4fe62e6feb2834f\mswsock.dll
[-] 2013-07-08 17:38 . 7548BEADCF4AC7F6B6A34316D4F25504 . 945 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_11dcacb7d00505c1\mswsock.dll
[-] 2013-07-08 17:38 . A0CAD949D59AB3D489A09E696E7C23A6 . 1574 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_111cfe6ab70ff485\mswsock.dll
[7] 2012-10-11 . C317E72447B437F99CC750BD876DF30E . 289280 . . [6.2.9200.16384] .. c:\windows\SysWOW64\mswsock.dll
[7] 2012-10-11 . C317E72447B437F99CC750BD876DF30E . 289280 . . [6.2.9200.16433] .. c:\windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_b533741efe8adb6a\mswsock.dll
.
[7] 2012-07-26 . EEF9DA64D7B1DD51FB8AB9EFCC560E3E . 634368 . . [6.2.9200.16384] .. c:\windows\SysWOW64\netlogon.dll
[7] 2012-07-26 . EEF9DA64D7B1DD51FB8AB9EFCC560E3E . 634368 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
.
[7] 2012-07-26 . 6C20BD6E46D606CB40A13C22D52B90C7 . 244736 . . [6.2.9200.16384] .. c:\windows\SysWOW64\powrprof.dll
[7] 2012-07-26 . 6C20BD6E46D606CB40A13C22D52B90C7 . 244736 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.2.9200.16384_none_9fc4aa41ce3f2432\powrprof.dll
.
[7] 2012-07-26 . B95DC83FF580DD92F487C2F4D0854B6A . 175616 . . [6.2.9200.16384] .. c:\windows\SysWOW64\scecli.dll
[7] 2012-07-26 . B95DC83FF580DD92F487C2F4D0854B6A . 175616 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll
.
[7] 2012-07-26 . 5DDEA740B911D4E910AC031090183E6A . 3072 . . [6.2.9200.16384] .. c:\windows\SysWOW64\sfc.dll
[7] 2012-07-26 . 5DDEA740B911D4E910AC031090183E6A . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-sfc_31bf3856ad364e35_6.2.9200.16384_none_a3e0cf2d2d986a39\sfc.dll
.
[-] 2013-07-21 16:04 . C1CD15714799293BD209F68C593E7A30 . 583 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[-] 2013-07-21 16:04 . A4EF679AC840D7C7F7611028C9D79780 . 3208 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[-] 2013-07-08 17:27 . 9BC57F169476215FB2669A903D05DE56 . 609 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[-] 2013-07-08 17:27 . 9109F610E0CAE136117E7F77B2EDA53F . 2873 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[7] 2012-09-20 . A46DC432F81473F526E3994AA483E366 . 23040 . . [6.2.9200.16384] .. c:\windows\SysWOW64\svchost.exe
[7] 2012-09-20 . A46DC432F81473F526E3994AA483E366 . 23040 . . [6.2.9200.16420] .. c:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
.
[7] 2012-07-26 . 4A10477302BB35A17ED818CD8720478A . 245760 . . [6.2.9200.16384] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2012-07-26 . 4A10477302BB35A17ED818CD8720478A . 245760 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.2.9200.16384_none_dfe7e4bcb6595d40\tapisrv.dll
.
[-] 2013-07-21 15:51 . 6E9F7EE905C747E77C0036D56D1F85CA . 178 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_311e3b534471206a\user32.dll
[-] 2013-07-21 15:51 . BEB2C3A7A984ED557B8CA747A721B789 . 190 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_3056bdf82b817724\user32.dll
[-] 2013-07-08 17:37 . 819270B4801DC7D8341CB47F4AFDD898 . 1384 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_26c9910110105e6f\user32.dll
[-] 2013-07-08 17:37 . DCD1A89E4CD48E1358B55D6F0E538653 . 1406 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_260213a5f720b529\user32.dll
[7] 2012-09-20 . BA1C3ACD929A71E88B49C2B6E38F92B3 . 1126912 . . [6.2.9200.16384] .. c:\windows\SysWOW64\user32.dll
[7] 2012-09-20 . BA1C3ACD929A71E88B49C2B6E38F92B3 . 1126912 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_30939e3e2b546749\user32.dll
.
[7] 2012-07-26 . 9F6289D194A04A09671FEED4B6CB6EF7 . 21504 . . [6.2.9200.16384] .. c:\windows\SysWOW64\userinit.exe
[7] 2012-07-26 . 9F6289D194A04A09671FEED4B6CB6EF7 . 21504 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
.
[-] 2014-04-23 12:51 . 535F842CFDA811D2686C560C2383EC25 . 330345 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20982_none_2e0e186d41a00c49\wininet.dll
[-] 2014-04-23 12:51 . 19C1198B4AF44F635441AB86D6DB1DBA . 278405 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16843_none_44e2770527f444e8\wininet.dll
[-] 2014-04-20 13:34 . 2516385DFC30F92E9B4104C20DFC579E . 396461 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20982_none_8a2cb3f0f9fd7d7f\wininet.dll
[-] 2014-04-20 12:57 . F1D0C3C4DBF2C2610CCC457AD76BD80D . 350988 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16843_none_a1011288e051b61e\wininet.dll
[-] 2014-03-22 19:03 . E1DF57972BB4A62EEB408B5EC0516313 . 314964 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20963_none_2e0c011141a1f33c\wininet.dll
[-] 2014-03-22 19:03 . 9D76B5BE42B18D17623E27283CF13A9F . 324829 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20534_none_2e34291b41845114\wininet.dll
[-] 2014-03-22 19:03 . CB3E1A54C8A5E5C0389E9FA64F35A321 . 324836 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20521_none_2e336d294184eada\wininet.dll
[-] 2014-03-22 19:03 . F29A096717978BFADE2385C6C6D64533 . 324825 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16433_none_450cb66b27d4bbcd\wininet.dll
[-] 2014-03-22 19:03 . CDBF6C44E550BABA01DADFBCE698E3C7 . 324831 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16420_none_450bfa7927d55593\wininet.dll
[-] 2014-03-22 19:03 . 99207B13CC004D24191197A7308154EF . 315392 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16384_none_451c710127c83830\wininet.dll
[-] 2014-03-22 18:45 . 844BC1629DD679AEA0E6A1E8F1E99CDD . 388013 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20534_none_8a52c49ef9e1c24a\wininet.dll
[-] 2014-03-22 18:45 . 19B08F1FF8E9AC2FD81C14BE54B90367 . 388018 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20521_none_8a5208acf9e25c10\wininet.dll
[-] 2014-03-22 18:45 . 82F2A3948C2239A124B1EF4ADCB5D077 . 388007 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16433_none_a12b51eee0322d03\wininet.dll
[-] 2014-03-22 18:45 . F47B2EBDE720A609547708865ADE06DD . 387625 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16420_none_a12a95fce032c6c9\wininet.dll
[-] 2014-03-22 18:45 . 3279C00E7040BE87DEDF2CE07354DD82 . 385369 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16384_none_a13b0c84e025a966\wininet.dll
[-] 2014-03-15 22:18 . 1773141E965FC40D3CB5C69711DEAD3A . 386333 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20963_none_8a2a9c94f9ff6472\wininet.dll
[7] 2014-03-07 . 89986727E56709064C219C8B47A20F82 . 1766400 . . [10.00.9200.16384] .. c:\windows\SysWOW64\wininet.dll
[7] 2014-03-07 . 89986727E56709064C219C8B47A20F82 . 1766400 . . [10.00.9200.16862] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16863_none_44e4779927f27796\wininet.dll
.
[7] 2012-07-26 . B3CC9EDFD97F7087013A9A47089DF571 . 310784 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2012-07-26 . B3CC9EDFD97F7087013A9A47089DF571 . 310784 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll
.
[7] 2012-07-26 . 3B00AE6AB772C533683DA887E093FAA0 . 4608 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ws2help.dll
[7] 2012-07-26 . 3B00AE6AB772C533683DA887E093FAA0 . 4608 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.2.9200.16384_none_67a35424b57ff35b\ws2help.dll
.
.
[7] 2012-07-26 . FBBAD33ED97E961CC1500872DE5D96DD . 133120 . . [6.2.9200.16384] .. c:\windows\regedit.exe
[7] 2012-07-26 . FBBAD33ED97E961CC1500872DE5D96DD . 159232 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.2.9200.16384_none_4cf85cc9659cdc8e\regedit.exe
.
[-] 2013-07-21 15:55 . 3AD0E097EFFA0758BC2D8F4C7F75AAF7 . 4321 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.20555_none_a973c1fbdcbc87ba\ole32.dll
[-] 2013-07-21 15:55 . EFF498B800AD0377AD50F6737C835343 . 105248 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.16384_none_a8c8b33cc3b82545\ole32.dll
[-] 2013-07-07 18:48 . F9A1E7E86088B6B186663147FFD39F54 . 4232 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.20555_none_05925d7f9519f8f0\ole32.dll
[-] 2013-07-07 18:48 . A8082CD2C18155EB8D88C4E0EC041046 . 185394 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.16384_none_04e74ec07c15967b\ole32.dll
.
[7] 2012-07-26 . BC9503A901A545FAD807909F8C86B286 . 75776 . . [6.2.9200.16384] .. c:\windows\SysWOW64\usp10.dll
[7] 2012-07-26 . BC9503A901A545FAD807909F8C86B286 . 75776 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-usp_31bf3856ad364e35_6.2.9200.16384_none_a9a584ef29e324ef\usp10.dll
.
.
[7] 2012-07-26 . 78A83B17F5DDA47FAC0B0643456F7BAC . 9728 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2012-07-26 . 78A83B17F5DDA47FAC0B0643456F7BAC . 9728 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.2.9200.16384_none_99db98b461f84ee8\ctfmon.exe
.
[7] 2012-07-26 . C416B8E2EF38D100DA19C4DA8A3E8A17 . 506368 . . [6.2.9200.16384] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2012-07-26 . C416B8E2EF38D100DA19C4DA8A3E8A17 . 506368 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.2.9200.16384_none_304eaee0db128ed4\shsvcs.dll
.
[7] 2012-07-26 . 6FA9D09428E56C11E01066CAF2FB5031 . 5120 . . [6.2.9200.16384] .. c:\windows\SysWOW64\msimg32.dll
[7] 2012-07-26 . 6FA9D09428E56C11E01066CAF2FB5031 . 5120 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.2.9200.16384_none_7416e3fbed72d682\msimg32.dll
.
[7] 2012-07-26 . E0C63FB6DB6A57CF97BC2D5313CA1170 . 23040 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ias.dll
[7] 2012-07-26 . E0C63FB6DB6A57CF97BC2D5313CA1170 . 23040 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.2.9200.16384_none_f5abe68513ed07d9\ias.dll
.
[7] 2012-07-26 03:18 . 6A12B53574063FE7E7AC01488863BF91 . 924944 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2012-07-26 03:18 . 6A12B53574063FE7E7AC01488863BF91 . 924944 . . [4.1.6140] .. c:\windows\WinSxS\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.2.9200.16384_none_efbe1de626f6fe4a\mfc40u.dll
.
[7] 2012-07-26 . 4359A695FB0CF5C0C78A7FD2DACABC00 . 409600 . . [6.2.9200.16384] .. c:\windows\SysWOW64\upnphost.dll
[7] 2012-07-26 . 4359A695FB0CF5C0C78A7FD2DACABC00 . 409600 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.2.9200.16384_none_2506862bf2a8f5c1\upnphost.dll
.
[7] 2012-07-26 . A97542F6C1B3C99E739E6D2A79C1E1A3 . 523776 . . [6.2.9200.16384] .. c:\windows\SysWOW64\dsound.dll
[7] 2012-07-26 . A97542F6C1B3C99E739E6D2A79C1E1A3 . 523776 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.2.9200.16384_none_5546ca391349a3c1\dsound.dll
.
[7] 2012-07-26 . 118BA3061B4040BDC17432B775F3A292 . 1762304 . . [6.2.9200.16384] .. c:\windows\SysWOW64\d3d9.dll
[7] 2012-07-26 . 118BA3061B4040BDC17432B775F3A292 . 1762304 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.2.9200.16384_none_bef87886322cfaba\d3d9.dll
.
[7] 2012-07-26 . FC320B910DFBDFE314D6321ADCC8D8C7 . 474624 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ddraw.dll
[7] 2012-07-26 . FC320B910DFBDFE314D6321ADCC8D8C7 . 474624 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.2.9200.16384_none_01b0aecd9168037e\ddraw.dll
.
[7] 2012-07-26 03:19 . 75439663A508A6256F3D50E0E760488B . 79360 . . [6.2.9200.16384] .. c:\windows\SysWOW64\olepro32.dll
[7] 2012-07-26 03:19 . 75439663A508A6256F3D50E0E760488B . 79360 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.2.9200.16384_none_36bec673d31b0b3f\olepro32.dll
.
[-] 2013-07-10 20:59 . 01F68BB34250029E6468E50B891817C6 . 417 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.20521_none_95590cd5342e73d0\perfctrs.dll
[-] 2013-07-10 20:59 . 4FCF612AF83C4AD71568B6457759C7F6 . 432 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.16384_none_94918f7a1b3eca8a\perfctrs.dll
[-] 2013-07-07 19:23 . 39ACACD8CDCBEDFA38AFD0CA30DA15EF . 417 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.20521_none_8b046282ffcdb1d5\perfctrs.dll
[-] 2013-07-07 19:23 . F9A526BADBE681B1B47E59B73FCE6735 . 431 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.16384_none_8a3ce527e6de088f\perfctrs.dll
[7] 2012-09-20 . EAEDE137A7FF55C258DB60684DC4AE74 . 39424 . . [6.2.9200.16384] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2012-09-20 . EAEDE137A7FF55C258DB60684DC4AE74 . 39424 . . [6.2.9200.16420] .. c:\windows\WinSxS\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.16420_none_94ce6fc01b11baaf\perfctrs.dll
.
[7] 2012-07-26 . 682C3D4982B5375732A4273809365A0A . 16384 . . [6.2.9200.16384] .. c:\windows\SysWOW64\version.dll
[7] 2012-07-26 . 682C3D4982B5375732A4273809365A0A . 16384 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-version_31bf3856ad364e35_6.2.9200.16384_none_11a95b10224c80b5\version.dll
.
[-] 2014-04-23 12:47 . 68FB551792902D48432F36A6DE6466EE . 5039 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20982_none_2b4ec71f3a50f568\iexplore.exe
[-] 2014-04-23 12:47 . A6FE34865F42D912C3AC9F8C72C3E0D0 . 4335 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16843_none_422325b720a52e07\iexplore.exe
[-] 2014-04-20 12:56 . AC585B711F282AF4150F51FA789A5ECE . 3063 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20982_none_20fa1ccd05f0336d\iexplore.exe
[-] 2014-04-20 12:56 . 97A38FA2D01B4328D0E67B3A7ACF584B . 4393 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16843_none_37ce7b64ec446c0c\iexplore.exe
[-] 2014-03-22 18:52 . F99E6F56B087F240B274EFEE0887DFA8 . 6364 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_2b75d8173a34538a\iexplore.exe
[-] 2014-03-22 18:52 . DC774D38E42F6F5835FDC9062BC67496 . 6366 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_2b74d7cd3a353a33\iexplore.exe
[-] 2014-03-22 18:52 . F3B9F755BE0D7935F0C5499B2445A763 . 6396 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_424e7c2f2084a4a2\iexplore.exe
[-] 2014-03-22 18:52 . 19173EFC7394DF0DF2AE5D039660FD57 . 6388 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_424d651d2085a4ec\iexplore.exe
[-] 2014-03-22 18:52 . 0E1628E0D1690FA789A0BEB51E180D66 . 6812 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_425d1fb32079214f\iexplore.exe
[-] 2014-03-22 18:45 . 7CE72F94C64A0142E6FC553C140DF8D1 . 6940 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_21212dc505d3918f\iexplore.exe
[-] 2014-03-22 18:45 . 3B3D09CEABFDF18F830C8754DD78529C . 6939 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_21202d7b05d47838\iexplore.exe
[-] 2014-03-22 18:45 . E167C113CB77B3485B3F404D5A2D7EF2 . 6949 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_37f9d1dcec23e2a7\iexplore.exe
[-] 2014-03-22 18:45 . 5200E7401F0DDCE1A630FA2D6298E3DF . 6947 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_37f8bacaec24e2f1\iexplore.exe
[-] 2014-03-22 18:45 . 6FD70629C5217E0535A3513D3E6A27DD . 6941 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_38087560ec185f54\iexplore.exe
[-] 2014-03-15 22:36 . 4ACD75D6764A1A5BA134521FB1D3D3A4 . 4462 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20963_none_2b4cafc33a52dc5b\iexplore.exe
[-] 2014-03-15 22:17 . 07B0B7C3AD976EDB9A7E0605C6296C16 . 3078 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20963_none_20f8057105f21a60\iexplore.exe
.
[7] 2012-07-26 . 38E655CF5DD5713146E3CEF041BAADC4 . 17920 . . [6.2.9200.16384] .. c:\windows\SysWOW64\midimap.dll
[7] 2012-07-26 . 38E655CF5DD5713146E3CEF041BAADC4 . 17920 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.2.9200.16384_none_89a8d3e4e1f6a667\midimap.dll
.
[7] 2012-07-26 . 7CD424F005ED71204DCB14CF11F1EB0C . 11264 . . [6.2.9200.16384] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2012-07-26 . 7CD424F005ED71204DCB14CF11F1EB0C . 11264 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.2.9200.16384_none_72f8506d23781755\rasadhlp.dll
.
[7] 2012-07-26 . 5719FF26E947EC345E62D24C86BC317B . 9728 . . [6.2.9200.16384] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[7] 2012-07-26 . 5719FF26E947EC345E62D24C86BC317B . 9728 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.2.9200.16384_none_c85e11a302ee4a1b\WSHTCPIP.DLL
.
c:\windows\system32\cngaudit.dll ... Fehlt !!
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-09 1826496]
"Spotify Web Helper"="c:\users\Merlin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-31 1171968]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-30 2990304]
"Akamai NetSession Interface"="c:\users\Merlin\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"GoogleChromeAutoLaunch_CD140F5AAD8E6FC651893248525622D4"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-04-24 841032]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-04-25 22415552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"D-Link D-Link DWA-140"="c:\program files (x86)\D-Link\DWA-140 revB\AirNCFG.exe" [2011-06-29 1074496]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-02-11 2239376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2012-07-26 62976]
.
c:\users\Merlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Merlin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
R2 0162251362329979mcinstcleanup;McAfee Application Installer Cleanup (0162251362329979);c:\users\Merlin\AppData\Local\Temp\016225~1.EXE;c:\users\Merlin\AppData\Local\Temp\016225~1.EXE [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store Service;c:\program files (x86)\SelfUpdater\SystemStore.exe -displayname System Store Service -servicename SystemStoreService;c:\program files (x86)\SelfUpdater\SystemStore.exe -displayname System Store Service -servicename SystemStoreService [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\users\Merlin\AppData\Local\Temp\EverestDriver.sys;c:\users\Merlin\AppData\Local\Temp\EverestDriver.sys [x]
R3 GameKB;SHARKOON Skiller;c:\windows\system32\drivers\GameKB.sys;c:\windows\SYSNATIVE\drivers\GameKB.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe;c:\windows\SysWOW64\GSService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S2 D_Link_DWA-140_WPS;D_Link_DWA-140_WPS Service;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;@oem30.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-10 12:40 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-505795367-1035587087-3783900401-1001Core.job
- c:\users\Merlin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-26 19:11]
.
2014-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-30 13:47]
.
2014-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-30 13:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-02 12921488]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-lrcspal@lyricspal.co - c:\program files (x86)\LyricsPal\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.DefaultCsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,38,12,15,21,99,
35,ad,10,d3,00,f6,8f,3c,cf,15,94,08,e1
"{11111111-1111-1111-1111-110311341140}"=hex:51,66,7a,6c,4c,1d,38,12,7f,12,02,
15,23,5f,7f,54,6e,07,52,43,14,6a,55,54
"{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}"=hex:51,66,7a,6c,4c,1d,38,12,1d,cf,77,
51,95,a1,d1,09,ee,9c,1f,b7,fe,e1,bb,5b
"{73455575-E40C-433C-9784-C78DC7761455}"=hex:51,66,7a,6c,4c,1d,38,12,1b,56,56,
77,3e,aa,52,06,e8,92,84,cd,c2,28,50,41
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}"=hex:51,66,7a,6c,4c,1d,38,12,4d,0e,7e,
9a,40,73,fa,0f,d1,09,6e,56,73,7a,a7,cd
"{C8FBE488-BAF5-4019-A7F7-C888045987D3}"=hex:51,66,7a,6c,4c,1d,38,12,e6,e7,e8,
cc,c7,f4,77,05,d8,e1,8b,c8,01,07,c3,c7
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
.
[HKEY_USERS\.DefaultCsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:e4,2d,98,cb,81,eb,ce,01
.
[HKEY_USERS\.DefaultCsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,ab,20,ce,2a,bd,87,46,98,cb,67,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,ab,20,ce,2a,bd,87,46,98,cb,67,\
.
[HKEY_USERS\S-1-5-21-505795367-1035587087-3783900401-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,3b,1b,58,a5,a9,
12,e4,e0,26,05,94,56,0e,36,be,8a,a0,7d
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8c,06,
6a,c0,8c,46,08,ac,e7,8b,86,f1,99,6d,5a
"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,39,f2,76,
ad,86,fb,6c,04,ab,08,73,8c,e9,4a,c8,e6
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1b,da,
c7,75,fe,31,0d,a6,78,c3,79,c1,85,c8,b0
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3d,4c,
92,1d,f7,d5,06,b6,21,8e,23,00,c9,cd,1f
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,39,98,
2d,af,04,d7,0b,93,95,20,d3,10,8a,0c,ec
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1d,60,
e1,ee,c5,27,06,bf,86,54,f7,41,11,8a,c1
"{11111111-1111-1111-1111-110311341140}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0a,03,
0d,21,4b,7b,5f,0b,1d,4e,5f,11,74,51,59
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,20,3f,
51,8e,33,10,09,8a,f9,a2,87,05,75,39,6c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-21 19:06:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-05-21 17:06
.
Vor Suchlauf: 14 Verzeichnis(se), 204.891.795.456 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 227.180.666.880 Bytes frei
.
- - End Of File - - EBD9091B4D9EE1906002264EC48E6575
Geändert von Katschmorayk (21.05.2014 um 18:29 Uhr) |
|
22.05.2014, 13:21
| #6 |
| /// the machine /// TB-Ausbilder | Virus!? Browser schließt, Programme nicht öffbar Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Virus!? Browser schließt, Programme nicht öffbar |
|
24.05.2014, 15:53
| #7 |
| | Virus!? Browser schließt, Programme nicht öffbar Malwarebytes Anti-Malware hab ich von heise.de runtergeladen da Chrome bei dem Download von filepony.de immer abgestürzt ist. Malwarebytes Anti-Malware : Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 24.05.2014 16:19:37, SYSTEM, MERLIN, Protection, Malware Protection, Starting, Protection, 24.05.2014 16:19:37, SYSTEM, MERLIN, Protection, Malware Protection, Started, Protection, 24.05.2014 16:19:37, SYSTEM, MERLIN, Protection, Malicious Website Protection, Starting, Protection, 24.05.2014 16:19:38, SYSTEM, MERLIN, Protection, Malicious Website Protection, Started, Update, 24.05.2014 16:20:31, SYSTEM, MERLIN, Manual, Rootkit Database, 2014.2.20.1, 2014.5.21.1, Update, 24.05.2014 16:20:45, SYSTEM, MERLIN, Manual, Malware Database, 2014.3.4.9, 2014.5.24.4, Update, 24.05.2014 16:20:51, SYSTEM, MERLIN, Manual, program, 2.0.0.1000, 2.0.1.1004, Protection, 24.05.2014 16:21:51, SYSTEM, MERLIN, Protection, Malicious Website Protection, Stopping, Protection, 24.05.2014 16:21:51, SYSTEM, MERLIN, Protection, Malicious Website Protection, Stopped, Protection, 24.05.2014 16:21:51, SYSTEM, MERLIN, Protection, Malware Protection, Stopping, Protection, 24.05.2014 16:21:52, SYSTEM, MERLIN, Protection, Malware Protection, Stopped, Protection, 24.05.2014 16:21:58, SYSTEM, MERLIN, Protection, Malware Protection, Starting, Protection, 24.05.2014 16:21:58, SYSTEM, MERLIN, Protection, Malware Protection, Started, Protection, 24.05.2014 16:21:58, SYSTEM, MERLIN, Protection, Malicious Website Protection, Starting, Protection, 24.05.2014 16:21:58, SYSTEM, MERLIN, Protection, Malicious Website Protection, Started, Update, 24.05.2014 16:22:00, SYSTEM, MERLIN, Manual, Rootkit Database, 2014.2.20.1, 2014.5.21.1, Update, 24.05.2014 16:22:07, SYSTEM, MERLIN, Manual, Malware Database, 2014.3.4.9, 2014.5.24.4, Protection, 24.05.2014 16:22:07, SYSTEM, MERLIN, Protection, Refresh, Starting, Protection, 24.05.2014 16:22:07, SYSTEM, MERLIN, Protection, Malicious Website Protection, Stopping, Protection, 24.05.2014 16:22:08, SYSTEM, MERLIN, Protection, Malicious Website Protection, Stopped, Protection, 24.05.2014 16:22:10, SYSTEM, MERLIN, Protection, Refresh, Success, Protection, 24.05.2014 16:22:10, SYSTEM, MERLIN, Protection, Malicious Website Protection, Starting, Protection, 24.05.2014 16:22:10, SYSTEM, MERLIN, Protection, Malicious Website Protection, Started, Protection, 24.05.2014 16:30:29, SYSTEM, MERLIN, Protection, Malware Protection, Starting, Protection, 24.05.2014 16:30:29, SYSTEM, MERLIN, Protection, Malware Protection, Started, Protection, 24.05.2014 16:30:29, SYSTEM, MERLIN, Protection, Malicious Website Protection, Starting, Protection, 24.05.2014 16:30:41, SYSTEM, MERLIN, Protection, Malicious Website Protection, Started, (end) Code:
ATTFilter # AdwCleaner v3.210 - Bericht erstellt am 24/05/2014 um 16:37:36
# Aktualisiert 19/05/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Merlin - MERLIN
# Gestartet von : C:\Users\Merlin\Downloads\adwcleaner_3.210.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : SystemStoreService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Merlin\AppData\Local\apn
Ordner Gelöscht : C:\Users\Merlin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Merlin\AppData\Roaming\Oxy
Ordner Gelöscht : C:\Users\Merlin\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\Merlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Datei Gelöscht : C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\searchplugins\holasearch.xml
Datei Gelöscht : C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mmiopbgcekanlhpjkonogoljpfmhpkhf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKCU\Software\fedadfe56de543
Schlüssel Gelöscht : HKLM\SOFTWARE\fedadfe56de543
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Escolade
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricspal
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\lrcspal@lyricspal.co
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v
[ Datei : C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.holasearch.com/?affID=121962&babsrc=HP_ss&mntrId=D8464C72B9575B8E");
-\\ Google Chrome v34.0.1847.131
[ Datei : C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Startup_urls] : hxxps://mail.google.com/mail/u/0/?tab=wm#inbox
Gelöscht [Extension] : mmiopbgcekanlhpjkonogoljpfmhpkhf
*************************
AdwCleaner[R0].txt - [5198 octets] - [24/05/2014 16:37:08]
AdwCleaner[S0].txt - [4626 octets] - [24/05/2014 16:37:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4686 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Merlin on 24.05.2014 at 16:41:00,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-505795367-1035587087-3783900401-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Myfree Codec
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{771C4718-9940-4067-801B-03B112522E9E}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.05.2014 at 16:43:48,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
25.05.2014, 07:11
| #8 |
| /// the machine /// TB-Ausbilder | Virus!? Browser schließt, Programme nicht öffbarESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.05.2014, 16:39
| #9 |
| | Virus!? Browser schließt, Programme nicht öffbar Eset: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=453890e465b1094aa5c54ef003413809
# engine=18405
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-25 03:24:18
# local_time=2014-05-25 05:24:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5122 16777214 0 9 38612891 59217922 0 0
# compatibility_mode=5893 16776574 100 94 91568 60537569 0 0
# scanned=392812
# found=2
# cleaned=0
# scan_time=6334
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=35D7A75922516DB630FA0779DB68B94609FACB72 ft=1 fh=56e5d65167e80a94 vn="Win32/AdWare.1ClickDownload.AR Anwendung" ac=I fn="C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000"
Code:
ATTFilter Results of screen317's Security Check version 0.99.83 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Google Chrome 34.0.1847.116 Google Chrome 34.0.1847.131 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 01 Ran by Merlin (administrator) on MERLIN on 25-05-2014 17:38:02 Running from C:\Users\Merlin\Downloads Platform: Windows 8 (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (Akamai Technologies, Inc.) C:\Users\Merlin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Merlin\AppData\Local\Akamai\netsession_win.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe (HEAVEN KILLERS RELEASE GROUP) C:\Users\Merlin\Desktop\JClicker (3).exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [D-Link D-Link DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-26] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2014-02-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1826496 2014-04-09] (Valve Corporation) HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Spotify Web Helper] => C:\Users\Merlin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-31] (Spotify Ltd) HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-26] (Samsung) HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.) HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Merlin\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [GoogleChromeAutoLaunch_CD140F5AAD8E6FC651893248525622D4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.) HKU\S-1-5-21-505795367-1035587087-3783900401-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22415552 2014-04-25] (Google) Startup: C:\Users\Merlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Merlin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM - {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKLM-x32 - {4903127F-D81F-4479-B688-5A158D3EDD04} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS SearchScopes: HKCU - {4903127F-D81F-4479-B688-5A158D3EDD04} URL = BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default FF SelectedSearchEngine: Hola Search FF NetworkProxy: "gopher", "" FF NetworkProxy: "gopher_port", 0 FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "type", 0 FF DefaultSearchEngine: Google FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VLC Media Player\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VLC Media Player\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Merlin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Extension: No Name - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\116 [2013-07-07] FF Extension: No Name - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\staged [2013-05-06] FF Extension: Free Hide IP - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\support@free-hideip.com.xpi [2013-05-06] FF Extension: NoScript - C:\Users\Merlin\AppData\Roaming\Mozilla\Firefox\Profiles\s94y1jex.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-03-11] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-17] FF HKLM-x32\...\Firefox\Extensions: [ffpwdman@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman\ FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: No Name - C:\Program Files\McAfee\MSK [2012-08-02] Chrome: ======= CHR HomePage: CHR StartupUrls: "hxxp://www.iloveradio.de/voting.html", "https://mail.google.com/mail/u/0/?tab=wm#inbox", "https://www.facebook.com/", "hxxp://www.hsv.de/ticket/dauerkarten/", "hxxp://www.minecraftpvp.com/" CHR Extension: (Google Docs) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-13] CHR Extension: (Google Drive) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-13] CHR Extension: (YouTube) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-25] CHR Extension: (Adblock Plus) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-30] CHR Extension: (Google-Suche) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-25] CHR Extension: (Adblock für Facebook™) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfjodonncabnangfknilmabjfofdikc [2014-01-15] CHR Extension: (Google Wallet) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24] CHR Extension: (Marc Ecko) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2014-01-15] CHR Extension: (Bitdefender QuickScan) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-05-17] CHR Extension: (Google Mail) - C:\Users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-25] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-11-25] ==================== Services (Whitelisted) ================= R2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] () S3 GSService; C:\Windows\SysWOW64\GSService.exe [122880 2010-05-20] () R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5017968 2013-01-08] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-02-28] () S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) S2 0162251362329979mcinstcleanup; C:\Users\Merlin\AppData\Local\Temp\016225~1.EXE -cleanup -nolog [X] S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X] S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X] ==================== Drivers (Whitelisted) ==================== S1 anodlwf; C:\Windows\system32\DRIVERS\anodlwfx.sys [15872 2011-02-21] () U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation) R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [452432 2013-03-06] (Intel Corporation) S3 GameKB; C:\Windows\system32\drivers\GameKB.sys [27648 2012-05-11] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\48230029.sys [119512 2014-05-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) R3 netr28ux; C:\Windows\system32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.) S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EverestDriver; \??\C:\Users\Merlin\AppData\Local\Temp\EverestDriver.sys [X] S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-25 17:37 - 2014-05-25 17:37 - 00000862 _____ () C:\Users\Merlin\Desktop\checkup.txt 2014-05-25 17:35 - 2014-05-25 17:35 - 00854367 _____ () C:\Users\Merlin\Downloads\SecurityCheck.exe 2014-05-25 15:33 - 2014-05-25 15:34 - 02347384 _____ (ESET) C:\Users\Merlin\Downloads\esetsmartinstaller_deu.exe 2014-05-25 11:51 - 2014-05-25 11:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-24 16:45 - 2014-05-24 16:45 - 00042664 _____ () C:\Users\Merlin\Desktop\FRST.txt 2014-05-24 16:44 - 2014-05-25 17:37 - 00000000 ____D () C:\Users\Merlin\Downloads\FRST-OlderVersion 2014-05-24 16:43 - 2014-05-25 16:22 - 00004200 _____ () C:\Windows\System32\Tasks\Software Updater 2014-05-24 16:43 - 2014-05-24 16:43 - 00001479 _____ () C:\Users\Merlin\Desktop\JRT.txt 2014-05-24 16:40 - 2014-05-24 16:40 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 16:39 - 2014-05-24 16:39 - 00004774 _____ () C:\Users\Merlin\Desktop\AdwCleaner[S0].txt 2014-05-24 16:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-24 16:34 - 2014-05-24 16:34 - 00002675 _____ () C:\Users\Merlin\Desktop\mbam1.txt 2014-05-24 16:34 - 2014-05-24 16:34 - 00002675 _____ () C:\Users\Merlin\Desktop\mbam.txt 2014-05-24 16:19 - 2014-05-25 11:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-24 16:19 - 2014-05-24 16:21 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-24 16:19 - 2014-05-24 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-24 16:19 - 2014-05-24 16:21 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-24 16:19 - 2014-05-24 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-24 16:19 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-24 16:19 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-24 16:19 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-24 16:17 - 2014-05-24 16:17 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Merlin\Downloads\mbam-setup-2.0.0.1000.exe 2014-05-24 16:17 - 2014-05-24 16:17 - 01016261 _____ (Thisisu) C:\Users\Merlin\Downloads\JRT.exe 2014-05-24 16:15 - 2014-05-24 16:37 - 00000000 ____D () C:\AdwCleaner 2014-05-24 16:14 - 2014-05-24 16:14 - 01326389 _____ () C:\Users\Merlin\Downloads\adwcleaner_3.210.exe 2014-05-21 19:55 - 2014-05-21 19:55 - 00020400 _____ () C:\Users\Merlin\Desktop\PB_Überweisung_KtoNr0155504118_ 21-05-2014_1949.zip 2014-05-21 19:06 - 2014-05-21 19:06 - 00087902 _____ () C:\ComboFix.txt 2014-05-21 18:56 - 2014-05-21 18:56 - 00000000 _____ () C:\Users\Merlin\AppData\Local\{C26BA1C3-2B0F-4441-AEF3-3FBC79ABE171} 2014-05-21 18:20 - 2014-05-21 19:06 - 00000000 ____D () C:\Qoobox 2014-05-21 18:20 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-21 18:20 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-21 18:20 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-21 18:20 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-21 18:20 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-21 18:20 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe 2014-05-21 18:20 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-21 18:20 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-21 18:20 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-21 18:19 - 2014-05-21 19:00 - 00000000 ____D () C:\Windows\erdnt 2014-05-21 18:19 - 2014-05-21 18:19 - 00001174 _____ () C:\Users\Merlin\Desktop\Nicht bestätigt 183952.crdownload - Verknüpfung.lnk 2014-05-21 18:18 - 2014-05-21 18:19 - 05200426 _____ (Swearware) C:\Users\Merlin\Downloads\ComboFix (1).exe 2014-05-21 18:17 - 2014-05-21 18:18 - 05200426 ____R (Swearware) C:\Users\Merlin\Desktop\ComboFix.exe 2014-05-20 19:31 - 2014-05-20 19:31 - 00045103 _____ () C:\Users\Merlin\Desktop\Addition.txt 2014-05-20 19:29 - 2014-05-20 19:29 - 00034374 _____ () C:\Users\Merlin\Desktop\frst1.txt 2014-05-20 19:28 - 2014-05-20 19:28 - 00045103 _____ () C:\Users\Merlin\Downloads\Addition.txt 2014-05-20 19:27 - 2014-05-25 17:38 - 00017287 _____ () C:\Users\Merlin\Downloads\FRST.txt 2014-05-20 19:27 - 2014-05-25 17:38 - 00000000 ____D () C:\FRST 2014-05-20 19:26 - 2014-05-25 17:37 - 02066944 _____ (Farbar) C:\Users\Merlin\Downloads\FRST64.exe 2014-05-20 19:26 - 2014-05-20 19:26 - 00001456 _____ () C:\Users\Merlin\Desktop\FRST64.exe - Verknüpfung.lnk 2014-05-19 19:48 - 2014-05-19 19:49 - 16558656 _____ () C:\Users\Merlin\Downloads\Nicht bestätigt 883208.crdownload 2014-05-18 01:03 - 2014-05-18 01:04 - 28413552 _____ (Panda Security ) C:\Users\Merlin\Downloads\PandaCloudCleaner.exe 2014-05-17 20:26 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-17 20:26 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-17 20:26 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-17 20:26 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-17 20:26 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2014-05-17 20:26 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-05-17 20:26 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-17 20:26 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-17 20:26 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-17 20:26 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-17 20:26 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll 2014-05-17 20:26 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-17 20:26 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-17 20:26 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2014-05-17 20:26 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-05-17 20:26 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-17 20:26 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-17 20:26 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-17 20:26 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-17 20:26 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-17 20:26 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll 2014-05-17 20:26 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-05-17 20:26 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-17 20:26 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-17 20:26 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-05-17 20:26 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-17 20:26 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-17 20:26 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-17 20:26 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-17 20:26 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-17 20:26 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-17 20:26 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-17 20:26 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-17 20:26 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-17 20:26 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2014-05-17 20:26 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-17 20:26 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-17 20:26 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-17 20:26 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-17 20:26 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-17 20:26 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-05-17 20:25 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-17 20:25 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-17 20:25 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-17 20:25 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-17 20:25 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-05-17 20:25 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2014-05-17 20:25 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll 2014-05-17 20:25 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-05-17 20:25 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-05-17 20:25 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-05-17 20:25 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-05-17 20:25 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-05-17 20:25 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2014-05-17 20:07 - 2014-05-17 20:07 - 00000000 _____ () C:\Users\Merlin\AppData\Local\{2BEF511A-2D4E-4993-9C74-56320EE9CB6D} 2014-05-14 19:01 - 2014-05-14 19:03 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018 (1).exe 2014-05-14 18:59 - 2014-05-14 19:00 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018.exe 2014-05-14 15:55 - 2014-05-14 15:55 - 00000000 ____D () C:\found.001 2014-05-10 20:06 - 2014-05-10 20:06 - 00282775 _____ () C:\Users\Merlin\Downloads\YouTube-Unblocker-055.crx 2014-05-10 15:03 - 2014-05-10 15:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-05-10 15:03 - 2014-05-10 15:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-05-10 15:03 - 2014-05-10 15:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-05-10 15:03 - 2014-05-10 15:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 ____D () C:\Windows\Sun 2014-05-10 15:01 - 2014-05-10 15:02 - 29164456 _____ (Oracle Corporation) C:\Users\Merlin\Downloads\jre-7u55-windows-i586.exe 2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default\AppData\Local\Google 2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google 2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1.zip 2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1 (1).zip 2014-04-26 16:46 - 2014-04-26 16:46 - 00211608 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack Setup_2014.rar.rar 2014-04-26 16:40 - 2014-04-26 16:40 - 01167788 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack No Survey Updated 2013.zip 2014-04-25 23:59 - 2014-04-25 23:59 - 00000470 _____ () C:\Users\Merlin\Downloads\listen-dsl.asx 2014-04-25 21:02 - 2014-05-25 11:55 - 00000000 ___RD () C:\Users\Merlin\Google Drive 2014-04-25 21:02 - 2014-04-25 21:02 - 00001716 _____ () C:\Users\Merlin\Desktop\Google Drive.lnk 2014-04-25 21:00 - 2014-05-10 14:40 - 00002046 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-04-25 21:00 - 2014-05-10 14:40 - 00002044 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-04-25 21:00 - 2014-05-10 14:40 - 00002034 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-04-25 21:00 - 2014-05-10 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-04-25 20:59 - 2014-04-25 20:59 - 00884672 _____ (Google Inc.) C:\Users\Merlin\Downloads\googledrivesync.exe 2014-04-25 20:59 - 2014-04-25 20:59 - 00021698 _____ () C:\Users\Merlin\Downloads\documents-export-2014-04-25.zip ==================== One Month Modified Files and Folders ======= 2014-05-25 17:38 - 2014-05-20 19:27 - 00017287 _____ () C:\Users\Merlin\Downloads\FRST.txt 2014-05-25 17:38 - 2014-05-20 19:27 - 00000000 ____D () C:\FRST 2014-05-25 17:38 - 2012-12-30 15:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-25 17:37 - 2014-05-25 17:37 - 00000862 _____ () C:\Users\Merlin\Desktop\checkup.txt 2014-05-25 17:37 - 2014-05-24 16:44 - 00000000 ____D () C:\Users\Merlin\Downloads\FRST-OlderVersion 2014-05-25 17:37 - 2014-05-20 19:26 - 02066944 _____ (Farbar) C:\Users\Merlin\Downloads\FRST64.exe 2014-05-25 17:35 - 2014-05-25 17:35 - 00854367 _____ () C:\Users\Merlin\Downloads\SecurityCheck.exe 2014-05-25 17:29 - 2012-12-31 17:48 - 02626560 ___SH () C:\Users\Merlin\Desktop\Thumbs.db 2014-05-25 17:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru 2014-05-25 16:36 - 2014-03-03 21:32 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\.minecraft 2014-05-25 16:22 - 2014-05-24 16:43 - 00004200 _____ () C:\Windows\System32\Tasks\Software Updater 2014-05-25 15:34 - 2014-05-25 15:33 - 02347384 _____ (ESET) C:\Users\Merlin\Downloads\esetsmartinstaller_deu.exe 2014-05-25 15:31 - 2012-11-11 10:15 - 00751892 _____ () C:\Windows\system32\perfh007.dat 2014-05-25 15:31 - 2012-11-11 10:15 - 00155620 _____ () C:\Windows\system32\perfc007.dat 2014-05-25 15:31 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-25 15:21 - 2012-12-30 15:47 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-25 15:21 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-25 11:55 - 2014-04-25 21:02 - 00000000 ___RD () C:\Users\Merlin\Google Drive 2014-05-25 11:51 - 2014-05-25 11:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-05-25 11:51 - 2014-05-24 16:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-24 22:15 - 2012-12-25 12:18 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\TS3Client 2014-05-24 17:20 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-05-24 16:59 - 2012-12-25 00:32 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-505795367-1035587087-3783900401-1001 2014-05-24 16:59 - 2012-11-14 12:33 - 01489705 _____ () C:\Windows\WindowsUpdate.log 2014-05-24 16:45 - 2014-05-24 16:45 - 00042664 _____ () C:\Users\Merlin\Desktop\FRST.txt 2014-05-24 16:43 - 2014-05-24 16:43 - 00001479 _____ () C:\Users\Merlin\Desktop\JRT.txt 2014-05-24 16:40 - 2014-05-24 16:40 - 00000000 ____D () C:\Windows\ERUNT 2014-05-24 16:39 - 2014-05-24 16:39 - 00004774 _____ () C:\Users\Merlin\Desktop\AdwCleaner[S0].txt 2014-05-24 16:38 - 2012-11-14 12:43 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-24 16:38 - 2012-08-02 17:04 - 00475046 _____ () C:\Windows\PFRO.log 2014-05-24 16:37 - 2014-05-24 16:15 - 00000000 ____D () C:\AdwCleaner 2014-05-24 16:34 - 2014-05-24 16:34 - 00002675 _____ () C:\Users\Merlin\Desktop\mbam1.txt 2014-05-24 16:34 - 2014-05-24 16:34 - 00002675 _____ () C:\Users\Merlin\Desktop\mbam.txt 2014-05-24 16:33 - 2013-01-12 20:13 - 00000000 ____D () C:\Users\Merlin\AppData\Local\Adobe 2014-05-24 16:33 - 2012-12-25 11:53 - 00000000 ____D () C:\Users\Merlin\AppData\Local\CrashDumps 2014-05-24 16:30 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\LiveKernelReports 2014-05-24 16:21 - 2014-05-24 16:19 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-24 16:21 - 2014-05-24 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-24 16:21 - 2014-05-24 16:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-24 16:19 - 2014-05-24 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-24 16:17 - 2014-05-24 16:17 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Merlin\Downloads\mbam-setup-2.0.0.1000.exe 2014-05-24 16:17 - 2014-05-24 16:17 - 01016261 _____ (Thisisu) C:\Users\Merlin\Downloads\JRT.exe 2014-05-24 16:14 - 2014-05-24 16:14 - 01326389 _____ () C:\Users\Merlin\Downloads\adwcleaner_3.210.exe 2014-05-24 15:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData 2014-05-24 15:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-24 15:58 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-05-24 15:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates 2014-05-24 15:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender 2014-05-24 15:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-05-24 15:58 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI 2014-05-21 19:55 - 2014-05-21 19:55 - 00020400 _____ () C:\Users\Merlin\Desktop\PB_Überweisung_KtoNr0155504118_ 21-05-2014_1949.zip 2014-05-21 19:06 - 2014-05-21 19:06 - 00087902 _____ () C:\ComboFix.txt 2014-05-21 19:06 - 2014-05-21 18:20 - 00000000 ____D () C:\Qoobox 2014-05-21 19:06 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default 2014-05-21 19:00 - 2014-05-21 18:19 - 00000000 ____D () C:\Windows\erdnt 2014-05-21 18:57 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini 2014-05-21 18:56 - 2014-05-21 18:56 - 00000000 _____ () C:\Users\Merlin\AppData\Local\{C26BA1C3-2B0F-4441-AEF3-3FBC79ABE171} 2014-05-21 18:19 - 2014-05-21 18:19 - 00001174 _____ () C:\Users\Merlin\Desktop\Nicht bestätigt 183952.crdownload - Verknüpfung.lnk 2014-05-21 18:19 - 2014-05-21 18:18 - 05200426 _____ (Swearware) C:\Users\Merlin\Downloads\ComboFix (1).exe 2014-05-21 18:18 - 2014-05-21 18:17 - 05200426 ____R (Swearware) C:\Users\Merlin\Desktop\ComboFix.exe 2014-05-20 19:31 - 2014-05-20 19:31 - 00045103 _____ () C:\Users\Merlin\Desktop\Addition.txt 2014-05-20 19:29 - 2014-05-20 19:29 - 00034374 _____ () C:\Users\Merlin\Desktop\frst1.txt 2014-05-20 19:29 - 2013-07-22 21:47 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-20 19:28 - 2014-05-20 19:28 - 00045103 _____ () C:\Users\Merlin\Downloads\Addition.txt 2014-05-20 19:26 - 2014-05-20 19:26 - 00001456 _____ () C:\Users\Merlin\Desktop\FRST64.exe - Verknüpfung.lnk 2014-05-19 20:34 - 2012-12-25 10:20 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-19 20:34 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-05-19 19:49 - 2014-05-19 19:48 - 16558656 _____ () C:\Users\Merlin\Downloads\Nicht bestätigt 883208.crdownload 2014-05-18 01:04 - 2014-05-18 01:03 - 28413552 _____ (Panda Security ) C:\Users\Merlin\Downloads\PandaCloudCleaner.exe 2014-05-17 21:08 - 2014-03-15 02:14 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\QuickScan 2014-05-17 20:27 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-05-17 20:07 - 2014-05-17 20:07 - 00000000 _____ () C:\Users\Merlin\AppData\Local\{2BEF511A-2D4E-4993-9C74-56320EE9CB6D} 2014-05-14 19:03 - 2014-05-14 19:01 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018 (1).exe 2014-05-14 19:00 - 2014-05-14 18:59 - 88882192 _____ (AVAST Software) C:\Users\Merlin\Downloads\avast_free_antivirus_setup_9_0_2018.exe 2014-05-14 15:55 - 2014-05-14 15:55 - 00000000 ____D () C:\found.001 2014-05-10 20:06 - 2014-05-10 20:06 - 00282775 _____ () C:\Users\Merlin\Downloads\YouTube-Unblocker-055.crx 2014-05-10 15:03 - 2014-05-10 15:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-05-10 15:03 - 2014-05-10 15:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-05-10 15:03 - 2014-05-10 15:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-05-10 15:03 - 2014-05-10 15:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-05-10 15:03 - 2014-05-10 15:03 - 00000000 ____D () C:\Windows\Sun 2014-05-10 15:03 - 2014-01-12 00:48 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-10 15:03 - 2013-03-08 11:35 - 00000000 ____D () C:\Program Files (x86)\Java 2014-05-10 15:02 - 2014-05-10 15:01 - 29164456 _____ (Oracle Corporation) C:\Users\Merlin\Downloads\jre-7u55-windows-i586.exe 2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default\AppData\Local\Google 2014-05-10 14:40 - 2014-05-10 14:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google 2014-05-10 14:40 - 2014-04-25 21:00 - 00002046 _____ () C:\Users\Public\Desktop\Google Slides.lnk 2014-05-10 14:40 - 2014-04-25 21:00 - 00002044 _____ () C:\Users\Public\Desktop\Google Sheets.lnk 2014-05-10 14:40 - 2014-04-25 21:00 - 00002034 _____ () C:\Users\Public\Desktop\Google Docs.lnk 2014-05-10 14:40 - 2014-04-25 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2014-05-10 14:33 - 2012-12-30 15:47 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-10 14:33 - 2012-12-30 15:47 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-06 07:14 - 2014-05-17 20:26 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 07:14 - 2014-05-17 20:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 05:48 - 2014-05-17 20:25 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 05:48 - 2014-05-17 20:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-06 05:37 - 2014-05-17 20:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 05:26 - 2014-05-17 20:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-01 22:37 - 2012-07-26 10:14 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-01 22:37 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1.zip 2014-04-26 16:54 - 2014-04-26 16:54 - 00041699 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack v2.1 (1).zip 2014-04-26 16:46 - 2014-04-26 16:46 - 00211608 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack Setup_2014.rar.rar 2014-04-26 16:40 - 2014-04-26 16:40 - 01167788 _____ () C:\Users\Merlin\Downloads\Clash of Clans Hack No Survey Updated 2013.zip 2014-04-26 02:46 - 2013-12-19 00:39 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\AbiSuite 2014-04-26 02:46 - 2013-01-07 22:39 - 00000000 ____D () C:\Users\Merlin\AppData\Roaming\vlc 2014-04-25 23:59 - 2014-04-25 23:59 - 00000470 _____ () C:\Users\Merlin\Downloads\listen-dsl.asx 2014-04-25 21:02 - 2014-04-25 21:02 - 00001716 _____ () C:\Users\Merlin\Desktop\Google Drive.lnk 2014-04-25 21:02 - 2012-12-25 00:22 - 00000000 ____D () C:\Users\Merlin 2014-04-25 21:00 - 2012-12-27 22:11 - 00000000 ____D () C:\Users\Merlin\AppData\Local\Google 2014-04-25 21:00 - 2012-12-27 22:11 - 00000000 ____D () C:\Program Files (x86)\Google 2014-04-25 20:59 - 2014-04-25 20:59 - 00884672 _____ (Google Inc.) C:\Users\Merlin\Downloads\googledrivesync.exe 2014-04-25 20:59 - 2014-04-25 20:59 - 00021698 _____ () C:\Users\Merlin\Downloads\documents-export-2014-04-25.zip Some content of TEMP: ==================== C:\Users\Merlin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe [2014-05-17 20:26] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-17 20:17 ==================== End Of Log ============================ --- --- --- Und Nein, das Problem besteht leider weiterhin...  |
|
26.05.2014, 12:36
| #10 |
| /// the machine /// TB-Ausbilder | Virus!? Browser schließt, Programme nicht öffbar Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Bitte beschreib das Problem nochmal genau, wie es jetzt aussieht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.05.2014, 14:05
| #11 |
| | Virus!? Browser schließt, Programme nicht öffbar fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-05-2014 01
Ran by Merlin at 2014-05-27 15:01:16 Run:1
Running from C:\Users\Merlin\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
*****************
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IsMyWinLockerReboot => Value deleted successfully.
==== End of Fixlog ====
Wenn ich manche Programme öffne kommt die Fehlermlung: Die Anweisung 0x7415ee32 verweist auf Speicher 0x00000400. Der Vorgang written konnte nicht im Speicher durchgeführt werden. Die meisten lassen sich aber trotzdem öffnen. |
|
28.05.2014, 10:58
| #12 |
| /// the machine /// TB-Ausbilder | Virus!? Browser schließt, Programme nicht öffbar Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de Für das problem mit den programmen: Wurde der RAm und die HDD schon mal hardwareseitig auf Fehler geprüft?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.05.2014, 10:16
| #13 |
| | Virus!? Browser schließt, Programme nicht öffbar Na super, ich mache meinen PC an und einfach alles ist weg. Keine Programme mehr auf dem Desktop, und überhaupt keine Kacheln mehr auf der Windows 8 Startseite. Ich weiss nicht wie ich irgendeinen Browser öffnen soll da ich Chrome in der Bibliothek nicht finde und bei Internet Explorer kommt eine Fehlermeldung. Oh mein Gott es geht wieder... Den Revo Uninstaller musste ich von der offiziellen Seite runterladen da beim Download von Filepony immer mein Chrome abgestürzt ist. Ich kann Chrome nicht installieren da während diese Fehlermedlung aufploppt und der Installer sich schliest.  Und zu dem Problem mit den Programmen, nein es wurde noch nicht hardwareseitig überprüft. Kann das jedermann oder muss ich damit zu einem Fachmann? Mittlerweile glaube ich das es ein Hardwarefehler ist. Wenn ich den Rechner hochfahre kommt schon eine andere Hintergrundfarbe und wenn ich dann mein Passwort eingeben hab ist einfach alles weg, kein einziges Programm ist mehr. Gestern hab ich es anscheinend durch glücklichen Zufall geschafft, heute will es aber irgendwie nicht so... Hast du ne Ahnung wo der Fehler ist? |
|
30.05.2014, 09:40
| #14 |
| /// the machine /// TB-Ausbilder | Virus!? Browser schließt, Programme nicht öffbar Fachmann oder Laden, die haben die Werkzeuge dafür. ICh denke die Festplatte hat nen Macken.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Virus!? Browser schließt, Programme nicht öffbar |
| bestimmte, bestimmte seiten, bitdefender, browser stürzt ab, chip.de, fehlermeldung, fehlermeldungen, hallo zusammen, internet explorer, logdateien, problem, programm, programme, speicher, spyhunter, spyhunter entfernen, win32/adware.1clickdownload.ar, win32/adware.yontoo.b, windows |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
WARNUNG an die MITLESER: 
Linear-Darstellung
