| |
| |||||||
Log-Analyse und Auswertung: Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
30.06.2014, 14:52
| #1 |
| |  Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc.Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 30/06/2014 um 15:37:55
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Marko - MARCO-PC
# Gestartet von : C:\Users\Marko\Downloads\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : Mext Guard
Dienst Gelöscht : V-bates Updater
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\2308189059
Ordner Gelöscht : C:\Program Files\Optimizer Pro
Ordner Gelöscht : C:\Program Files\V-bates
Ordner Gelöscht : C:\Users\Marko\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip
Datei Gelöscht : C:\Windows\System32\Tasks\Mext Guard FBE8818C-5B13-48C2-A93E-AD731167DBF2
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23DF0724-2ACB-42DE-B947-3EC0A1DB220C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23DF0724-2ACB-42DE-B947-3EC0A1DB220C}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [V-bates]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\V-bates
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Startup_urls] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZbA,,
Gelöscht [Homepage] : hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uy24NiqVsjTaQ8QzBK289R7b4xmgB0Sq4buh5K1Tt32A_8roct6tKxxqazmYh-Nh9-p8m9ZaNHvmgsdblaSZwCKrwIpEqOyARn4RpFlro2HyQ6PNVeaFw-R1saC8CeWwnQ9uPO_l-GZNWCjuZbA,,
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : ljmibnagodajacnnbifpamhggcohblip
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc
*************************
AdwCleaner[R0].txt - [7857 octets] - [30/06/2014 15:36:49]
AdwCleaner[S0].txt - [5969 octets] - [30/06/2014 15:37:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6029 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x86
Ran by Marko on 30.06.2014 at 15:42:08,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\szonon0d.default-1403639191174\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.06.2014 at 15:45:39,35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02
Ran by Marko (administrator) on MARCO-PC on 30-06-2014 15:47:03
Running from C:\Users\Marko\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Marko\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174
FF Homepage: hxxp://my.ebay.de/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&gbh=1&guest=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Classic Theme Restorer - C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (No Name) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-05] (Avira Operations GmbH & Co. KG)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
R3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-05] (Avira GmbH)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-30 15:36 - 2014-06-30 15:38 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2014-05-04 21:29 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\Microsoft Help
2014-06-28 23:52 - 2014-05-04 18:33 - 00002078 _____ () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-28 23:52 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-28 23:52 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:35 - 2014-06-28 23:36 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:49 - 2014-06-27 16:59 - 00019553 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-27 16:48 - 2014-06-30 15:47 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-27 16:47 - 2014-06-30 15:47 - 00000000 ____D () C:\FRST
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 11:06 - 2014-06-22 12:17 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:52 - 2014-06-20 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:52 - 2014-06-20 21:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:51 - 2014-06-30 15:38 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:24 - 2014-06-17 14:25 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-20 11:08 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-15 11:00 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-13 22:35 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 22:35 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 22:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 22:35 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 22:35 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 22:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 22:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-06 03:03 - 2014-06-06 03:04 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
==================== One Month Modified Files and Folders =======
2014-06-30 15:47 - 2014-06-27 16:48 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-30 15:47 - 2014-06-27 16:47 - 00000000 ____D () C:\FRST
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:40 - 2014-05-04 18:50 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Skype
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:38 - 2014-06-30 15:36 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:38 - 2014-06-18 22:51 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-30 15:38 - 2014-05-02 12:52 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-30 15:38 - 2014-05-01 20:07 - 01474872 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 15:38 - 2010-11-20 23:48 - 00012448 _____ () C:\Windows\PFRO.log
2014-06-30 15:38 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 15:38 - 2009-07-14 06:39 - 00029388 _____ () C:\Windows\setupact.log
2014-06-30 15:38 - 2009-07-14 06:33 - 00406336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-30 15:34 - 2014-05-04 18:24 - 00107264 _____ () C:\Users\Marko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 15:14 - 2014-05-02 12:52 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-30 14:57 - 2014-05-02 12:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 14:25 - 2014-05-01 20:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 14:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-30 14:24 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-30 14:22 - 2010-11-21 02:47 - 00000000 ____D () C:\Windows\ShellNew
2014-06-30 14:22 - 2009-07-14 04:04 - 00000387 _____ () C:\Windows\win.ini
2014-06-30 03:00 - 2014-05-02 12:08 - 00135254 _____ () C:\Windows\IE11_main.log
2014-06-29 00:00 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:36 - 2014-06-28 23:35 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-28 13:10 - 2014-05-05 15:12 - 00000000 ____D () C:\Users\Marko\Desktop\Facebook Bilder
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:59 - 2014-06-27 16:49 - 00019553 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-26 21:42 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Steam
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 12:17 - 2014-06-22 11:06 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:57 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:54 - 2014-06-20 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 11:08 - 2014-06-15 11:00 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-20 11:08 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-19 09:43 - 2014-05-02 12:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:25 - 2014-06-17 14:24 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-15 10:59 - 2014-05-02 12:51 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 10:59 - 2014-05-02 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-14 11:13 - 2014-05-02 12:52 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 11:01 - 2014-05-06 08:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 23:39 - 2014-05-02 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 23:37 - 2014-05-02 14:01 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-13 22:35 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-13 22:35 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 03:04 - 2014-06-06 03:03 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-06 03:03 - 2014-05-04 16:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-06 03:03 - 2014-05-04 16:41 - 202227798 _____ () C:\Windows\MEMORY.DMP
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 16:07 - 2014-05-05 21:13 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Apple Computer
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 20:12 - 2014-05-19 20:30 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:51 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-31 21:28 - 2014-05-04 18:50 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 21:28 - 2014-05-04 18:49 - 00000000 ____D () C:\ProgramData\Skype
Some content of TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\avgnt.exe
C:\Users\Marko\AppData\Local\Temp\ose00000.exe
C:\Users\Marko\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 10:50
==================== End Of Log ============================
--- --- --- Hier die beiden neuen.Hab vergessen den Haken zu setzen. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02
Ran by Marko (administrator) on MARCO-PC on 30-06-2014 16:07:12
Running from C:\Users\Marko\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Akamai Technologies, Inc.) C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Marko\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3318738186-1022810780-812709103-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marko\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174
FF Homepage: hxxp://my.ebay.de/ws/eBayISAPI.dll?MyEbayBeta&MyEbay=&gbh=1&guest=1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Classic Theme Restorer - C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\szonon0d.default-1403639191174\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-06-24]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll No File
CHR Extension: (Google Docs) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google Drive) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google-Suche) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (No Name) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-06-18]
CHR Extension: (Google Wallet) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Google Mail) - C:\Users\Marko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-05] (Avira Operations GmbH & Co. KG)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-14] (NXP Semiconductors)
R3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [306016 2010-04-27] (Ralink Technology Corp.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-05] (Avira GmbH)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-30 15:50 - 2014-06-30 15:50 - 00028551 _____ () C:\Users\Marko\Desktop\FRST2.txt
2014-06-30 15:49 - 2014-06-30 15:49 - 00028551 _____ () C:\Users\Marko\Downloads\FRST2.txt
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-30 15:36 - 2014-06-30 15:38 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2014-05-04 21:29 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\Microsoft Help
2014-06-28 23:52 - 2014-05-04 18:33 - 00002078 _____ () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-06-28 23:52 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-28 23:52 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:35 - 2014-06-28 23:36 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:49 - 2014-06-30 16:05 - 00011550 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-27 16:48 - 2014-06-30 16:07 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-27 16:47 - 2014-06-30 16:07 - 00000000 ____D () C:\FRST
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 11:06 - 2014-06-22 12:17 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:52 - 2014-06-20 21:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:52 - 2014-06-20 21:54 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:51 - 2014-06-30 15:38 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:24 - 2014-06-17 14:25 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-20 11:08 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-15 11:00 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-13 22:35 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 22:35 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 22:35 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 22:35 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 22:35 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 22:35 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 22:35 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 22:35 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-06 03:03 - 2014-06-06 03:04 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
==================== One Month Modified Files and Folders =======
2014-06-30 16:07 - 2014-06-27 16:48 - 00010683 _____ () C:\Users\Marko\Downloads\FRST.txt
2014-06-30 16:07 - 2014-06-27 16:47 - 00000000 ____D () C:\FRST
2014-06-30 16:05 - 2014-06-27 16:49 - 00011550 _____ () C:\Users\Marko\Downloads\Addition.txt
2014-06-30 15:57 - 2014-05-02 12:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-30 15:50 - 2014-06-30 15:50 - 00028551 _____ () C:\Users\Marko\Desktop\FRST2.txt
2014-06-30 15:49 - 2014-06-30 15:49 - 00028551 _____ () C:\Users\Marko\Downloads\FRST2.txt
2014-06-30 15:46 - 2014-06-30 15:46 - 01073664 _____ (Farbar) C:\Users\Marko\Downloads\FRST(1).exe
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:46 - 2009-07-14 06:34 - 00026528 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-30 15:45 - 2014-06-30 15:45 - 00000840 _____ () C:\Users\Marko\Desktop\JRT.txt
2014-06-30 15:42 - 2014-06-30 15:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-30 15:42 - 2014-05-01 20:07 - 01474872 _____ () C:\Windows\WindowsUpdate.log
2014-06-30 15:41 - 2014-06-30 15:41 - 01016261 _____ (Thisisu) C:\Users\Marko\Downloads\JRT.exe
2014-06-30 15:40 - 2014-05-04 18:50 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Skype
2014-06-30 15:39 - 2014-06-30 15:39 - 00006109 _____ () C:\Users\Marko\Desktop\AdwCleaner[S0].txt
2014-06-30 15:38 - 2014-06-30 15:36 - 00000000 ____D () C:\AdwCleaner
2014-06-30 15:38 - 2014-06-18 22:51 - 00001037 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-30 15:38 - 2014-05-02 12:52 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-30 15:38 - 2010-11-20 23:48 - 00012448 _____ () C:\Windows\PFRO.log
2014-06-30 15:38 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-30 15:38 - 2009-07-14 06:39 - 00029388 _____ () C:\Windows\setupact.log
2014-06-30 15:38 - 2009-07-14 06:33 - 00406336 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-30 15:36 - 2014-06-30 15:36 - 01346519 _____ () C:\Users\Marko\Downloads\adwcleaner_3.214.exe
2014-06-30 15:34 - 2014-05-04 18:24 - 00107264 _____ () C:\Users\Marko\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-30 15:14 - 2014-05-02 12:52 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-30 14:25 - 2014-05-01 20:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-30 14:25 - 2014-05-01 20:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-30 14:25 - 2010-11-21 02:47 - 00000000 ____D () C:\Windows\ShellNew
2014-06-30 14:25 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-30 14:24 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-06-30 14:22 - 2009-07-14 04:04 - 00000387 _____ () C:\Windows\win.ini
2014-06-30 03:00 - 2014-05-02 12:08 - 00135254 _____ () C:\Windows\IE11_main.log
2014-06-29 00:00 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 23:52 - 2014-06-28 23:52 - 00000410 __RSH () C:\ProgramData\ntuser.pol
2014-06-28 23:52 - 2014-06-28 23:52 - 00000020 ___SH () C:\Users\Mcx1-MARCO-PC\ntuser.ini
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Startmenü
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Netzwerkumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Druckumgebung
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Musik
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\Documents\Eigene Bilder
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 _SHDL () C:\Users\Mcx1-MARCO-PC\AppData\Local\Verlauf
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC\AppData\Local\VirtualStore
2014-06-28 23:52 - 2014-06-28 23:52 - 00000000 ____D () C:\Users\Mcx1-MARCO-PC
2014-06-28 23:52 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Program Files\PlayReady
2014-06-28 23:42 - 2014-06-28 23:42 - 00000000 ____D () C:\Users\Marko\Desktop\stick
2014-06-28 23:36 - 2014-06-28 23:35 - 19012892 _____ () C:\Users\Marko\Downloads\11.Treffen-Nord-Forum.zip
2014-06-28 13:10 - 2014-05-05 15:12 - 00000000 ____D () C:\Users\Marko\Desktop\Facebook Bilder
2014-06-27 17:01 - 2014-06-27 17:01 - 00027675 _____ () C:\Users\Marko\Desktop\FRST.txt
2014-06-27 16:47 - 2014-06-27 16:47 - 01073152 _____ (Farbar) C:\Users\Marko\Downloads\FRST.exe
2014-06-27 16:42 - 2014-06-27 16:42 - 00003188 _____ () C:\Users\Marko\Desktop\Ereignisse.txt
2014-06-26 21:42 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Steam
2014-06-22 12:17 - 2014-06-22 12:17 - 00000000 ____D () C:\Windows\11TRFNRD Libs
2014-06-22 12:17 - 2014-06-22 11:06 - 11870260 _____ () C:\Windows\11TRFNRD.sCr
2014-06-22 11:06 - 2014-06-22 11:06 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\iScreensaver
2014-06-20 21:57 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-20 21:54 - 2014-06-20 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-06-20 21:52 - 2014-06-20 21:52 - 00002131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00002119 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-20 21:52 - 2014-06-20 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-20 21:50 - 2014-06-20 21:50 - 00961360 _____ (Chip Digital GmbH) C:\Users\Marko\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-20 11:08 - 2014-06-20 11:08 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-20 11:08 - 2014-06-15 11:00 - 00002010 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-06-20 11:08 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-20 10:31 - 2014-06-20 10:31 - 00682544 _____ () C:\Users\Marko\Downloads\jre-7u51-windows-i586.exe
2014-06-19 09:43 - 2014-05-02 12:48 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 23:06 - 2014-06-18 23:06 - 00001118 _____ () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-18 22:49 - 2014-06-18 22:49 - 00718497 _____ () C:\Windows\unins000.exe
2014-06-18 22:49 - 2014-06-18 22:49 - 00118256 _____ () C:\Windows\unins000.dat
2014-06-18 22:48 - 2014-06-18 22:48 - 00491825 _____ () C:\Users\Marko\Downloads\gimp-2.dmg
2014-06-18 22:48 - 2014-06-18 22:48 - 00403384 _____ (SPC LLC) C:\Users\Marko\Downloads\11.Treffen-Nord.exe
2014-06-18 14:40 - 2014-06-18 14:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 14:25 - 2014-06-17 14:24 - 00000000 ____D () C:\Users\Marko\AppData\Local\Adobe
2014-06-15 11:00 - 2014-06-15 11:00 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-15 10:59 - 2014-05-02 12:51 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 10:59 - 2014-05-02 12:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-14 11:13 - 2014-05-02 12:52 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-14 11:01 - 2014-05-06 08:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 23:39 - 2014-05-02 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 23:37 - 2014-05-02 14:01 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-08 10:48 - 2014-06-13 22:35 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-13 22:35 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 03:04 - 2014-06-06 03:03 - 00181080 _____ () C:\Windows\Minidump\060614-23562-01.dmp
2014-06-06 03:03 - 2014-05-04 16:42 - 00000000 ____D () C:\Windows\Minidump
2014-06-06 03:03 - 2014-05-04 16:41 - 202227798 _____ () C:\Windows\MEMORY.DMP
2014-06-05 16:07 - 2014-06-05 16:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-06-05 16:07 - 2014-05-05 21:13 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Apple Computer
2014-06-05 15:50 - 2014-06-05 15:50 - 00000000 ____D () C:\Windows\system32\Adobe
2014-06-01 20:12 - 2014-06-01 20:12 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Source.url
2014-06-01 20:12 - 2014-05-19 20:30 - 00000000 ____D () C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-01 19:36 - 2014-06-01 19:36 - 00000213 _____ () C:\Users\Marko\Desktop\Counter-Strike Global Offensive.url
2014-05-31 21:51 - 2014-05-19 19:55 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-05-31 21:28 - 2014-05-31 21:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-05-31 21:28 - 2014-05-04 18:50 - 00000000 ___RD () C:\Program Files\Skype
2014-05-31 21:28 - 2014-05-04 18:49 - 00000000 ____D () C:\ProgramData\Skype
Some content of TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\avgnt.exe
C:\Users\Marko\AppData\Local\Temp\ose00000.exe
C:\Users\Marko\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 10:50
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:28-06-2014 02
Ran by Marko at 2014-06-30 16:08:03
Running from C:\Users\Marko\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Program version 1.5 (HKLM\...\My Program_is1) (Version: 1.5 - )
Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Untitled Screensaver (HKLM\...\11.Treffen-Nord.SCR) (Version: 4.4.4.380 - iScreensaver.com Made with iScreensaver)
Windows Live Communications Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
==================== Restore Points =========================
22-06-2014 19:55:10 Windows Update
23-06-2014 20:33:24 Windows Update
24-06-2014 20:22:10 Windows Update
25-06-2014 21:02:41 Windows Update
26-06-2014 20:01:04 Windows Update
27-06-2014 22:06:00 Windows Update
28-06-2014 21:47:44 Windows Update
28-06-2014 22:37:01 Windows Update
30-06-2014 01:00:15 Windows Update
30-06-2014 12:20:07 Removed Microsoft Office Enterprise 2007
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {43D45E66-0319-4347-BB70-87F906593692} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {52927491-7BB1-494E-902A-5C4B81F71503} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {598D9DC0-F008-407E-9010-6E411993FD2E} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MARCO-PC => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {6CC0B133-166F-48F7-945A-AEA42E1EC9B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: {8D1AE354-4943-4CCA-8D23-62A25C1B8B55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-15] (Adobe Systems Incorporated)
Task: {A7E857F2-AF27-4BB2-B41D-CE22A7C3BAB1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {BD9CE5B5-F089-4AB4-BAB4-FAC70876B278} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {F70573A5-60B6-4FD9-A513-70042345D11F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-02] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-20 21:52 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-20 21:52 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-20 21:52 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-20 21:52 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-20 21:52 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-06-18 14:40 - 2014-06-18 14:40 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 3326.49 MB
Available physical RAM: 2279.76 MB
Total Pagefile: 6651.27 MB
Available Pagefile: 5381.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:116.42 GB) (Free:66.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 79E27FFE)
Partition 1: (Active) - (Size=116 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von Marco1907 (30.06.2014 um 15:08 Uhr) |
|
| Themen zu Win7/32 Bit- Mozilla Absturz/Diverse aufforderungen zur Aktualisierung von diversen Programmen etc. |
| adware.adgazelle, antivirenprogramm, kriterien, p.optional.vbateshelper.a, programme, pup.optional.vbates, suchmaschine, tr/dropper.msil.gen, tr/injector.agfb, tr/injector.agfe, win32/4shared.u, win32/downloadsponsor.a, win32/toolbar.bitcocktail.b, windows, windows 7 |
Hybrid-Darstellung
