| |
| |||||||
Log-Analyse und Auswertung: Windows 8/ Rechner hängt sich immer wieder aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.07.2014, 20:42
| #1 |
| |  Windows 8/ Rechner hängt sich immer wieder auf Hallo zusammen, ich habe vor paar Tagen ein Thema eröffnet, mir wurde geraten erst mal alle Scans durchzuführen. Ich hänge hier meine Logfiles hinzu. GMER hänge ich erst mal nicht an, er hat nichts gefunden! Ich hoffe es ist richtig! Ich bin mir nicht sicher! Falls noch etwas fehlt, einfach schreiben. Dankeschön. mein Text zu meinem Problem: ich weiß nicht mehr weiter, habe seit neuem einen Windows 8 Rechner, nach einigen Monaten fing es an, dass mein Internet immer wieder stehen geblieben ist " hat sich aufgehängt", es ging gar nichts mehr! Auch nach neuem Starten war es unmöglich. Komisch war.. am nächsten Tag ging es wieder für paar Stunden. Und nach einiger Zeit vielen immer mehr Sachen aus.. Meine offenen Websites konnte man nicht mehr richtig lesen (alles war verschoben). In Youtube konnte ich auf einmal keine Lieder mehr anklicken.. Auch wenn ich nicht im Internet war, sondern nur auf meinem Desktop blieb meine Maus stehen und es ging wieder nichts. Trotzdem kann ich immer wieder ins Internet mehrere Stunden ohne das es hängen bleibt. Achja.. teilweise zeigt es mir an, dass ich die Zeit überschritten habe? Neu laden.. bringt nichts. Seit ich den Rechner habe, habe ich nichts verändert an meinen Einstellungen. Könnte es an einem Virus liegen? oder fehlt mir eventuell ein Treiber oder etwas anderes? Habe sowohl den Internet Explorer als auch Mozilla, bei beiden habe ich das Problem. Sorry für den längeren Text  Vielen Dank schon mal.. Liebe Grüße Elisa Logfiles: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:29 on 03/07/2014 (Elisa)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Elisa (administrator) on PRINCESSLIZZY on 03-07-2014 19:34:34
Running from C:\Users\Elisa\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Elisa\AppData\Local\Smartbar\Application\SnapDo.exe [21536 2013-11-21] (Smartbar)
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [220992 2014-06-26] (Client Connect LTD)
AppInit_DLLs: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [155456 2013-12-15] ()
AppInit_DLLs-x32: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [182080 2014-06-26] (Client Connect LTD)
AppInit_DLLs-x32: C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files C:\Program Files (x86)\Amazon\Amazon1ButtonApp\\AmazonExtIE.dll => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\\AmazonExtIE.dll [138048 2013-12-15] ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=DE&userid=413b1010-1a5b-2598-2095-a9bddd9958ba&searchtype=ds&q={searchTerms}&installDate=14/01/2014
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPC98E90C9-2C7B-4B38-A854-0D4F41557A89&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&ISID=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=DE&userid=413b1010-1a5b-2598-2095-a9bddd9958ba&searchtype=ds&q={searchTerms}&installDate=14/01/2014
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://i.search.metacrawler.com/?f=1&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://i.search.metacrawler.com/?f=1&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir=
SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir=
SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir=
SearchScopes: HKLM - {78F63727-94FE-5EEB-6D5C-7F0354F5151E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=DE&userid=413b1010-1a5b-2598-2095-a9bddd9958ba&searchtype=ds&q={searchTerms}&installDate=14/01/2014
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=DE&userid=413b1010-1a5b-2598-2095-a9bddd9958ba&searchtype=ds&q={searchTerms}&installDate=14/01/2014
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPC98E90C9-2C7B-4B38-A854-0D4F41557A89&q={searchTerms}&SSPV=
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYBTU&co=DE&userid=413b1010-1a5b-2598-2095-a9bddd9958ba&searchtype=ds&q={searchTerms}&installDate=14/01/2014
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPC98E90C9-2C7B-4B38-A854-0D4F41557A89&q={searchTerms}&SSPV=
BHO: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE64.dll (Amazon Inc.)
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Re-markit - {0f03b11d-409d-4280-8e9a-1eba82866e4e} - C:\Program Files (x86)\Re-markit\135.dll ()
BHO-x32: The Amazon 1Button App for IE - {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonAppIE.dll (Amazon Inc.)
BHO-x32: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: metacrawler Helper Object - {D4EF7D75-52C9-4BCE-B6DC-0976EFAB4B0B} - C:\Program Files (x86)\metaCrawler\1.8.19.0\bh\metacrawler.dll (Info Space)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - metacrawler Toolbar - {7EACAC38-B7F6-4514-9DC1-3428A7964ABD} - C:\Program Files (x86)\metaCrawler\1.8.19.0\metacrawlerTlbr.dll (Info Space)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-10]
FF HKLM-x32\...\Firefox\Extensions: [12x3q4@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files (x86)\Better-Surf\ff [2013-12-07]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF Extension: Better Surf Plus - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [2013-12-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha7546.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha7546\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha7546\ff [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta116.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta116\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta116\ff [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha1615.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha1615\ff
FF Extension: Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha1615\ff [2014-02-14]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha581.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha581\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha581\ff [2014-02-24]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3224.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3224\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3224\ff [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5666.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5666\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5666\ff [2014-03-16]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home9575.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9575\ff
FF Extension: Media Watch - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9575\ff [2014-03-24]
FF HKLM-x32\...\Firefox\Extensions: [ext@RichMediaViewV1release919.net] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release919\ff
FF Extension: Rich Media View - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release919\ff [2014-05-13]
FF HKCU\...\Firefox\Extensions: [{b0b5a63d-7609-4029-823b-9a3acc4bd1ff}] - C:\Program Files (x86)\Re-markit\135.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit\135.xpi [2013-11-21]
==================== Services (Whitelisted) =================
S2 70e6ca8c; c:\program files (x86)\optimizer pro\optprocrashSvc.dll [190616 2013-11-21] ()
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-04] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2832704 2014-06-26] (Client Connect LTD)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe [14760 2013-01-11] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131023.001\IDSvia64.sys [521816 2013-10-18] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-26] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-03 19:34 - 2014-07-03 19:35 - 00028388 _____ () C:\Users\Elisa\Downloads\FRST.txt
2014-07-03 19:34 - 2014-07-03 19:34 - 00000000 ____D () C:\FRST
2014-07-03 19:33 - 2014-07-03 19:34 - 02083840 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe
2014-07-03 19:29 - 2014-07-03 19:29 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger(1).exe
2014-07-03 19:27 - 2014-07-03 19:29 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log
2014-07-03 19:27 - 2014-07-03 19:27 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe
2014-07-03 19:27 - 2014-07-03 19:27 - 00000000 _____ () C:\Users\Elisa\defogger_reenable
2014-07-03 10:42 - 2014-07-03 10:42 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-02 14:50 - 2014-07-02 14:52 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db
2014-07-02 14:25 - 2014-07-02 15:24 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen Juli
2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Elisa\Desktop\Mobile
2014-07-01 18:28 - 2014-07-01 18:40 - 00001606 _____ () C:\windows\setupact.log
2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 _____ () C:\windows\setuperr.log
2014-06-18 19:56 - 2014-06-30 22:52 - 00001516 _____ () C:\windows\PFRO.log
2014-06-17 15:57 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia
2014-06-17 15:56 - 2014-07-03 10:57 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 15:56 - 2014-06-17 15:56 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-06-17 15:53 - 2014-06-26 23:20 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014
2014-06-17 13:00 - 2014-07-03 19:21 - 00727199 _____ () C:\windows\WindowsUpdate.log
2014-06-15 15:42 - 2014-06-15 15:44 - 04961831 _____ () C:\Users\Elisa\Downloads\ccsetup414.zip
2014-06-15 14:58 - 2014-06-15 14:59 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla
2014-06-15 14:58 - 2014-06-15 14:59 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla
2014-06-15 14:58 - 2014-06-15 14:58 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-15 14:58 - 2014-06-15 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-14 09:00 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-14 09:00 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-12 20:37 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 20:37 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 20:37 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 20:37 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 20:37 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 20:37 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 20:36 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 20:36 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 20:36 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 20:36 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 20:36 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 20:36 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 20:36 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 20:36 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 20:36 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 20:36 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 20:36 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 20:36 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 20:36 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 20:35 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-12 20:35 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-12 20:35 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-12 20:35 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 20:35 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-12 20:35 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 20:35 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 20:35 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 20:35 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 20:35 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 20:35 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 20:35 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 20:35 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 20:35 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 20:35 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-12 20:34 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 20:34 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-12 20:34 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-12 20:34 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-12 20:34 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-12 20:34 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-12 20:34 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-12 20:34 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-12 20:34 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-12 20:31 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 20:31 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 20:31 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
==================== One Month Modified Files and Folders =======
2014-07-03 19:35 - 2014-07-03 19:34 - 00028388 _____ () C:\Users\Elisa\Downloads\FRST.txt
2014-07-03 19:34 - 2014-07-03 19:34 - 00000000 ____D () C:\FRST
2014-07-03 19:34 - 2014-07-03 19:33 - 02083840 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe
2014-07-03 19:29 - 2014-07-03 19:29 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger(1).exe
2014-07-03 19:29 - 2014-07-03 19:27 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log
2014-07-03 19:27 - 2014-07-03 19:27 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe
2014-07-03 19:27 - 2014-07-03 19:27 - 00000000 _____ () C:\Users\Elisa\defogger_reenable
2014-07-03 19:27 - 2013-08-24 16:13 - 00000000 ____D () C:\Users\Elisa
2014-07-03 19:21 - 2014-06-17 13:00 - 00727199 _____ () C:\windows\WindowsUpdate.log
2014-07-03 19:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-07-03 19:11 - 2013-01-25 20:54 - 00795786 _____ () C:\windows\system32\perfh007.dat
2014-07-03 19:11 - 2013-01-25 20:54 - 00173668 _____ () C:\windows\system32\perfc007.dat
2014-07-03 19:11 - 2012-07-26 09:28 - 01858740 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-03 19:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-03 19:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-03 11:03 - 2013-11-21 19:03 - 00000334 _____ () C:\windows\Tasks\MetaCrawler.job
2014-07-03 10:57 - 2014-06-17 15:56 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 10:44 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon
2014-07-03 10:42 - 2014-07-03 10:42 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-03 10:42 - 2013-11-21 18:11 - 00000412 _____ () C:\windows\Tasks\Re-markit Update.job
2014-07-03 10:42 - 2013-11-21 18:11 - 00000356 _____ () C:\windows\Tasks\AmiUpdXp.job
2014-07-03 10:42 - 2013-01-25 04:48 - 00000868 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-07-02 16:25 - 2014-01-10 00:24 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbung 2014
2014-07-02 15:24 - 2014-07-02 14:25 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen Juli
2014-07-02 14:59 - 2013-08-24 16:13 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Packages
2014-07-02 14:52 - 2014-07-02 14:50 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db
2014-07-02 14:52 - 2014-01-23 15:32 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen
2014-07-01 18:40 - 2014-07-01 18:28 - 00001606 _____ () C:\windows\setupact.log
2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Elisa\Desktop\Mobile
2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 _____ () C:\windows\setuperr.log
2014-07-01 11:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-06-30 22:55 - 2013-08-25 11:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\CrashDumps
2014-06-30 22:53 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-30 22:52 - 2014-06-18 19:56 - 00001516 _____ () C:\windows\PFRO.log
2014-06-30 19:39 - 2014-02-04 18:37 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-26 23:20 - 2014-06-17 15:53 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014
2014-06-25 16:42 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-06-19 12:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-06-17 15:57 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia
2014-06-17 15:56 - 2014-06-17 15:56 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-06-17 13:27 - 2013-08-24 20:16 - 00462336 ___SH () C:\Users\Elisa\Downloads\Thumbs.db
2014-06-17 13:24 - 2013-08-24 16:23 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001
2014-06-15 15:47 - 2014-01-14 13:04 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-15 15:46 - 2012-08-06 00:07 - 00000000 ____D () C:\windows\Panther
2014-06-15 15:44 - 2014-06-15 15:42 - 04961831 _____ () C:\Users\Elisa\Downloads\ccsetup414.zip
2014-06-15 14:59 - 2014-06-15 14:58 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla
2014-06-15 14:59 - 2014-06-15 14:58 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla
2014-06-15 14:58 - 2014-06-15 14:58 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-15 14:58 - 2014-06-15 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 10:00 - 2013-01-25 04:48 - 00000870 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-06-12 21:54 - 2013-08-25 12:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 21:54 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-06-12 21:49 - 2013-08-25 12:24 - 00000000 ____D () C:\windows\system32\MRT
2014-06-12 21:42 - 2013-08-25 12:24 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-04 12:10 - 2014-04-07 18:57 - 00000000 ____D () C:\Users\Elisa\Desktop\Anlage 1
2014-06-04 12:10 - 2014-03-06 12:51 - 00000000 ____D () C:\Users\Elisa\Desktop\Anlage 2
2014-06-04 11:19 - 2014-03-15 10:59 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-06-04 11:19 - 2014-03-15 10:59 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Elisa\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-25 16:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Elisa at 2014-07-03 19:36:27
Running from C:\Users\Elisa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
7-PDF Split & Merge Version 2.2.0 (Build 145) (HKLM-x32\...\7-PDF Split & Merge_is1) (Version: 7-PDF Split & Merge - Version 2.2.0 (Build 145) - 7-PDF, Germany - Thorsten Hodes)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{54AA7C11-54B7-4BD8-84B2-85873B5C7A04}) (Version: 1.0.4 - Amazon)
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D1FE6D8B-E5EE-5205-3E53-CDA000257D99}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Better Surf Plus (HKLM-x32\...\Better Surf Plus) (Version: 1.1 - Better Surf) <==== ATTENTION
Bitcasa version 0.9.20.4133 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4133 - Bitcasa Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Codec Pack Packages (HKCU\...\Codec Pack Packages) (Version: - ) <==== ATTENTION
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1912 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Help Desk (HKLM\...\{3D85CD3F-00E0-4E14-82D6-1F9397DDD09B}) (Version: 1.0.8 - Samsung Electronics CO., LTD.)
HP Deskjet 2510 series - Grundlegende Software für das Gerät (HKLM\...\{288614B1-F070-4B47-A1F5-4790BD8A3176}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Hilfe (HKLM-x32\...\{07B48D2C-E60D-41E6-B546-11D128F633EC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Leistungstools für Visual Studio 2013 (HKLM-x32\...\{927a7474-2266-44df-8dd2-ce8b35ffafd4}) (Version: 12.0.21005.1 - Microsoft Corporation)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Media Player (HKLM-x32\...\MediaPlayerV1alpha1615) (Version: 1.1 - Media Player) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha3224) (Version: 1.1 - Media View) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha5666) (Version: 1.1 - Media View) <==== ATTENTION
Media Viewer (HKLM-x32\...\MediaViewerV1alpha581) (Version: 1.1 - Media Viewer) <==== ATTENTION
Media Watch (HKLM-x32\...\MediaWatchV1home9575) (Version: 1.1 - Media Watch) <==== ATTENTION
metaCrawler (HKLM-x32\...\metaCrawler) (Version: - metaCrawler) <==== ATTENTION
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone - DEU (x32 Version: 6.2.960.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - DEU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.0 (x32 Version: 15.0.516.14 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 ToolsRes - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2013 CoreRes - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.0 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools für Microsoft Visual Studio (x64) - DEU Sprachpaket (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools für Visual Studio DEU Sprachpaket (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64 Native Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64-arm Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64-x86 Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone - DEU Resources (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers For Windows Phone (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries For Windows Phone (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2013 Add-in for Windows Phone (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTraceLoc (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTraceLoc (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Add-In für Windows Phone - DEU Sprachpaket (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{3ea69e8e-ae6e-445b-bc1d-809ecb789ec4}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Developer Tools 2013 - Visual Studio 2013 - deu (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft Web Developer Tools 2013 - Visual Studio 2013 (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.4.0.40 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - PC Utilities Software Limited) <==== ATTENTION
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.216 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.7.2 - Samsung Electronics CO., LTD.)
Re-markit (HKLM-x32\...\{ea7fa9ad-26fe-499a-bdc2-c6498a9e085c}) (Version: - Re-markit Software) <==== ATTENTION
Rich Media View (HKLM-x32\...\RichMediaViewV1release919) (Version: 1.1 - Rich Media View) <==== ATTENTION
S Agent (Version: 1.0.9 - Samsung Electronics CO., LTD.) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.15.11.3 - Client Connect LTD) <==== ATTENTION
Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Snap.Do (HKLM-x32\...\{44CB23D6-6C05-4730-B53C-E2DF4228E1DB}) (Version: 11.10.1.13636 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{bcf86414-346f-4a05-807b-171ad2944580}) (Version: 11.10.1.13636 - ReSoft Ltd.) <==== ATTENTION
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
Studie zur Verbesserung von HP Deskjet 2510 series Produkten (HKLM\...\{96EFECB7-6359-4D6A-B3FE-4A3CE0B6444F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Support Center (HKLM\...\{3EB3E946-FB88-45C2-A19B-410D254657D9}) (Version: 2.1.20 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.6 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{F5B5BA56-8FEB-494B-84E6-C8DA9C2BEE50}) (Version: 2.1.6 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.14.2 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{C7588111-1A12-4EFE-8CA0-DA4344480D92}) (Version: 1.4.00 - Samsung Electronics CO., LTD.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTION
Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 SDK Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites - DEU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
Vs2012 Verification SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Vs2012 Verification SDK Coreres (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Webexp Enhanced (HKLM-x32\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced) <==== ATTENTION
Windows 8 Development Essentials (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools für Visual Studio 2013 Preview Language Pack - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch für Visual Studio 2013 - $(var.OOBPublishVersion) (DEU) (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Phone 8.0 Emulation Host (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (ARM) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone 8.0 Managed SDK Profiler (X86) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone Emulator 8.0-Konfiguration - deu (x32 Version: 11.0.60830 - Microsoft Corporation) Hidden
Windows Phone SDK 8.0-Assemblys - deu (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Phone*8.0-Emulations-Images - deu (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Windows Phone-Tools-Finalizer - deu (Version: 11.0.60610 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - de-de (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
15-06-2014 12:39:49 TuneUp Utilities 2014 wird entfernt
25-06-2014 16:56:34 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {06A4AD44-E164-481C-97E7-4FD0C13BE49F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-11-30] (Samsung Electronics CO., LTD.)
Task: {11694C7C-614C-473D-B98B-186B558DA71B} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {19E7604D-5F98-4CF1-9297-0ECF24D8C9CF} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {36057DFE-E13F-4025-90F1-D5CF7BA5C0E4} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {37A81A1B-55C2-4970-ADF2-6D03B8C46AE6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {45878A21-5B85-4C68-8637-EE67696E63C4} - System32\Tasks\MetaCrawler => C:\Users\Elisa\AppData\Roaming\MetaCrawler\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {463677CD-9120-4C87-BF58-35518556A1D5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-06-12] (Microsoft Corporation)
Task: {48D983CF-EADD-4323-B47E-BD35934FDE0F} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {4AA7E9A4-D73C-4C6B-B81F-A2852332C3C1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-10-16] (Synaptics Incorporated)
Task: {59ED68AC-CE6F-4B61-BE58-F596EDEDC4DE} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-10-25] (Samsung Electronics CO., LTD.)
Task: {5E786D58-0979-4A21-93C1-7D88145B75F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {69B5829A-2A3F-4578-9042-AEF18736F613} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-10-15] (SEC)
Task: {6E48F844-22D1-44F3-8857-7D0452415727} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {ADA89FAB-E8E2-435A-AB7E-DC6BEBA6F51B} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: {B4E8F285-0E25-4158-A5D3-E244627D6D72} - System32\Tasks\HPCustParticipation HP Deskjet 2510 series => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CB3A8FBE-1BD5-493B-B903-5857F020954C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {D24B5840-4D02-41D3-AB6C-11DC65E17353} - System32\Tasks\AmiUpdXp => C:\Users\Elisa\AppData\Local\SwvUpdater\Updater.exe [2013-11-21] (Amonetizé Ltd) <==== ATTENTION
Task: {DDCA58F2-BEDA-4A01-AE07-F0DDE148E3E8} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ED99E926-F549-4342-8390-B94BF31FE284} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AmiUpdXp.job => C:\Users\Elisa\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\MetaCrawler.job => C:\Users\Elisa\AppData\Roaming\MetaCrawler\UpdateProc\UpdateTask.exe
Task: C:\windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\ReMarkit_up.exe <==== ATTENTION
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2013-03-21 20:24 - 2013-03-21 20:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2012-11-30 09:26 - 2012-11-30 09:26 - 00082312 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-12-05 13:44 - 2012-12-05 13:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-12-05 13:39 - 2012-12-05 13:39 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-12-05 13:41 - 2012-12-05 13:41 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-05 13:44 - 2012-12-05 13:44 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-09-17 10:23 - 2012-09-17 10:23 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-29 02:23 - 2013-08-29 02:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-08-06 04:54 - 2012-08-06 04:54 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-14 12:33 - 2014-05-14 12:33 - 00176048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-01-11 22:05 - 2013-01-11 22:05 - 00228264 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbPc.DLL
2014-02-19 21:43 - 2014-02-19 21:43 - 00017920 _____ () C:\windows\assembly\NativeImages_v4.0.30319_32\PSIClient\1f346ce407da3d9a13687e3831b2f58c\PSIClient.ni.dll
2013-01-25 04:47 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 01068664 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-11-30 09:26 - 2012-11-30 09:26 - 00103032 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2013-01-25 05:07 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-08-29 02:25 - 2013-08-29 02:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-06-15 14:58 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:373E1720
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 04:26:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10359
Error: (07/02/2014 04:26:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10359
Error: (07/02/2014 04:26:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/01/2014 05:26:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15687
Error: (07/01/2014 05:26:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15687
Error: (07/01/2014 05:26:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/30/2014 10:58:48 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (06/30/2014 10:55:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.8.1.36353, Zeitstempel: 0x4f8c314b
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6ca6deed
ID des fehlerhaften Prozesses: 0xf18
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
Error: (06/30/2014 10:54:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.8.1.36353, Zeitstempel: 0x4f8c314b
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x6ca876d4
ID des fehlerhaften Prozesses: 0xf18
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
Error: (06/30/2014 07:33:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ismagent.exe, Version: 1.8.1.36353, Zeitstempel: 0x4f8c314b
Name des fehlerhaften Moduls: dlnashext.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5010975d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6593635b
ID des fehlerhaften Prozesses: 0x51b4
Startzeit der fehlerhaften Anwendung: 0xismagent.exe0
Pfad der fehlerhaften Anwendung: ismagent.exe1
Pfad des fehlerhaften Moduls: ismagent.exe2
Berichtskennung: ismagent.exe3
Vollständiger Name des fehlerhaften Pakets: ismagent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ismagent.exe5
System errors:
=============
Error: (07/03/2014 11:04:45 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/02/2014 06:16:26 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/02/2014 05:54:06 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/01/2014 02:26:29 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (06/30/2014 10:53:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 30.06.2014 um 22:41:49 unerwartet heruntergefahren.
Error: (06/30/2014 08:36:10 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (06/30/2014 07:58:48 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (06/26/2014 06:16:25 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (06/26/2014 03:31:41 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (06/25/2014 04:43:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet:
%%2147500037
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-03-14 17:24:10.807
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe with signing level Unsigned while the system requires signing level 6 or better to load.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 3982.93 MB
Available physical RAM: 2389.3 MB
Total Pagefile: 8846.94 MB
Available Pagefile: 6320.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:436.5 GB) (Free:367.61 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
05.07.2014, 22:09
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8/ Rechner hängt sich immer wieder auf hi,
__________________Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ |
|
06.07.2014, 11:42
| #3 |
| | Windows 8/ Rechner hängt sich immer wieder auf Hallo,
__________________also Revo Uninstaller habe ich gemacht, jedoch nichts gefunden und habe mit Malewarebytes weiter gemacht und die anderen Scans durchgeführt. Mein Avira hat einen Fehler in meiner ARK Library gefunden, konnte leider den Logfile nicht anhängen. Danke für die schnelle Antwort! hier meine Logfiles Malewarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 06.07.2014 10:57:19, SYSTEM, PRINCESSLIZZY, Protection, Malware Protection, Starting, Protection, 06.07.2014 10:57:19, SYSTEM, PRINCESSLIZZY, Protection, Malware Protection, Started, Protection, 06.07.2014 10:57:19, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Starting, Protection, 06.07.2014 10:57:19, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Started, Update, 06.07.2014 10:57:23, SYSTEM, PRINCESSLIZZY, Manual, Rootkit Database, 2014.2.20.1, 2014.7.3.1, Update, 06.07.2014 10:57:45, SYSTEM, PRINCESSLIZZY, Manual, Malware Database, 2014.3.4.9, 2014.7.6.3, Protection, 06.07.2014 10:58:04, SYSTEM, PRINCESSLIZZY, Protection, Refresh, Starting, Protection, 06.07.2014 10:58:04, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Stopping, Protection, 06.07.2014 10:58:05, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Stopped, Protection, 06.07.2014 10:58:10, SYSTEM, PRINCESSLIZZY, Protection, Refresh, Success, Protection, 06.07.2014 10:58:10, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Starting, Protection, 06.07.2014 10:58:10, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Started, Protection, 06.07.2014 11:27:58, SYSTEM, PRINCESSLIZZY, Protection, Malware Protection, Starting, Protection, 06.07.2014 11:27:58, SYSTEM, PRINCESSLIZZY, Protection, Malware Protection, Started, Protection, 06.07.2014 11:27:58, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Starting, Protection, 06.07.2014 11:28:41, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Failed, Error, 06.07.2014 11:28:41, SYSTEM, PRINCESSLIZZY, Protection, MWAC::CreateList - Block List, 3221225473, Protection, 06.07.2014 11:30:07, SYSTEM, PRINCESSLIZZY, Protection, Malware Protection, Starting, Protection, 06.07.2014 11:30:07, SYSTEM, PRINCESSLIZZY, Protection, Malware Protection, Started, Protection, 06.07.2014 11:30:07, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Starting, Protection, 06.07.2014 11:31:24, SYSTEM, PRINCESSLIZZY, Protection, Malicious Website Protection, Started, (end) Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 06/07/2014 um 11:42:04
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Elisa - PRINCESSLIZZY
# Gestartet von : C:\Users\Elisa\Downloads\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : 70e6ca8c
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\DiisCoUntLocatoor
Ordner Gelöscht : C:\ProgramData\WowCoooupon
Ordner Gelöscht : C:\Program Files (x86)\Amazon Browser Bar
Ordner Gelöscht : C:\Program Files (x86)\CSBrowserHelper
Ordner Gelöscht : C:\Program Files (x86)\MediaPlayerV1
Ordner Gelöscht : C:\Program Files (x86)\MediaViewerV1
Ordner Gelöscht : C:\Program Files (x86)\MediaViewV1
Ordner Gelöscht : C:\Program Files (x86)\MediaWatchV1
Ordner Gelöscht : C:\Program Files (x86)\MetaCrawler
Ordner Gelöscht : C:\Program Files (x86)\RichMediaViewV1
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\VideoPlayerV3
Ordner Gelöscht : C:\windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Elisa\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\Elisa\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Elisa\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\Elisa\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\Elisa\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gelöscht : C:\Users\Elisa\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Elisa\AppData\Roaming\MetaCrawler
Ordner Gelöscht : C:\Users\Elisa\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Elisa\Documents\Optimizer Pro
Datei Gelöscht : C:\END
Datei Gelöscht : C:\windows\System32\Tasks\GoforFilesUpdate
Datei Gelöscht : C:\windows\Tasks\MetaCrawler.job
Datei Gelöscht : C:\windows\System32\Tasks\MetaCrawler
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Elisa\Desktop\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Elisa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4EF7D75-52C9-4BCE-B6DC-0976EFAB4B0B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4EF7D75-52C9-4BCE-B6DC-0976EFAB4B0B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4EF7D75-52C9-4BCE-B6DC-0976EFAB4B0B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4EF7D75-52C9-4BCE-B6DC-0976EFAB4B0B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\GoforFiles
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\BetterSurf
Schlüssel Gelöscht : HKLM\Software\GoforFiles
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\MediaPlayerV1
Schlüssel Gelöscht : HKLM\Software\MediaViewerV1
Schlüssel Gelöscht : HKLM\Software\MediaViewV1
Schlüssel Gelöscht : HKLM\Software\MediaWatchV1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16921
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [11169 octets] - [06/07/2014 11:41:11]
AdwCleaner[S0].txt - [9817 octets] - [06/07/2014 11:42:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9877 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Elisa on 06.07.2014 at 11:52:08,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
~~~ FireFox
Emptied folder: C:\Users\Elisa\AppData\Roaming\mozilla\firefox\profiles\dcxcqb2t.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.07.2014 at 12:06:41,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by Elisa (administrator) on PRINCESSLIZZY on 06-07-2014 12:31:07 Running from C:\Users\Elisa\Downloads Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Thisisu) C:\Users\Elisa\Downloads\JRT.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] () HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-07-05] () AppInit_DLLs-x32: C:\Program Files => C:\Program Files [0 2014-07-05] () SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir= SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir= SearchScopes: HKLM - {78F63727-94FE-5EEB-6D5C-7F0354F5151E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) Toolbar: HKLM-x32 - metacrawler Toolbar - {7EACAC38-B7F6-4514-9DC1-3428A7964ABD} - C:\Program Files (x86)\metaCrawler\1.8.19.0\metacrawlerTlbr.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-15] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn [2014-02-15] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF [2013-10-09] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-10] FF HKCU\...\Firefox\Extensions: [{b0b5a63d-7609-4029-823b-9a3acc4bd1ff}] - C:\Program Files (x86)\Re-markit\135.xpi ==================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.) S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation) R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation) S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131023.001\IDSvia64.sys [521816 2013-10-18] (Symantec Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\ENG64.SYS [126040 2013-08-29] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\EX64.SYS [2099288 2013-08-29] (Symantec Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation) S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation) S3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation) S3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation) S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-26] (Symantec Corporation) S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation) S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-06 12:31 - 2014-07-06 12:31 - 00020684 _____ () C:\Users\Elisa\Downloads\FRST.txt 2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe 2014-07-06 12:30 - 2014-07-06 12:30 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion 2014-07-06 12:28 - 2014-07-06 12:28 - 00000809 _____ () C:\Users\Elisa\Downloads\JRT.txt 2014-07-06 12:06 - 2014-07-06 12:06 - 00000809 _____ () C:\Users\Elisa\Desktop\JRT.txt 2014-07-06 11:52 - 2014-07-06 11:52 - 00000000 ____D () C:\windows\ERUNT 2014-07-06 11:51 - 2014-07-06 11:51 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe 2014-07-06 11:46 - 2014-07-06 11:46 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-06 11:42 - 2014-07-06 11:42 - 00001118 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-07-06 11:42 - 2014-07-06 11:42 - 00001088 _____ () C:\Users\Elisa\Desktop\Search.lnk 2014-07-06 11:39 - 2014-07-06 11:42 - 00000000 ____D () C:\AdwCleaner 2014-07-06 11:38 - 2014-07-06 11:39 - 01346519 _____ () C:\Users\Elisa\Downloads\adwcleaner_3.214.exe 2014-07-06 11:35 - 2014-07-06 11:35 - 00002245 _____ () C:\Users\Elisa\Downloads\mbam.txt 2014-07-06 11:07 - 2014-07-06 11:07 - 00058046 _____ () C:\Users\Elisa\Documents\AVSCAN-20140705-212341-18F8F23A avira.txt 2014-07-06 10:57 - 2014-07-06 11:45 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-06 10:57 - 2014-07-06 10:57 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-06 10:57 - 2014-07-06 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-06 10:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-07-06 10:56 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-07-06 10:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-07-06 10:55 - 2014-07-06 10:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Elisa\Downloads\revosetup95.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 00001292 _____ () C:\Users\Elisa\Desktop\Revo Uninstaller.lnk 2014-07-06 10:48 - 2014-07-06 10:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-05 23:02 - 2014-07-05 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-07-05 22:19 - 2014-07-05 22:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files 2014-07-05 22:16 - 2014-07-05 22:19 - 233071424 _____ () C:\Users\Elisa\Downloads\kav14.0.0.4651abcdefg_de_6139.exe 2014-07-05 21:05 - 2014-07-05 21:05 - 00000000 _____ () C:\Users\Elisa\Downloads\Gmer.txt 2014-07-05 20:48 - 2014-07-05 20:48 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe 2014-07-03 19:36 - 2014-07-03 19:37 - 00059395 _____ () C:\Users\Elisa\Downloads\Addition.txt 2014-07-03 19:34 - 2014-07-06 12:31 - 00000000 ____D () C:\FRST 2014-07-03 19:29 - 2014-07-03 19:29 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger(1).exe 2014-07-03 19:27 - 2014-07-03 19:29 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log 2014-07-03 19:27 - 2014-07-03 19:27 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe 2014-07-03 19:27 - 2014-07-03 19:27 - 00000000 _____ () C:\Users\Elisa\defogger_reenable 2014-07-02 14:50 - 2014-07-02 14:52 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db 2014-07-02 14:25 - 2014-07-02 15:24 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen Juli 2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Elisa\Desktop\Mobile 2014-07-01 18:28 - 2014-07-01 18:40 - 00001606 _____ () C:\windows\setupact.log 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 _____ () C:\windows\setuperr.log 2014-06-18 19:56 - 2014-07-06 11:42 - 00001826 _____ () C:\windows\PFRO.log 2014-06-17 15:57 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia 2014-06-17 15:56 - 2014-07-06 11:57 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-06-17 15:56 - 2014-06-17 15:56 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-06-17 15:53 - 2014-06-26 23:20 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014 2014-06-17 13:00 - 2014-07-06 11:01 - 00806714 _____ () C:\windows\WindowsUpdate.log 2014-06-15 15:42 - 2014-06-15 15:44 - 04961831 _____ () C:\Users\Elisa\Downloads\ccsetup414.zip 2014-06-15 14:58 - 2014-06-15 14:59 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla 2014-06-15 14:58 - 2014-06-15 14:59 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla 2014-06-15 14:58 - 2014-06-15 14:58 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-15 14:58 - 2014-06-15 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-14 09:00 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-06-14 09:00 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-12 20:37 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-12 20:37 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-12 20:37 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-12 20:37 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-12 20:37 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-12 20:37 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-12 20:36 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-12 20:36 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-12 20:36 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-12 20:36 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-12 20:36 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-12 20:36 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-12 20:36 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-12 20:36 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-12 20:35 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll 2014-06-12 20:35 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-12 20:35 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-12 20:35 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-12 20:35 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll 2014-06-12 20:34 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-12 20:34 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2014-06-12 20:34 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-06-12 20:34 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2014-06-12 20:34 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys 2014-06-12 20:34 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2014-06-12 20:34 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml 2014-06-12 20:34 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe 2014-06-12 20:34 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe 2014-06-12 20:31 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-12 20:31 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-12 20:31 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll ==================== One Month Modified Files and Folders ======= 2014-07-06 12:31 - 2014-07-06 12:31 - 00020684 _____ () C:\Users\Elisa\Downloads\FRST.txt 2014-07-06 12:31 - 2014-07-03 19:34 - 00000000 ____D () C:\FRST 2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe 2014-07-06 12:30 - 2014-07-06 12:30 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion 2014-07-06 12:29 - 2013-01-25 20:54 - 00795786 _____ () C:\windows\system32\perfh007.dat 2014-07-06 12:29 - 2013-01-25 20:54 - 00173668 _____ () C:\windows\system32\perfc007.dat 2014-07-06 12:29 - 2012-07-26 09:28 - 01858740 _____ () C:\windows\system32\PerfStringBackup.INI 2014-07-06 12:28 - 2014-07-06 12:28 - 00000809 _____ () C:\Users\Elisa\Downloads\JRT.txt 2014-07-06 12:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job 2014-07-06 12:06 - 2014-07-06 12:06 - 00000809 _____ () C:\Users\Elisa\Desktop\JRT.txt 2014-07-06 12:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru 2014-07-06 11:57 - 2014-06-17 15:56 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-07-06 11:52 - 2014-07-06 11:52 - 00000000 ____D () C:\windows\ERUNT 2014-07-06 11:51 - 2014-07-06 11:51 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe 2014-07-06 11:48 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon 2014-07-06 11:46 - 2014-07-06 11:46 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-06 11:45 - 2014-07-06 10:57 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-06 11:43 - 2013-01-25 04:48 - 00000868 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2014-07-06 11:43 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-07-06 11:42 - 2014-07-06 11:42 - 00001118 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-07-06 11:42 - 2014-07-06 11:42 - 00001088 _____ () C:\Users\Elisa\Desktop\Search.lnk 2014-07-06 11:42 - 2014-07-06 11:39 - 00000000 ____D () C:\AdwCleaner 2014-07-06 11:42 - 2014-06-18 19:56 - 00001826 _____ () C:\windows\PFRO.log 2014-07-06 11:42 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI 2014-07-06 11:39 - 2014-07-06 11:38 - 01346519 _____ () C:\Users\Elisa\Downloads\adwcleaner_3.214.exe 2014-07-06 11:35 - 2014-07-06 11:35 - 00002245 _____ () C:\Users\Elisa\Downloads\mbam.txt 2014-07-06 11:26 - 2014-04-30 20:19 - 03329488 _____ () C:\windows\system32\FNTCACHE.DAT 2014-07-06 11:07 - 2014-07-06 11:07 - 00058046 _____ () C:\Users\Elisa\Documents\AVSCAN-20140705-212341-18F8F23A avira.txt 2014-07-06 11:01 - 2014-06-17 13:00 - 00806714 _____ () C:\windows\WindowsUpdate.log 2014-07-06 10:57 - 2014-07-06 10:57 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-06 10:57 - 2014-07-06 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-06 10:55 - 2014-07-06 10:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Elisa\Downloads\revosetup95.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 00001292 _____ () C:\Users\Elisa\Desktop\Revo Uninstaller.lnk 2014-07-06 10:48 - 2014-07-06 10:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-05 23:02 - 2014-07-05 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-07-05 22:58 - 2013-01-25 05:06 - 00000000 ____D () C:\ProgramData\Temp 2014-07-05 22:53 - 2013-11-16 11:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0 2014-07-05 22:49 - 2013-11-16 11:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-07-05 22:47 - 2012-08-07 14:22 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-07-05 22:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-07-05 22:33 - 2013-11-16 11:48 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-05 22:20 - 2014-07-05 22:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files 2014-07-05 22:19 - 2014-07-05 22:16 - 233071424 _____ () C:\Users\Elisa\Downloads\kav14.0.0.4651abcdefg_de_6139.exe 2014-07-05 21:09 - 2013-11-16 15:04 - 00000000 ____D () C:\Users\Elisa\Documents\Visual Studio 2013 2014-07-05 21:05 - 2014-07-05 21:05 - 00000000 _____ () C:\Users\Elisa\Downloads\Gmer.txt 2014-07-05 20:48 - 2014-07-05 20:48 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe 2014-07-03 22:26 - 2014-03-15 10:59 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2014-07-03 19:39 - 2013-08-24 20:16 - 00462336 ___SH () C:\Users\Elisa\Downloads\Thumbs.db 2014-07-03 19:37 - 2014-07-03 19:36 - 00059395 _____ () C:\Users\Elisa\Downloads\Addition.txt 2014-07-03 19:29 - 2014-07-03 19:29 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger(1).exe 2014-07-03 19:29 - 2014-07-03 19:27 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log 2014-07-03 19:27 - 2014-07-03 19:27 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe 2014-07-03 19:27 - 2014-07-03 19:27 - 00000000 _____ () C:\Users\Elisa\defogger_reenable 2014-07-03 19:27 - 2013-08-24 16:13 - 00000000 ____D () C:\Users\Elisa 2014-07-03 19:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent 2014-07-02 16:25 - 2014-01-10 00:24 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbung 2014 2014-07-02 15:24 - 2014-07-02 14:25 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen Juli 2014-07-02 14:59 - 2013-08-24 16:13 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Packages 2014-07-02 14:52 - 2014-07-02 14:50 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db 2014-07-02 14:52 - 2014-01-23 15:32 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen 2014-07-01 18:40 - 2014-07-01 18:28 - 00001606 _____ () C:\windows\setupact.log 2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Elisa\Desktop\Mobile 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 _____ () C:\windows\setuperr.log 2014-07-01 11:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports 2014-06-30 22:55 - 2013-08-25 11:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\CrashDumps 2014-06-26 23:20 - 2014-06-17 15:53 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014 2014-06-19 12:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache 2014-06-17 15:57 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia 2014-06-17 15:56 - 2014-06-17 15:56 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-06-17 13:24 - 2013-08-24 16:23 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001 2014-06-15 15:47 - 2014-01-14 13:04 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2014-06-15 15:46 - 2012-08-06 00:07 - 00000000 ____D () C:\windows\Panther 2014-06-15 15:44 - 2014-06-15 15:42 - 04961831 _____ () C:\Users\Elisa\Downloads\ccsetup414.zip 2014-06-15 14:59 - 2014-06-15 14:58 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla 2014-06-15 14:59 - 2014-06-15 14:58 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla 2014-06-15 14:58 - 2014-06-15 14:58 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-15 14:58 - 2014-06-15 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-13 10:00 - 2013-01-25 04:48 - 00000870 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2014-06-12 21:54 - 2013-08-25 12:27 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 21:54 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp 2014-06-12 21:49 - 2013-08-25 12:24 - 00000000 ____D () C:\windows\system32\MRT 2014-06-12 21:42 - 2013-08-25 12:24 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe Files to move or delete: ==================== C:\ProgramData\MakeMarkerFile.exe C:\Users\EasySurvey\EasySurvey.exe Some content of TEMP: ==================== C:\Users\Elisa\AppData\Local\Temp\avgnt.exe C:\Users\Elisa\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-25 16:27 ==================== End Of Log ============================ |
|
06.07.2014, 17:44
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8/ Rechner hängt sich immer wieder aufESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 20:07
| #5 |
| | Windows 8/ Rechner hängt sich immer wieder auf Hallo, habe jetzt alles durchgeführt, anscheinend wurde durch ESET ein Trojaner gefunden? Vielen Dank. Ich hoffe es wird jetzt besser! Liebe Grüße Elisa ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=bcd47dd2b1500a479f7a5ff4481a078f
# engine=19094
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-09 06:27:17
# local_time=2014-07-09 08:27:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 102192 11609173 0 0
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3595 16777213 100 83 10111500 67049975 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4582072 64436548 0 0
# scanned=296620
# found=12
# cleaned=12
# scan_time=19891
sh=7EFC16C587164083105DD52683CA453F9A64FB17 ft=1 fh=8ae64906c9422b23 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\CSBrowserHelper\cs-browser-assistant-2-0.exe.vir"
sh=B1B0F39ED5795D29F4574D42AF9A162134E4F9ED ft=1 fh=deb392e704818978 vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MetaCrawler\1.8.19.0\escortShld.dll.vir"
sh=7C37B2BC1334EACBFE95768462B259B3D6608CB8 ft=1 fh=c71c0011faab6c24 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MetaCrawler\1.8.19.0\metacrawlerApp.dll.vir"
sh=C60A7F65B55FF089C5AB2EC2C6E9D6629314A9D8 ft=1 fh=c71c001174b731d0 vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MetaCrawler\1.8.19.0\metacrawlerEng.dll.vir"
sh=B7132AC57753BA910A2A449B424D90F3DC26E25F ft=1 fh=c71c0011fec1b59e vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MetaCrawler\1.8.19.0\metacrawlersrv.exe.vir"
sh=76296F7C706DECE5D1F57C0A3C108DF27710A5C0 ft=1 fh=c71c001178cd107c vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MetaCrawler\1.8.19.0\metacrawlerTlbr.dll.vir"
sh=72C832BDC6DB63144D4C183D2942C6250FA2524F ft=1 fh=c71c0011676d57d5 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MetaCrawler\1.8.19.0\bh\metacrawler.dll.vir"
sh=09EBEE06B2F0EBF9B4CA1B91F06FBB6E4CA08C1F ft=1 fh=e7faf7da9eb961d7 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Elisa\AppData\Roaming\MetaCrawler\UpdateProc\UpdateTask.exe.vir"
sh=0C0F0C562D713E29107A03CBC26ED9A0E90AB886 ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NHE Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Elisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\JOCAJ1C5\wiewujzkhm[1].htm"
sh=CD6899750676F82DD5B96C15EDEBC2B0E7AC965A ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NHE Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Elisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QBRCKNKV\ky6vev5ot5[1].htm"
sh=6DA70108069BC515B7DA227EE2B0076134DEA312 ft=1 fh=64a4041d6f94b5c3 vn="Variante von Win32/ExpressDownloader.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Elisa\Desktop\download\pspice_student_version_for_windows_8_downloader_de_386.exe"
sh=6DA70108069BC515B7DA227EE2B0076134DEA312 ft=1 fh=64a4041d6f94b5c3 vn="Variante von Win32/ExpressDownloader.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="F:\Documents\download\pspice_student_version_for_windows_8_downloader_de_386.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.85 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Windows Defender Norton Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 14.0.0.145 Adobe Reader XI Mozilla Firefox (30.0) ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe ESET ESET Online Scanner OnlineScannerApp.exe Malwarebytes Anti-Malware mbamscheduler.exe Symantec Norton Online Backup NOBuAgent.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01 Ran by Elisa (administrator) on PRINCESSLIZZY on 09-07-2014 21:05:39 Running from C:\Users\Elisa\Downloads Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor) HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] () HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) AppInit_DLLs: C:\Program Files => C:\Program Files [0 2014-07-05] () AppInit_DLLs-x32: C:\Program Files => C:\Program Files [0 2014-07-05] () SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir= SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir= SearchScopes: HKLM - {78F63727-94FE-5EEB-6D5C-7F0354F5151E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS SearchScopes: HKLM-x32 - DefaultScope value is missing. BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations) BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation) Toolbar: HKLM-x32 - metacrawler Toolbar - {7EACAC38-B7F6-4514-9DC1-3428A7964ABD} - C:\Program Files (x86)\metaCrawler\1.8.19.0\metacrawlerTlbr.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-15] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn [2014-02-15] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF [2013-10-09] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-10] FF HKCU\...\Firefox\Extensions: [{b0b5a63d-7609-4029-823b-9a3acc4bd1ff}] - C:\Program Files (x86)\Re-markit\135.xpi ==================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.) [File not signed] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.) S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation) R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation) S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation) S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131023.001\IDSvia64.sys [521816 2013-10-18] (Symantec Corporation) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-09] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\ENG64.SYS [126040 2013-08-29] (Symantec Corporation) S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\EX64.SYS [2099288 2013-08-29] (Symantec Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation) S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation) S3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation) S3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation) S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation) S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-26] (Symantec Corporation) S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation) S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-09 21:05 - 2014-07-09 21:05 - 00020607 _____ () C:\Users\Elisa\Downloads\FRST.txt 2014-07-09 20:58 - 2014-07-09 20:59 - 00854390 _____ () C:\Users\Elisa\Downloads\SecurityCheck(1).exe 2014-07-09 20:56 - 2014-07-09 20:56 - 00004226 _____ () C:\Users\Elisa\Downloads\ESET.txt 2014-07-09 14:43 - 2014-07-09 14:43 - 00042841 _____ () C:\Users\Elisa\Downloads\FRST_3.txt 2014-07-09 14:41 - 2014-07-09 14:41 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-09 14:40 - 2014-07-09 14:40 - 02347384 _____ (ESET) C:\Users\Elisa\Downloads\esetsmartinstaller_deu(1).exe 2014-07-09 14:35 - 2014-07-09 21:04 - 00001042 _____ () C:\Users\Elisa\Downloads\checkup.txt 2014-07-09 14:33 - 2014-07-09 14:33 - 00854390 _____ () C:\Users\Elisa\Downloads\SecurityCheck.exe 2014-07-09 10:53 - 2014-07-09 10:53 - 02347384 _____ (ESET) C:\Users\Elisa\Downloads\esetsmartinstaller_deu.exe 2014-07-09 10:39 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll 2014-07-09 10:39 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll 2014-07-09 10:31 - 2014-07-09 10:31 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-06 12:32 - 2014-07-06 12:32 - 00041994 _____ () C:\Users\Elisa\Downloads\FRST_2.txt 2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe 2014-07-06 12:30 - 2014-07-06 12:30 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion 2014-07-06 12:28 - 2014-07-06 12:28 - 00000809 _____ () C:\Users\Elisa\Downloads\JRT.txt 2014-07-06 12:06 - 2014-07-06 12:06 - 00000809 _____ () C:\Users\Elisa\Desktop\JRT.txt 2014-07-06 11:52 - 2014-07-06 11:52 - 00000000 ____D () C:\windows\ERUNT 2014-07-06 11:51 - 2014-07-06 11:51 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe 2014-07-06 11:42 - 2014-07-06 11:42 - 00001118 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-07-06 11:42 - 2014-07-06 11:42 - 00001088 _____ () C:\Users\Elisa\Desktop\Search.lnk 2014-07-06 11:39 - 2014-07-06 11:42 - 00000000 ____D () C:\AdwCleaner 2014-07-06 11:38 - 2014-07-06 11:39 - 01346519 _____ () C:\Users\Elisa\Downloads\adwcleaner_3.214.exe 2014-07-06 11:35 - 2014-07-06 11:35 - 00002245 _____ () C:\Users\Elisa\Downloads\mbam.txt 2014-07-06 11:07 - 2014-07-06 11:07 - 00058046 _____ () C:\Users\Elisa\Documents\AVSCAN-20140705-212341-18F8F23A avira.txt 2014-07-06 10:57 - 2014-07-09 20:53 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-06 10:57 - 2014-07-06 10:57 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-06 10:57 - 2014-07-06 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-06 10:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2014-07-06 10:56 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2014-07-06 10:56 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2014-07-06 10:55 - 2014-07-06 10:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Elisa\Downloads\revosetup95.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 00001292 _____ () C:\Users\Elisa\Desktop\Revo Uninstaller.lnk 2014-07-06 10:48 - 2014-07-06 10:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-05 23:02 - 2014-07-05 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-07-05 22:19 - 2014-07-05 22:20 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files 2014-07-05 22:16 - 2014-07-05 22:19 - 233071424 _____ () C:\Users\Elisa\Downloads\kav14.0.0.4651abcdefg_de_6139.exe 2014-07-05 21:05 - 2014-07-05 21:05 - 00000000 _____ () C:\Users\Elisa\Downloads\Gmer.txt 2014-07-05 20:48 - 2014-07-05 20:48 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe 2014-07-03 19:36 - 2014-07-03 19:37 - 00059395 _____ () C:\Users\Elisa\Downloads\Addition.txt 2014-07-03 19:34 - 2014-07-09 21:05 - 00000000 ____D () C:\FRST 2014-07-03 19:29 - 2014-07-03 19:29 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger(1).exe 2014-07-03 19:27 - 2014-07-03 19:29 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log 2014-07-03 19:27 - 2014-07-03 19:27 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe 2014-07-03 19:27 - 2014-07-03 19:27 - 00000000 _____ () C:\Users\Elisa\defogger_reenable 2014-07-02 14:50 - 2014-07-08 16:11 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db 2014-07-02 14:25 - 2014-07-08 16:44 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen Juli 2014-07-01 18:37 - 2014-07-07 16:01 - 00000000 ____D () C:\Users\Elisa\Desktop\Mobile 2014-07-01 18:28 - 2014-07-07 15:35 - 00003370 _____ () C:\windows\setupact.log 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 _____ () C:\windows\setuperr.log 2014-06-18 19:56 - 2014-07-06 11:42 - 00001826 _____ () C:\windows\PFRO.log 2014-06-17 15:57 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia 2014-06-17 15:56 - 2014-07-09 20:57 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-06-17 15:56 - 2014-07-09 10:57 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-06-17 15:53 - 2014-06-26 23:20 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014 2014-06-17 13:00 - 2014-07-09 16:12 - 01093328 _____ () C:\windows\WindowsUpdate.log 2014-06-15 15:42 - 2014-06-15 15:44 - 04961831 _____ () C:\Users\Elisa\Downloads\ccsetup414.zip 2014-06-15 14:58 - 2014-06-15 14:59 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla 2014-06-15 14:58 - 2014-06-15 14:59 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla 2014-06-15 14:58 - 2014-06-15 14:58 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-15 14:58 - 2014-06-15 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-14 09:00 - 2014-05-31 07:16 - 00703992 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2014-06-14 09:00 - 2014-05-31 07:16 - 00105464 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-06-12 20:37 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2014-06-12 20:37 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2014-06-12 20:37 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2014-06-12 20:37 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2014-06-12 20:37 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2014-06-12 20:37 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2014-06-12 20:36 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2014-06-12 20:36 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2014-06-12 20:36 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2014-06-12 20:36 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2014-06-12 20:36 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2014-06-12 20:36 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2014-06-12 20:36 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2014-06-12 20:36 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2014-06-12 20:36 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2014-06-12 20:35 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll 2014-06-12 20:35 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2014-06-12 20:35 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2014-06-12 20:35 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2014-06-12 20:35 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2014-06-12 20:35 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2014-06-12 20:35 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2014-06-12 20:35 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll 2014-06-12 20:34 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2014-06-12 20:34 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll 2014-06-12 20:34 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2014-06-12 20:34 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2014-06-12 20:34 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys 2014-06-12 20:34 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2014-06-12 20:34 - 2014-04-01 00:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml 2014-06-12 20:34 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe 2014-06-12 20:34 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe 2014-06-12 20:31 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2014-06-12 20:31 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2014-06-12 20:31 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll ==================== One Month Modified Files and Folders ======= 2014-07-09 21:06 - 2014-07-09 21:05 - 00020607 _____ () C:\Users\Elisa\Downloads\FRST.txt 2014-07-09 21:05 - 2014-07-03 19:34 - 00000000 ____D () C:\FRST 2014-07-09 21:04 - 2014-07-09 14:35 - 00001042 _____ () C:\Users\Elisa\Downloads\checkup.txt 2014-07-09 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru 2014-07-09 20:59 - 2014-07-09 20:58 - 00854390 _____ () C:\Users\Elisa\Downloads\SecurityCheck(1).exe 2014-07-09 20:57 - 2014-06-17 15:56 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2014-07-09 20:56 - 2014-07-09 20:56 - 00004226 _____ () C:\Users\Elisa\Downloads\ESET.txt 2014-07-09 20:53 - 2014-07-06 10:57 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-09 20:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job 2014-07-09 16:12 - 2014-06-17 13:00 - 01093328 _____ () C:\windows\WindowsUpdate.log 2014-07-09 15:07 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp 2014-07-09 15:01 - 2013-08-25 12:24 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe 2014-07-09 15:01 - 2013-08-25 12:24 - 00000000 ____D () C:\windows\system32\MRT 2014-07-09 15:01 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\ELAM 2014-07-09 14:43 - 2014-07-09 14:43 - 00042841 _____ () C:\Users\Elisa\Downloads\FRST_3.txt 2014-07-09 14:41 - 2014-07-09 14:41 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-09 14:40 - 2014-07-09 14:40 - 02347384 _____ (ESET) C:\Users\Elisa\Downloads\esetsmartinstaller_deu(1).exe 2014-07-09 14:35 - 2013-08-24 20:16 - 00462336 ___SH () C:\Users\Elisa\Downloads\Thumbs.db 2014-07-09 14:33 - 2014-07-09 14:33 - 00854390 _____ () C:\Users\Elisa\Downloads\SecurityCheck.exe 2014-07-09 11:48 - 2013-01-25 20:54 - 00795786 _____ () C:\windows\system32\perfh007.dat 2014-07-09 11:48 - 2013-01-25 20:54 - 00173668 _____ () C:\windows\system32\perfc007.dat 2014-07-09 11:48 - 2012-07-26 09:28 - 01858740 _____ () C:\windows\system32\PerfStringBackup.INI 2014-07-09 10:57 - 2014-06-17 15:56 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 10:53 - 2014-07-09 10:53 - 02347384 _____ (ESET) C:\Users\Elisa\Downloads\esetsmartinstaller_deu.exe 2014-07-09 10:33 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon 2014-07-09 10:31 - 2014-07-09 10:31 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2014-07-09 10:30 - 2013-01-25 04:48 - 00000868 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2014-07-08 17:19 - 2014-01-10 00:24 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbung 2014 2014-07-08 16:44 - 2014-07-02 14:25 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen Juli 2014-07-08 16:11 - 2014-07-02 14:50 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db 2014-07-08 16:11 - 2014-05-21 21:20 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbung Mai 2014 2014-07-08 16:08 - 2013-09-06 21:08 - 00074336 _____ () C:\Users\Elisa\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-07 16:01 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Elisa\Desktop\Mobile 2014-07-07 15:35 - 2014-07-01 18:28 - 00003370 _____ () C:\windows\setupact.log 2014-07-07 15:33 - 2014-01-23 15:32 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbungen 2014-07-06 14:12 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\NDF 2014-07-06 12:32 - 2014-07-06 12:32 - 00041994 _____ () C:\Users\Elisa\Downloads\FRST_2.txt 2014-07-06 12:30 - 2014-07-06 12:30 - 02084352 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe 2014-07-06 12:30 - 2014-07-06 12:30 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion 2014-07-06 12:28 - 2014-07-06 12:28 - 00000809 _____ () C:\Users\Elisa\Downloads\JRT.txt 2014-07-06 12:06 - 2014-07-06 12:06 - 00000809 _____ () C:\Users\Elisa\Desktop\JRT.txt 2014-07-06 11:52 - 2014-07-06 11:52 - 00000000 ____D () C:\windows\ERUNT 2014-07-06 11:51 - 2014-07-06 11:51 - 01016261 _____ (Thisisu) C:\Users\Elisa\Downloads\JRT.exe 2014-07-06 11:43 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2014-07-06 11:42 - 2014-07-06 11:42 - 00001118 _____ () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-07-06 11:42 - 2014-07-06 11:42 - 00001088 _____ () C:\Users\Elisa\Desktop\Search.lnk 2014-07-06 11:42 - 2014-07-06 11:39 - 00000000 ____D () C:\AdwCleaner 2014-07-06 11:42 - 2014-06-18 19:56 - 00001826 _____ () C:\windows\PFRO.log 2014-07-06 11:42 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI 2014-07-06 11:39 - 2014-07-06 11:38 - 01346519 _____ () C:\Users\Elisa\Downloads\adwcleaner_3.214.exe 2014-07-06 11:35 - 2014-07-06 11:35 - 00002245 _____ () C:\Users\Elisa\Downloads\mbam.txt 2014-07-06 11:26 - 2014-04-30 20:19 - 03329488 _____ () C:\windows\system32\FNTCACHE.DAT 2014-07-06 11:07 - 2014-07-06 11:07 - 00058046 _____ () C:\Users\Elisa\Documents\AVSCAN-20140705-212341-18F8F23A avira.txt 2014-07-06 10:57 - 2014-07-06 10:57 - 00001128 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-06 10:57 - 2014-07-06 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-06 10:56 - 2014-07-06 10:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-06 10:55 - 2014-07-06 10:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Elisa\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Elisa\Downloads\revosetup95.exe 2014-07-06 10:48 - 2014-07-06 10:48 - 00001292 _____ () C:\Users\Elisa\Desktop\Revo Uninstaller.lnk 2014-07-06 10:48 - 2014-07-06 10:48 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-07-05 23:02 - 2014-07-05 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2014-07-05 22:58 - 2013-01-25 05:06 - 00000000 ____D () C:\ProgramData\Temp 2014-07-05 22:53 - 2013-11-16 11:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0 2014-07-05 22:49 - 2013-11-16 11:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-07-05 22:47 - 2012-08-07 14:22 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-07-05 22:34 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-07-05 22:33 - 2013-11-16 11:48 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-05 22:20 - 2014-07-05 22:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files 2014-07-05 22:19 - 2014-07-05 22:16 - 233071424 _____ () C:\Users\Elisa\Downloads\kav14.0.0.4651abcdefg_de_6139.exe 2014-07-05 21:09 - 2013-11-16 15:04 - 00000000 ____D () C:\Users\Elisa\Documents\Visual Studio 2013 2014-07-05 21:05 - 2014-07-05 21:05 - 00000000 _____ () C:\Users\Elisa\Downloads\Gmer.txt 2014-07-05 20:48 - 2014-07-05 20:48 - 00380416 _____ () C:\Users\Elisa\Downloads\Gmer-19357.exe 2014-07-03 22:26 - 2014-03-15 10:59 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2014-07-03 19:37 - 2014-07-03 19:36 - 00059395 _____ () C:\Users\Elisa\Downloads\Addition.txt 2014-07-03 19:29 - 2014-07-03 19:29 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger(1).exe 2014-07-03 19:29 - 2014-07-03 19:27 - 00000472 _____ () C:\Users\Elisa\Downloads\defogger_disable.log 2014-07-03 19:27 - 2014-07-03 19:27 - 00050477 _____ () C:\Users\Elisa\Downloads\Defogger.exe 2014-07-03 19:27 - 2014-07-03 19:27 - 00000000 _____ () C:\Users\Elisa\defogger_reenable 2014-07-03 19:27 - 2013-08-24 16:13 - 00000000 ____D () C:\Users\Elisa 2014-07-03 19:09 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent 2014-07-02 14:59 - 2013-08-24 16:13 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Packages 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____H () C:\windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 _____ () C:\windows\setuperr.log 2014-07-01 11:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\LiveKernelReports 2014-06-30 22:55 - 2013-08-25 11:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\CrashDumps 2014-06-26 23:20 - 2014-06-17 15:53 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014 2014-06-19 12:50 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache 2014-06-17 15:57 - 2014-06-17 15:57 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Macromedia 2014-06-17 13:24 - 2013-08-24 16:23 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2669165515-361187302-876288576-1001 2014-06-15 15:47 - 2014-01-14 13:04 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2014-06-15 15:46 - 2012-08-06 00:07 - 00000000 ____D () C:\windows\Panther 2014-06-15 15:44 - 2014-06-15 15:42 - 04961831 _____ () C:\Users\Elisa\Downloads\ccsetup414.zip 2014-06-15 14:59 - 2014-06-15 14:58 - 00000000 ____D () C:\Users\Elisa\AppData\Roaming\Mozilla 2014-06-15 14:59 - 2014-06-15 14:58 - 00000000 ____D () C:\Users\Elisa\AppData\Local\Mozilla 2014-06-15 14:58 - 2014-06-15 14:58 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-15 14:58 - 2014-06-15 14:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-13 10:00 - 2013-01-25 04:48 - 00000870 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2014-06-12 21:54 - 2013-08-25 12:27 - 00000000 ____D () C:\ProgramData\Microsoft Help Files to move or delete: ==================== C:\ProgramData\MakeMarkerFile.exe C:\Users\EasySurvey\EasySurvey.exe Some content of TEMP: ==================== C:\Users\Elisa\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-25 16:27 ==================== End Of Log ============================ |
|
10.07.2014, 15:10
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8/ Rechner hängt sich immer wieder auf Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ --> Windows 8/ Rechner hängt sich immer wieder auf |
|
10.07.2014, 16:40
| #7 |
| | Windows 8/ Rechner hängt sich immer wieder auf Hallo, ich kann folgenden Punkt nicht ausführen: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument. Sobald ich den Text kopiert habe und eingefügt und ich auf OK drücken will, zeigt es mir an, dass ich kein Programm habe, um dieses zu öffnen..  |
|
11.07.2014, 11:09
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8/ Rechner hängt sich immer wieder auf Screenshot davon bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.08.2014, 17:39
| #9 |
| | Windows 8/ Rechner hängt sich immer wieder auf Hallo, so jetzt nach dem Urlaub, habe ich es nochmal probiert, es hat geklappt. Und füge den FRST und Fixlog hier ein. Momentan läuft mein Laptop trotzdem noch nicht, ich überlege mir zurzeit einfach Windows 7 wieder drauf zu machen.. und alles neu zuordnen, würde das gehen? Ganz liebe Grüße und Danke. FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Elisa (administrator) on PRINCESSLIZZY on 26-08-2014 14:46:19
Running from C:\Users\Elisa\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-12-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [128640 2012-12-05] (Atheros Communications)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [3952128 2012-11-27] (Bitcasa, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2669165515-361187302-876288576-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [1128000 2014-06-03] (BillP Studios)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {116DA551-D8D1-4F50-8758-983BF75C74E2} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKLM - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir=
SearchScopes: HKLM - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL = hxxp://i.search.metacrawler.com/results.php?f=4&q={searchTerms}&a=ironmc2&cd=2XzuyEtN2Y1L1QzuyD0AyCyB0BtDyD0FzztBtB0CtAyBtDzytN0D0Tzu0CyCzytCtN1L2XzutBtFtBtFzztFtCtByEyBtN1L1Czu&cr=1409976367&ir=
SearchScopes: HKLM - {78F63727-94FE-5EEB-6D5C-7F0354F5151E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
SearchScopes: HKCU - {38B7222B-4B2A-4275-BD2A-70DC0BE165A6} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
Toolbar: HKLM-x32 - metacrawler Toolbar - {7EACAC38-B7F6-4514-9DC1-3428A7964ABD} - C:\Program Files (x86)\metaCrawler\1.8.19.0\metacrawlerTlbr.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Elisa\AppData\Roaming\Mozilla\Firefox\Profiles\dcxcqb2t.default\Extensions\abs@avira.com [2014-08-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\coFFPlgn [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-10-10]
FF HKCU\...\Firefox\Extensions: [{b0b5a63d-7609-4029-823b-9a3acc4bd1ff}] - C:\Program Files (x86)\Re-markit\135.xpi
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aimlpnfjepeiihjgganidcbdncbdpeac] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha7546\ch\WebexpEnhancedV1alpha7546.crx []
CHR HKLM-x32\...\Chrome\Extension: [eoakgccipagogbcnmgcacjhbecjfmjag] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release919\ch\RichMediaViewV1release919.crx []
CHR HKLM-x32\...\Chrome\Extension: [ggfklfghoikabpfioaiboolbaggjoamc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5666\ch\MediaViewV1alpha5666.crx []
CHR HKLM-x32\...\Chrome\Extension: [iidchehmcnlmofnlhklleegdgdmekcin] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3224\ch\MediaViewV1alpha3224.crx []
CHR HKLM-x32\...\Chrome\Extension: [mcifeiempolphlajfjciokdcciaiflik] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha581\ch\MediaViewerV1alpha581.crx []
CHR HKLM-x32\...\Chrome\Extension: [mcolmagnmmpojfigniidommdbmblnaaf] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home9575\ch\MediaWatchV1home9575.crx []
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [ppppplcamfkolalahblcajflnlahkedf] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta116\ch\VideoPlayerV3beta116.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171664 2012-11-06] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231552 2012-12-05] (Qualcomm Atheros Commnucations)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2012-07-26] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1591176 2012-11-30] (Samsung Electronics CO., LTD.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SWUpdateService; C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2878152 2012-12-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-05] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [1524824 2013-10-23] (Symantec Corporation)
R3 BTATH_HID; C:\Windows\system32\DRIVERS\btath_hid.sys [222360 2012-12-05] (Qualcomm Atheros)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-05] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-08-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-08-27] (Symantec Corporation)
S3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\IPSDefs\20131023.001\IDSvia64.sys [521816 2013-10-18] (Symantec Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\48230029.sys [122584 2014-07-24] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\ENG64.SYS [126040 2013-08-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.0.24\Definitions\VirusDefs\20131023.024\EX64.SYS [2099288 2013-08-29] (Symantec Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
S3 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
S3 SymDS; C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
S3 SymEFA; C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
S3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-08-26] (Symantec Corporation)
S3 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
S3 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 14:46 - 2014-08-26 14:46 - 00023334 _____ () C:\Users\Elisa\Downloads\FRST.txt
2014-08-26 14:45 - 2014-08-26 14:45 - 02103296 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe
2014-08-26 14:44 - 2014-08-26 14:44 - 00000063 _____ () C:\Users\Elisa\Downloads\Fixlist.txt
2014-08-26 11:14 - 2014-08-26 11:14 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-08-25 22:45 - 2014-08-25 22:45 - 00001155 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-21 11:44 - 2014-05-15 03:02 - 00059424 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-21 11:44 - 2014-05-15 00:43 - 03286528 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-21 11:44 - 2014-05-15 00:43 - 01623040 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-21 11:44 - 2014-05-15 00:43 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2014-08-21 11:44 - 2014-05-15 00:42 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2014-08-16 20:43 - 2014-08-20 16:54 - 00000000 ____D () C:\Users\Elisa\Desktop\Neuer Ordner (2)
2014-08-14 20:45 - 2014-08-14 20:45 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-08-14 20:39 - 2014-08-02 02:15 - 00704480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-08-14 20:39 - 2014-08-02 02:15 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 20:03 - 2014-08-13 20:03 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-08-13 20:03 - 2014-08-13 20:03 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-08-13 16:28 - 2014-08-16 20:52 - 00000000 ____D () C:\Users\Elisa\Desktop\schwiz
2014-08-13 16:17 - 2014-08-16 20:53 - 00000000 ____D () C:\Users\Elisa\Desktop\Schweiz 2014
2014-08-13 15:02 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-08-13 15:00 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-13 15:00 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-08-13 14:59 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-13 14:59 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-13 14:59 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-13 14:59 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-08-13 14:59 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-13 14:59 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-13 14:59 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-13 14:59 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-13 14:59 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-13 14:59 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-13 14:59 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-13 14:59 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-13 14:59 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-13 14:59 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-08-13 14:58 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-13 14:58 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-13 14:58 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-13 14:57 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-13 14:57 - 2014-07-16 00:55 - 04035072 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-13 14:57 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-13 14:52 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-13 14:52 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-13 14:52 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-13 14:52 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-08-13 14:52 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-13 14:52 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-13 14:52 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-13 14:52 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2014-08-13 14:52 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-08-13 14:52 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-13 14:52 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-13 14:52 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-13 14:52 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2014-08-13 14:52 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2014-08-13 14:52 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-08-13 14:42 - 2014-08-13 14:42 - 00000411 _____ () C:\windows\SecuniaPackage.log
2014-07-29 18:07 - 2014-08-20 16:10 - 00000000 ____D () C:\Users\Elisa\Desktop\Stellen August 2014
2014-07-29 18:07 - 2014-08-16 20:54 - 00000000 ____D () C:\Users\Elisa\Desktop\Ausbildung 2014
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-26 14:47 - 2014-08-26 14:46 - 00023334 _____ () C:\Users\Elisa\Downloads\FRST.txt
2014-08-26 14:46 - 2014-07-03 19:34 - 00000000 ____D () C:\FRST
2014-08-26 14:45 - 2014-08-26 14:45 - 02103296 _____ (Farbar) C:\Users\Elisa\Downloads\FRST64.exe
2014-08-26 14:45 - 2014-07-06 12:30 - 00000000 ____D () C:\Users\Elisa\Downloads\FRST-OlderVersion
2014-08-26 14:45 - 2013-08-24 20:16 - 00462336 ___SH () C:\Users\Elisa\Downloads\Thumbs.db
2014-08-26 14:44 - 2014-08-26 14:44 - 00000063 _____ () C:\Users\Elisa\Downloads\Fixlist.txt
2014-08-26 14:15 - 2013-01-25 05:10 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-08-26 14:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-08-26 13:57 - 2014-06-17 15:56 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-26 12:07 - 2013-08-25 11:39 - 00000000 ____D () C:\Users\Elisa\AppData\Local\CrashDumps
2014-08-26 11:33 - 2014-06-17 13:00 - 01824728 _____ () C:\windows\WindowsUpdate.log
2014-08-26 11:17 - 2013-01-25 04:58 - 00000000 ____D () C:\ProgramData\WinClon
2014-08-26 11:14 - 2014-08-26 11:14 - 00000000 ___RD () C:\Users\Elisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-08-25 22:45 - 2014-08-25 22:45 - 00001155 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-25 22:45 - 2014-03-10 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-25 22:45 - 2014-03-10 13:20 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-25 22:45 - 2013-11-16 11:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-25 18:10 - 2012-07-26 09:59 - 00000000 ____D () C:\windows\CbsTemp
2014-08-22 14:57 - 2013-01-25 20:54 - 00795786 _____ () C:\windows\system32\perfh007.dat
2014-08-22 14:57 - 2013-01-25 20:54 - 00173668 _____ () C:\windows\system32\perfc007.dat
2014-08-22 14:57 - 2012-07-26 09:28 - 01858740 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-21 20:53 - 2014-07-02 14:50 - 00006144 ___SH () C:\Users\Elisa\Desktop\Thumbs.db
2014-08-21 10:59 - 2014-01-10 00:24 - 00000000 ____D () C:\Users\Elisa\Desktop\Bewerbung 2014
2014-08-20 16:54 - 2014-08-16 20:43 - 00000000 ____D () C:\Users\Elisa\Desktop\Neuer Ordner (2)
2014-08-20 16:10 - 2014-07-29 18:07 - 00000000 ____D () C:\Users\Elisa\Desktop\Stellen August 2014
2014-08-18 21:26 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\rescache
2014-08-16 20:54 - 2014-07-29 18:07 - 00000000 ____D () C:\Users\Elisa\Desktop\Ausbildung 2014
2014-08-16 20:53 - 2014-08-13 16:17 - 00000000 ____D () C:\Users\Elisa\Desktop\Schweiz 2014
2014-08-16 20:52 - 2014-08-13 16:28 - 00000000 ____D () C:\Users\Elisa\Desktop\schwiz
2014-08-14 22:10 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-08-14 20:47 - 2014-03-10 13:20 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 20:45 - 2014-08-14 20:45 - 00003718 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-08-14 20:45 - 2013-01-25 04:47 - 00000000 ____D () C:\ProgramData\Intel
2014-08-14 20:38 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-14 20:37 - 2014-07-24 14:50 - 03329488 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-14 20:37 - 2014-06-18 19:56 - 00008492 _____ () C:\windows\PFRO.log
2014-08-14 20:37 - 2013-11-17 12:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-14 20:37 - 2013-11-17 12:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-14 20:36 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-08-14 20:33 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-08-13 20:04 - 2013-01-25 04:42 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-13 20:03 - 2014-08-13 20:03 - 00003476 _____ () C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-08-13 20:03 - 2014-08-13 20:03 - 00000000 ____D () C:\ProgramData\Intel(R) Update Manager
2014-08-13 20:03 - 2013-01-25 04:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-08-13 15:31 - 2014-07-01 18:28 - 00004466 _____ () C:\windows\setupact.log
2014-08-13 15:06 - 2013-08-25 12:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 15:05 - 2013-08-25 12:24 - 00000000 ____D () C:\windows\system32\MRT
2014-08-13 15:02 - 2013-08-25 12:24 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-13 14:42 - 2014-08-13 14:42 - 00000411 _____ () C:\windows\SecuniaPackage.log
2014-08-13 14:42 - 2014-06-17 15:56 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-08-02 02:15 - 2014-08-14 20:39 - 00704480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:15 - 2014-08-14 20:39 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-29 19:46 - 2014-07-10 18:03 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-07-29 19:46 - 2013-01-25 05:06 - 00000000 ____D () C:\ProgramData\Temp
2014-07-29 19:04 - 2014-06-17 15:53 - 00000000 ____D () C:\Users\Elisa\Desktop\Duales Studium 2014
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Elisa\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-22 15:48
==================== End Of Log ============================
--- --- --- Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by Elisa at 2014-08-26 14:48:13 Run:1
Running from C:\Users\Elisa\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
*****************
C:\windows\system32\GroupPolicy\Machine => Moved successfully.
C:\windows\system32\GroupPolicy\GPT.ini => Moved successfully.
The system needed a reboot.
==== End of Fixlog ====
Aber er hat erkannt das meine ARK Library noch immer nicht funktioniert: Fehler in der ARK Library Ich kopiere es einfach mal hier rein Code:
ATTFilter Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 26. August 2014 15:05
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 8
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : PRINCESSLIZZY
Versionsinformationen:
BUILD.DAT : 14.0.6.570 92022 Bytes 15.08.2014 10:30:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 14.08.2014 18:44:11
AVSCANRC.DLL : 14.0.6.522 62544 Bytes 14.08.2014 18:44:11
LUKE.DLL : 14.0.6.522 57936 Bytes 14.08.2014 18:45:11
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 14.08.2014 18:44:11
AVREG.DLL : 14.0.6.522 262224 Bytes 14.08.2014 18:44:06
avlode.dll : 14.0.6.526 603728 Bytes 14.08.2014 18:44:04
avlode.rdf : 14.0.4.42 65114 Bytes 19.07.2014 16:41:14
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:51
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:52
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:52
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:52
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:53
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:53
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:53
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:53
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:53
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:54
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:54
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:54
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:55
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:55
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:55
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:55
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:55
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:56
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:56
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:56
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:56
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:57
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:57
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:57
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:57
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:58
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:58
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:58
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:58
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:58
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:59
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:59
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 12:32:59
XBV00094.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00095.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00096.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00097.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00098.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00099.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00100.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00101.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00102.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00103.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00104.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00105.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00106.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00107.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00108.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00109.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00110.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00111.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00112.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00113.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00114.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00115.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00116.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00117.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00118.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00119.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00120.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00121.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:41
XBV00122.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00123.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00124.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00125.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00126.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00127.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00128.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00129.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00130.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00131.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00132.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00133.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00134.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00135.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00136.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00137.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00138.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00139.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00140.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00141.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00142.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00143.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00144.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00145.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00146.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00147.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00148.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00149.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00150.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00151.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00152.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:42
XBV00153.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00154.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00155.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00156.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00157.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00158.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00159.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00160.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00161.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00162.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00163.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00164.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00165.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00166.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00167.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00168.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00169.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00170.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00171.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00172.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00173.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00174.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00175.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00176.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00177.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00178.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:43
XBV00179.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00180.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00181.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00182.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00183.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00184.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00185.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00186.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00187.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00188.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00189.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00190.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:44
XBV00191.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00192.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00193.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00194.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00195.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00196.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00197.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00198.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00199.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00200.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00201.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00202.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00203.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00204.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00205.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00206.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00207.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00208.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00209.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:45
XBV00210.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00211.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00212.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00213.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00214.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00215.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00216.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00217.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00218.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00219.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00220.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00221.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00222.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00223.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00224.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00225.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00226.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00227.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00228.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00229.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00230.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:46
XBV00231.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00232.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00233.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00234.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00235.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00236.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00237.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00238.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00239.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00240.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00241.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00242.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00243.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00244.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00245.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00246.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00247.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00248.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00249.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00250.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00251.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:47
XBV00252.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:48
XBV00253.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:48
XBV00254.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:48
XBV00255.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:49:48
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 10:41:06
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 10:41:06
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 10:41:06
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 10:41:06
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 10:41:06
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 10:41:06
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 10:44:12
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 09:21:14
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 12:32:51
XBV00042.VDF : 8.11.167.234 1073152 Bytes 19.08.2014 13:49:35
XBV00043.VDF : 8.11.167.236 3584 Bytes 19.08.2014 13:49:35
XBV00044.VDF : 8.11.167.238 17408 Bytes 19.08.2014 13:49:35
XBV00045.VDF : 8.11.167.242 7168 Bytes 19.08.2014 13:49:35
XBV00046.VDF : 8.11.167.248 2048 Bytes 19.08.2014 13:49:35
XBV00047.VDF : 8.11.168.26 19968 Bytes 19.08.2014 13:49:35
XBV00048.VDF : 8.11.168.44 10240 Bytes 19.08.2014 13:49:35
XBV00049.VDF : 8.11.168.60 2048 Bytes 19.08.2014 13:49:35
XBV00050.VDF : 8.11.168.78 27136 Bytes 20.08.2014 13:49:35
XBV00051.VDF : 8.11.168.80 2048 Bytes 20.08.2014 13:49:35
XBV00052.VDF : 8.11.168.98 15360 Bytes 20.08.2014 13:49:36
XBV00053.VDF : 8.11.168.100 2048 Bytes 20.08.2014 13:49:36
XBV00054.VDF : 8.11.168.116 28160 Bytes 20.08.2014 11:19:58
XBV00055.VDF : 8.11.168.118 9216 Bytes 20.08.2014 11:19:58
XBV00056.VDF : 8.11.168.120 4096 Bytes 20.08.2014 11:19:58
XBV00057.VDF : 8.11.168.124 12800 Bytes 21.08.2014 11:19:58
XBV00058.VDF : 8.11.168.126 25088 Bytes 21.08.2014 11:19:58
XBV00059.VDF : 8.11.168.132 33280 Bytes 21.08.2014 11:19:58
XBV00060.VDF : 8.11.168.134 2048 Bytes 21.08.2014 11:19:58
XBV00061.VDF : 8.11.168.138 11776 Bytes 21.08.2014 11:19:58
XBV00062.VDF : 8.11.168.140 3584 Bytes 21.08.2014 11:19:58
XBV00063.VDF : 8.11.168.158 3584 Bytes 22.08.2014 11:19:59
XBV00064.VDF : 8.11.168.174 2048 Bytes 22.08.2014 11:19:59
XBV00065.VDF : 8.11.168.180 5120 Bytes 22.08.2014 11:19:59
XBV00066.VDF : 8.11.168.220 7168 Bytes 22.08.2014 11:19:59
XBV00067.VDF : 8.11.168.222 20480 Bytes 22.08.2014 19:47:24
XBV00068.VDF : 8.11.168.226 17920 Bytes 22.08.2014 19:47:24
XBV00069.VDF : 8.11.168.230 8704 Bytes 22.08.2014 07:00:12
XBV00070.VDF : 8.11.168.234 4608 Bytes 23.08.2014 15:07:21
XBV00071.VDF : 8.11.168.236 4608 Bytes 23.08.2014 15:07:21
XBV00072.VDF : 8.11.168.238 4608 Bytes 23.08.2014 15:07:21
XBV00073.VDF : 8.11.168.240 37376 Bytes 23.08.2014 15:07:21
XBV00074.VDF : 8.11.168.242 2048 Bytes 23.08.2014 15:07:21
XBV00075.VDF : 8.11.168.244 38400 Bytes 24.08.2014 09:15:49
XBV00076.VDF : 8.11.168.246 2048 Bytes 24.08.2014 09:15:50
XBV00077.VDF : 8.11.168.248 14848 Bytes 24.08.2014 09:15:50
XBV00078.VDF : 8.11.168.252 2048 Bytes 24.08.2014 09:15:50
XBV00079.VDF : 8.11.168.254 24576 Bytes 24.08.2014 09:15:50
XBV00080.VDF : 8.11.169.2 2048 Bytes 24.08.2014 09:15:50
XBV00081.VDF : 8.11.169.4 22528 Bytes 25.08.2014 09:15:50
XBV00082.VDF : 8.11.169.20 6656 Bytes 25.08.2014 09:15:50
XBV00083.VDF : 8.11.169.36 4608 Bytes 25.08.2014 09:15:50
XBV00084.VDF : 8.11.169.38 11264 Bytes 25.08.2014 09:15:51
XBV00085.VDF : 8.11.169.40 2048 Bytes 25.08.2014 09:15:51
XBV00086.VDF : 8.11.169.54 8192 Bytes 25.08.2014 09:15:51
XBV00087.VDF : 8.11.169.62 28672 Bytes 25.08.2014 09:15:51
XBV00088.VDF : 8.11.169.66 14336 Bytes 25.08.2014 09:15:51
XBV00089.VDF : 8.11.169.68 3584 Bytes 25.08.2014 09:15:51
XBV00090.VDF : 8.11.169.72 15872 Bytes 26.08.2014 09:15:51
XBV00091.VDF : 8.11.169.74 6144 Bytes 26.08.2014 09:15:51
XBV00092.VDF : 8.11.169.76 12288 Bytes 26.08.2014 09:15:51
XBV00093.VDF : 8.11.169.78 5632 Bytes 26.08.2014 09:15:51
LOCAL001.VDF : 8.11.169.78 109285376 Bytes 26.08.2014 09:17:13
Engineversion : 8.3.24.18
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:49:31
AESCRIPT.DLL : 8.2.0.18 437104 Bytes 22.08.2014 11:19:57
AESCN.DLL : 8.3.2.2 139456 Bytes 21.07.2014 18:39:34
AESBX.DLL : 8.2.20.24 1409224 Bytes 08.05.2014 18:34:21
AERDL.DLL : 8.2.0.138 704888 Bytes 25.02.2014 10:41:04
AEPACK.DLL : 8.4.0.50 792488 Bytes 13.08.2014 12:32:05
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 18:43:55
AEHEUR.DLL : 8.1.4.1240 7433072 Bytes 22.08.2014 11:19:56
AEHELP.DLL : 8.3.1.0 278728 Bytes 29.05.2014 17:02:52
AEGEN.DLL : 8.1.7.28 450752 Bytes 14.06.2014 07:05:15
AEEXP.DLL : 8.4.2.30 247712 Bytes 22.08.2014 11:19:58
AEEMU.DLL : 8.1.3.4 399264 Bytes 13.08.2014 12:31:45
AEDROID.DLL : 8.4.2.24 442568 Bytes 14.06.2014 07:05:30
AECORE.DLL : 8.3.2.6 243712 Bytes 13.08.2014 12:31:44
AEBB.DLL : 8.1.2.0 60448 Bytes 13.08.2014 12:31:43
AVWINLL.DLL : 14.0.6.522 24144 Bytes 14.08.2014 18:43:41
AVPREF.DLL : 14.0.6.522 50256 Bytes 14.08.2014 18:44:05
AVREP.DLL : 14.0.6.522 219216 Bytes 14.08.2014 18:44:06
AVARKT.DLL : 14.0.5.368 226384 Bytes 03.07.2014 20:26:13
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 14.08.2014 18:44:01
SQLITE3.DLL : 14.0.6.522 452176 Bytes 14.08.2014 18:45:22
AVSMTP.DLL : 14.0.6.522 76368 Bytes 14.08.2014 18:44:12
NETNT.DLL : 14.0.6.522 13392 Bytes 14.08.2014 18:45:12
RCIMAGE.DLL : 14.0.6.544 4863568 Bytes 14.08.2014 18:43:41
RCTEXT.DLL : 14.0.6.558 76080 Bytes 26.08.2014 09:15:48
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Dienstag, 26. August 2014 15:05
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Fehler in der ARK Library
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '162' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '125' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'adminservice.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasyLauncher.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'HelperService.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'PSIA.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'sqlwriter.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SWMAgent.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ath_CoexAgent.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySettingsCmdServer.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '211' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'sSettings.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtTray.exe' - '118' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'CommonAgent.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'BtvStack.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxtray.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'hkcmd.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'ActivateDesktop.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinPatrol.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'psi_tray.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDVD10Serv.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc_P2G8.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'DivXUpdate.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'SYNTPHELPER.EXE' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '190' Modul(e) wurden durchsucht
Durchsuche Prozess 'PhotoshopElementsFileAgent.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'ccSvcHst.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOBuAgent.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'GuaranaAgent.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '107' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'Taskmgr.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '59' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1910' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\ProgramData\Package Cache\5934DD101414BBC0B7F1EE2780D2FC8B9BEC5C4D\packages\dotNetFramework\NDP451-KB2858728-x86-x64-AllOS-ENU.exe
[0] Archivtyp: 7-Zip SFX (self extracting)
--> netfx_core_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_core_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_extended_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_extended_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_x64.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_x86.msi
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> header.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SplashScreen.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> watermark.bmp
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> DisplayIcon.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Print.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate1.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate2.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate3.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate4.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate5.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate6.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate7.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Rotate8.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Save.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/Setup.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/stop.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/SysReqMet.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/SysReqNotMet.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Graphics/warn.ico
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/LocalizedData.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> ParameterInfo.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Strings.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> UiInfo.xml
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUi.xsd
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> DHtmlHeader.html
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/eula.rtf
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Setup.exe
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUtility.exe
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupEngine.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1025/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2052/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1028/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1042/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1041/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1037/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1033/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1030/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1044/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1053/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1029/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1035/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1040/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1045/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1046/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1049/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 2070/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1031/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1036/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1038/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 3082/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1032/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1043/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> 1055/SetupResources.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> SetupUi.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> sqmapi.dll
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.0-KB956250-v6001-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.0-KB956250-v6001-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.1-KB958488-v6001-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows6.1-KB958488-v6001-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows8-RT-KB2881468-x64.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> Windows8-RT-KB2881468-x86.msu
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_GDR.mzz
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
--> netfx_Full_LDR.mzz
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
[WARNUNG] Zu wenig Speicher! Die Datei wurde nicht durchsucht!
Ende des Suchlaufs: Dienstag, 26. August 2014 17:24
Benötigte Zeit: 2:18:28 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
44571 Verzeichnisse wurden überprüft
534054 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
534054 Dateien ohne Befall
5264 Archive wurden durchsucht
1 Warnungen
0 Hinweise
93 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
27.08.2014, 14:17
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8/ Rechner hängt sich immer wieder auf Deinstalliere Avira und installiere es neu, oder gleich was andres. Was hat der Rechner denn aktuell noch an Problemen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.08.2014, 21:01
| #11 |
| | Windows 8/ Rechner hängt sich immer wieder auf Hallo, danke für die schnelle Antwort. Wie kann ich den Fehler in der ARK Library beheben? Ich werde jetzt erst mal paar mal meine Programme laufen lassen.. und beobachte nochmal, wann die Probleme genau auftreten. Dann melde ich mich nochmal. vielen Dank.Liebe Grüße Elisa  Geändert von Elly_65 (27.08.2014 um 21:12 Uhr) |
|
28.08.2014, 12:50
| #12 | |
| /// the machine /// TB-Ausbilder | Windows 8/ Rechner hängt sich immer wieder aufZitat:
 .
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8/ Rechner hängt sich immer wieder auf |
| anlage, branding, ccsetup, device driver, dvdvideosoft ltd., js/exploit.agent.nhe, win32/dealply.s, win32/expressdownloader.h, win32/packed.scramblewrapper.g, win32/toolbar.escort.a, win32/toolbar.montiera.a, win32/toolbar.montiera.f, win32/toolbar.montiera.j, windowsapps |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
