| |
| |||||||
Log-Analyse und Auswertung: (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
10.07.2014, 07:35
| #1 |
 |  (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper" Guten morgen, liebe Forumshelfer. Zunächst möchte ich meinen Dank an euch aussprechen, ihr seid ein Segen und habt schon viele in ihrer Misere erlöst, ein ganz großes Danke dafür. -Nun zu meinem Problem: Der im Titel stehende Trojaner ist laut AVG dem "Typ" "Prozess" und "E-mail, Archiv" zugeordnet/ dort zugange. Ich bin mir nicht sicher, ob es sich um mehrere Trojaner oder nur um die Besetzung eines mehrerer Areale handelt). Es ist mir etwas unangenehm, jetzt schon schreiben zu müssen, dass ich an Schritt 2 der Vorsorgungen vor Erstellung eines eigenen Posts scheiterte. Dort erwartete mich eine Fehlermeldung: "(Exception EAccess Violation in Module Erunt.exe at 00003A62. Access Violation at address 00403A62 in Module ´Erunt.exe´. Read of address 0069005C." Bin jetzt ohnehin bereits verunsichert, deswegen würde ich ab hier bereits auf weitere ANleitung vorgehen wollen. Da ich jedoch den ganzen Tag mich hier bereitstelle denke ich, dass das hier kein stehender Prozess sein wird, wenn sich jemand meiner annehmen würde. Antworten meinerseits kommen zu fix wie es geht. Eine Frage vorweg: Muss ich mir sorgen um meine Passwortsicherheit machen? - Ich logge mich jetzt nirgendwo mehr ein, bis der Virus hoffentlich vollständig terminiert ist. Auch läuft mein AVG jeden Tag, also habe ich ihn innerhalb der letzten 24h eingefangen, da war ich jedoch schon in meinem Onlinebankkonto und in meinem E-mail Postfach zugange. Vielleicht unwichtig, aber dies ist mein erster richtiger Trojaner bisher. Vielen Dank im voraus! |
|
10.07.2014, 08:33
| #2 |
| /// the machine /// TB-Ausbilder    | (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper" hi,
__________________Falls der ERUNT Fehler von FRST kam, FRST löschen und neu laden. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.07.2014, 09:03
| #3 |
| | (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper" hallo.(habe noch einmal neu geladen, kam wieder derselbe Fehler bei FRST, vielleicht sind aber die ausgeworfenen Scanergebnisse dennoch OK.)
__________________Ich war gerade am editieren meines posts^^ der editierte ist also auf Postplatz 1, aus Platzgründen kommt die FRST .txt hier und die "Addition" editiert im "Post 1" von mir dazu. "Addition":FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by "MEIN NAME" at 2014-07-10 08:58:33
Running from C:\Users\"MEIN NAME"\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{DE18940E-5986-480A-8518-7327D14756D3}) (Version: 6.0.0 - Helmut Buhler)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
Apowersoft Bildschirmrekorder Pro V1.1.9 (HKLM-x32\...\{BADAA284-1D15-4EBB-B1E5-7C86603CDBBB}_is1) (Version: 1.1.9 - Apowersoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
BenVista PhotoZoom Classic 4.1.4 (HKCU\...\PhotoZoom Classic 4) (Version: 4.1.4 - BenVista Ltd.)
Blackthorne (HKLM-x32\...\{C563EEF9-17FF-4563-8B78-82AF0C4577CE}) (Version: 1.0.0 - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.17.916 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{7E6316CA-5ED0-4EF9-9920-A92115E286B7}) (Version: 0.7.17.916 - BlueStack Systems, Inc.)
Bontago (HKLM-x32\...\Bontago) (Version: 1.0 - )
Borderlands 2 All in One DLC-Pack Plus Update 12 (v.1.3.1 + Hotfix) 1.00 (HKLM-x32\...\Borderlands 2 All in One DLC-Pack Plus Update 12 (v.1.3.1 + Hotfix) 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands 2 Game of the Year Edition MULTI-2 1.6.0 (HKLM-x32\...\Borderlands 2 Game of the Year Edition MULTI-2 1.6.0) (Version: - )
Borderlands 2 Headhunter 1 Bloody Harvest DLC Plus Update 19 (v1.6.0) 1.00 (HKLM-x32\...\Borderlands 2 Headhunter 1 Bloody Harvest DLC Plus Update 19 (v1.6.0) 1.00) (Version: - )
Borderlands 2 Headhunter 2 Wattle Gobbler DLC Plus Update 20 (v1.7.0) 1.00 (HKLM-x32\...\Borderlands 2 Headhunter 2 Wattle Gobbler DLC Plus Update 20 (v1.7.0) 1.00) (Version: - )
Borderlands 2 Headhunter DLC 4 and 5 Plus Update 21 (v1.8.0) 1.00 (HKLM-x32\...\Borderlands 2 Headhunter DLC 4 and 5 Plus Update 21 (v1.8.0) 1.00) (Version: - )
Borderlands 2 Update 22 (v1.8.1) 1.00 (HKLM-x32\...\Borderlands 2 Update 22 (v1.8.1) 1.00) (Version: - )
Borderlands 2 Update 23 (v1.8.2) v1.8.2 (HKLM-x32\...\Borderlands 2 Update 23 (v1.8.2) v1.8.2) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0910.2222.38361 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Conexant HD Audio (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 1.0.52.0 - Conexant)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.40.0 - Conexant)
CPUID CPU-Z 1.66.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crashday (HKLM-x32\...\{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}) (Version: 0 - ATARI)
CrossLoop 2.82 (HKLM-x32\...\CrossLoop_is1) (Version: 2.82 - CrossLoop, Inc.)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.5.4 - ELAN Microelectronic Corp.)
DesktopEarth (HKLM-x32\...\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}) (Version: 2.1.1 - CodeFromThe70s.org)
DigitalPersona Fingerprint Software 6.2 (HKLM\...\{A59EF3E5-F532-4E13-9FCF-48B2836FE060}) (Version: 6.2.0.300 - DigitalPersona, Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dr. Hardware 2013 13.5d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version: - Peter A. Gebhard)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs)
FILEminimizer Suite (HKLM-x32\...\FILEminimizer Suite_is1) (Version: - balesio AG)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.10.1 - Androxyde)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Alarm Clock 2.7.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GameMaker-Studio 1.2 (HKCU\...\GameMaker-Studio12) (Version: - YoYo Games Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HD Video Converter Factory Pro (HKCU\...\HDVideoConverterFactoryPro) (Version: - WonderFox Soft, Inc. All Rights Reserved.)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IM-Magic Partition Resizer Professional 2013 (HKLM-x32\...\IM-Magic Partition Resizer Professional) (Version: 2013 - IM Magic Inc.)
Inpaint 5.5 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - Teorex)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Interaktive Sprachreise - Vokabeltrainer English (HKLM-x32\...\VTE_16_689501) (Version: - digital publishing AG)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kalenderchen 5 (HKLM-x32\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger)
kikin Plugin (NO23 Edition) 1.11 (HKLM-x32\...\kikin Plugin (NO23 Edition)) (Version: 1.11 - kikin)
Kingsoft Presentation (8.1.0.2948) (HKLM-x32\...\Kingsoft Presentation) (Version: 8.1.0.2948 - Kingsoft Corp.)
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Kvisoft Data Recovery1.5.2 (HKLM-x32\...\Kvisoft Data Recovery_is1) (Version: 1.5.2 - Kvisoft Co.,Ltd.)
LibreOffice 4.1.1.2 (HKLM-x32\...\{F1EE568A-171F-4C06-9BE6-2395BED067A3}) (Version: 4.1.1.2 - The Document Foundation)
LingoPad 2.5.1 (Build 325) (HKLM-x32\...\LingoPad_is1) (Version: 2.5.1 - Lingo4you GbR)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Macrorit Disk Partition Expert Professional 2013 (HKLM-x32\...\Macrorit Disk Partition Expert Professional) (Version: 2013 - Macrorit Inc.)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Monitor Calibration Wizard 1.0 (HKLM-x32\...\Monitor Calibration Wizard) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Perspective 1.0 (HKLM-x32\...\Perspective) (Version: 1.0 - Widdershins)
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhoXo (HKLM-x32\...\PhoXo) (Version: 8.1.0.0 - PhoXo)
Price Metér (remove only) (HKCU\...\Price Metér) (Version: 1.1.3.7 - Price Meter) <==== ATTENTION
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.18.621.2013 - Realtek)
Realtek USB 2.0 Card Reader Software (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - )
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Rise Of Legends (HKLM-x32\...\InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}) (Version: 1.00.0000 - Microsoft Game Studios)
Rise Of Legends (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
S4 League_EU (HKLM-x32\...\{9FD41083-BF60-4066-8ADF-124AC30CF733}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{AEF5DF33-00C7-439B-8F06-398F4288D4CF}) (Version: 1.00.0000 - )
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.2.201402071544 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0028 - ST Microelectronics)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
TaskmgrPro V1.4.5 (HKLM\...\TaskmgrPro_is1) (Version: - GoldGingko Software)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tipard DVD Ripper Platinum 6.2.20 (HKLM-x32\...\{C145A9AD-BD43-4255-B5F9-2803289C2F96}_is1) (Version: 6.2.20 - Tipard Studio)
Torchlight (HKLM-x32\...\Torchlight_is1) (Version: - GOG.com)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
UDPixel.exe (HKLM-x32\...\UDPixel) (Version: - )
Validity Sensors DDK (HKLM\...\{40BEDF44-88CF-4FF6-8790-882484452003}) (Version: 4.4.231.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare Video Editor(Build 3.1.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: 3.1.1.1 - Wondershare Software)
WordMatch (HKLM-x32\...\WordMatch) (Version: - )
WorldofTanks (HKCU\...\WorldofTanks) (Version: - WorldofTanks)
XBMC (HKCU\...\XBMC) (Version: - Team XBMC)
YTD Video Downloader 4.7.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.3 - GreenTree Applications SRL)
==================== Restore Points =========================
23-06-2014 10:44:32 Windows Update
27-06-2014 12:04:47 Sony PC Companion
07-07-2014 12:54:24 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {038E9733-51D5-4E0B-B93D-B6A7BD09BB4E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F81D5F9-CF65-45FD-84CB-6F1CD4524DED} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {1049907B-4E55-4A71-B0D3-BB2675B30122} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {28E5397B-965B-4798-B838-E6A2D681EB6E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4388B81A-3E0B-4F55-8ECE-298F7351E557} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {44DF73C2-9B98-4C2C-8E85-C0DF834916BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AB655C5-D943-4808-9C39-AD44D2AD17C0} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2013-02-26] (Beepa P/L)
Task: {5CB58F6F-6992-4709-95CF-15A85D639960} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {65A701E7-8C74-410B-9796-A480A9AAF83D} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {696BF4C9-EBE9-44D7-9289-9372E06995CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71A3046A-0C4D-4A6C-A44B-1944619A0FC3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74426CC3-4CE0-4119-A348-15D321736929} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7CE0AA23-0EF9-4F7B-8C56-4390303ABACB} - System32\Tasks\WpsUpdateTask_"MEIN NAME" => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-08-24] (Kingsoft Corp. Ltd.)
Task: {7F4950F8-021B-4DE0-B5DA-1D43E563EBEF} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {86F721A0-8E39-49DC-80B0-250BA29B3260} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA9BF5E2-9739-4D2E-8B9C-F4DC04C5EEBE} - \pricemeterwatcher No Task File <==== ATTENTION
Task: {B01CEC4F-A518-49BA-8782-BB1670FE266F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {BEAE672E-38D4-4E4E-AB73-A91CC6F61F1B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C08BDDF2-570E-41C2-B4DD-1DDE8C036F50} - \pricemetertask No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6D764C0-089F-479D-A813-6487EAB62BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2E385FD-11EF-4BE3-9946-0FCC658184A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {F6C89968-9838-496F-A35D-DF23407FA82D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {FCE1FB10-4193-4735-B5DC-AD94E401FE67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {FF37F708-02FC-4B0B-9D17-C08920CD9972} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {FFD40213-F5A0-4A75-A769-A0ED041D9D71} - System32\Tasks\Intel(R) Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-08] (Intel)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_"MEIN NAME".job => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe
==================== Loaded Modules (whitelisted) =============
2013-01-28 17:59 - 2012-04-25 04:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-22 14:40 - 2013-09-05 18:42 - 00337752 _____ () C:\Program Files\TaskmgrPro\TaskmgrPro.exe
2013-09-21 03:30 - 2013-05-22 11:03 - 00126232 _____ () C:\Program Files (x86)\FILEminimizer Suite\fmshell64.dll
2013-09-19 15:22 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-19 15:22 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-19 15:22 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-19 15:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-19 15:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-17 17:30 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2013-09-20 01:05 - 2013-09-20 01:05 - 00049152 _____ () C:\Program Files (x86)\Stickies\shook70.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-10 05:11 - 2014-07-10 05:11 - 00098816 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32api.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00110080 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pywintypes27.dll
2014-07-10 05:11 - 2014-07-10 05:11 - 00364544 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pythoncom27.dll
2014-07-10 05:11 - 2014-07-10 05:11 - 00045568 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_socket.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 01160704 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_ssl.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00320512 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32com.shell.shell.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00713216 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_hashlib.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 01175040 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._core_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00805888 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._gdi_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00811008 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._windows_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 01062400 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._controls_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00735232 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._misc_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00128512 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_elementtree.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00127488 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pyexpat.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00557056 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pysqlite2._sqlite.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00007168 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\hashobjs_ext.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00087552 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_ctypes.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00119808 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32file.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00108544 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32security.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00018432 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32event.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00038912 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32inet.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00070656 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._html2.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00167936 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32gui.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00011264 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32crypt.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00027136 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_multiprocessing.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00122368 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._wizard.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00010240 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\select.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00024064 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32pipe.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00686080 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\unicodedata.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00025600 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32pdh.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00525640 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\windows._lib_cacheinvalidation.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00035840 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32process.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00017408 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32profile.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00022528 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32ts.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00078336 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._animate.pyd
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-02-08 20:30 - 2013-09-12 12:55 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-01-28 18:03 - 2012-09-12 22:18 - 02003304 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-01-28 18:03 - 2012-08-06 11:59 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-01-28 18:03 - 2012-08-06 11:59 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\WINDOWS\SysWOW64\CN09T110P605JW:NW
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\"MEIN NAME"\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\"MEIN NAME"\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKCU\...\StartupApproved\StartupFolder: => "DesktopEarth AutoStart.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Sidebar.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKCU\...\StartupApproved\StartupFolder: => "UDPixel.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "Overwolf"
HKCU\...\StartupApproved\Run: => "Skype"
HKCU\...\StartupApproved\Run: => "Sony PC Companion"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/10/2014 05:10:42 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.
Error: (07/09/2014 03:45:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/09/2014 03:45:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/09/2014 02:15:22 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/07/2014 04:15:32 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.
Error: (07/07/2014 02:54:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (07/10/2014 05:10:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (07/10/2014 05:10:34 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Error: (07/10/2014 05:10:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/09/2014 02:15:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (07/09/2014 02:15:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Error: (07/09/2014 02:15:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/09/2014 02:15:03 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP070914-21515-01
Error: (07/09/2014 02:14:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 08.07.2014 um 17:25:20 unerwartet heruntergefahren.
Error: (07/07/2014 04:15:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (07/07/2014 04:15:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Microsoft Office Sessions:
=========================
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSFalscher Parameter. (0x80070057)
Error: (07/10/2014 05:10:42 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Error: (07/09/2014 03:45:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
Error: (07/09/2014 03:45:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSFalscher Parameter. (0x80070057)
Error: (07/09/2014 02:15:22 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSFalscher Parameter. (0x80070057)
Error: (07/07/2014 04:15:32 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Error: (07/07/2014 02:54:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
CodeIntegrity Errors:
===================================
Date: 2014-04-07 22:09:40.160
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-08 21:59:54.746
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 18:38:55.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 18:35:19.563
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 18:35:19.363
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 20:56:04.983
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 20:13:01.518
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 17:47:00.159
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 16:20:58.036
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 15:30:16.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 6013.27 MB
Available physical RAM: 2112.23 MB
Total Pagefile: 12157.27 MB
Available Pagefile: 8137.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.66 GB) (Free:36.82 GB) NTFS
Drive w: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:8.37 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7BA981E6)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 28FC915C)
Partition: GPT Partition Type.
==================== End Of Log ============================
Ok... editieren des 1. posts geht nicht mehr. Mist. dann hole ich dies hier nach mit 2. logfile. tut mir leid für das durcheinander. Guten morgen, liebe Forumshelfer. Zunächst möchte ich meinen Dank an euch aussprechen, ihr seid ein Segen und habt schon viele aus ihrer Misere erlöst, ein ganz großes Danke dafür. -Nun zu meinem Problem: Der im Titel stehende Trojaner ist laut AVG dem "Typ" "Prozess" und "E-Mail, Archiv" zugeordnet/ dort zugange. Ich bin mir nicht sicher, ob es sich um mehrere Trojaner oder nur um die Besetzung eines mehrerer Areale handelt). Bisher sind mir keinerlei Veränderungen seid und durch den Trojaner aufgefallen. Es ist mir etwas unangenehm, jetzt schon schreiben zu müssen, dass es bereits an Schritt 2 (FRST) der Vorsorgungen vor Erstellung ein Problem gab. Dort erwartete mich eine Fehlermeldung: "(Exception EAccess Violation in Module Erunt.exe at 00003A62. Access Violation at address 00403A62 in Module ´Erunt.exe´. Read of address 0069005C." Der Scan ergab IM NÄCHSTEN POSTBLOCK offengelegte .txt Dateien. - Da die Dateien zu lang sind, ich jedoch nicht als push wahrgenommen werden will, hänge ich sie lieber an. Falls anders gewünscht, poste ich sie gerne noch einmal so. beim GMER tool (hab immer im Administrator geöffnet, vorher alles geschlossen, Internetverbindung gekappt und AVG vorübergehend aktiviert) habe ich direkt eine Fehlermeldung erhalten ("C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird"), die das Programm auch direkt zum "... funktioniert nicht mehr und muss geschlossen werden" gebracht hat. Antworten meinerseits kommen so fix wie es geht. Eine Frage vorweg: Muss ich mir sorgen um meine Passwortsicherheit machen? - Ich logge mich jetzt nirgendwo mehr ein, bis der Virus hoffentlich vollständig terminiert ist. Auch läuft mein AVG jeden Tag, also habe ich ihn innerhalb der letzten 24h eingefangen, da war ich jedoch schon in meinem Onlinebankkonto und in meinem E-mail Postfach zugange. Vielleicht unwichtig, aber dies ist mein erster richtiger Trojaner bisher. Da ich den ganzen Tag mich hier bereitstelle denke ich, dass das hier kein stehender Prozess sein wird, wenn sich jemand meiner annehmen würde. -Antworten meinerseits kommen so fix wie es geht. Vielen Dank im voraus! "Addition" .txt:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by "MEIN NAME" at 2014-07-10 08:58:33
Running from C:\Users\"MEIN NAME"\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{DE18940E-5986-480A-8518-7327D14756D3}) (Version: 6.0.0 - Helmut Buhler)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C7A772A4-73CF-EB06-172F-75C5F6C80AAC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
Apowersoft Bildschirmrekorder Pro V1.1.9 (HKLM-x32\...\{BADAA284-1D15-4EBB-B1E5-7C86603CDBBB}_is1) (Version: 1.1.9 - Apowersoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
BenVista PhotoZoom Classic 4.1.4 (HKCU\...\PhotoZoom Classic 4) (Version: 4.1.4 - BenVista Ltd.)
Blackthorne (HKLM-x32\...\{C563EEF9-17FF-4563-8B78-82AF0C4577CE}) (Version: 1.0.0 - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.17.916 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{7E6316CA-5ED0-4EF9-9920-A92115E286B7}) (Version: 0.7.17.916 - BlueStack Systems, Inc.)
Bontago (HKLM-x32\...\Bontago) (Version: 1.0 - )
Borderlands 2 All in One DLC-Pack Plus Update 12 (v.1.3.1 + Hotfix) 1.00 (HKLM-x32\...\Borderlands 2 All in One DLC-Pack Plus Update 12 (v.1.3.1 + Hotfix) 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
Borderlands 2 Game of the Year Edition MULTI-2 1.6.0 (HKLM-x32\...\Borderlands 2 Game of the Year Edition MULTI-2 1.6.0) (Version: - )
Borderlands 2 Headhunter 1 Bloody Harvest DLC Plus Update 19 (v1.6.0) 1.00 (HKLM-x32\...\Borderlands 2 Headhunter 1 Bloody Harvest DLC Plus Update 19 (v1.6.0) 1.00) (Version: - )
Borderlands 2 Headhunter 2 Wattle Gobbler DLC Plus Update 20 (v1.7.0) 1.00 (HKLM-x32\...\Borderlands 2 Headhunter 2 Wattle Gobbler DLC Plus Update 20 (v1.7.0) 1.00) (Version: - )
Borderlands 2 Headhunter DLC 4 and 5 Plus Update 21 (v1.8.0) 1.00 (HKLM-x32\...\Borderlands 2 Headhunter DLC 4 and 5 Plus Update 21 (v1.8.0) 1.00) (Version: - )
Borderlands 2 Update 22 (v1.8.1) 1.00 (HKLM-x32\...\Borderlands 2 Update 22 (v1.8.1) 1.00) (Version: - )
Borderlands 2 Update 23 (v1.8.2) v1.8.2 (HKLM-x32\...\Borderlands 2 Update 23 (v1.8.2) v1.8.2) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0910.2222.38361 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Classic Shell (HKLM\...\{FEA1590B-540A-41FC-A95C-664493C82A21}) (Version: 3.6.8 - IvoSoft)
Conexant HD Audio (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 1.0.52.0 - Conexant)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.40.0 - Conexant)
CPUID CPU-Z 1.66.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crashday (HKLM-x32\...\{9C27ADE1-EAFB-4BB7-9FE3-5DD9BA9A3DD2}) (Version: 0 - ATARI)
CrossLoop 2.82 (HKLM-x32\...\CrossLoop_is1) (Version: 2.82 - CrossLoop, Inc.)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415a - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (x32 Version: 10.0.1.1913 - CyberLink Corp.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1904 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1904 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4318.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.5.4 - ELAN Microelectronic Corp.)
DesktopEarth (HKLM-x32\...\{DBA5E973-660D-4CBE-A469-F5C37FBF0CE4}) (Version: 2.1.1 - CodeFromThe70s.org)
DigitalPersona Fingerprint Software 6.2 (HKLM\...\{A59EF3E5-F532-4E13-9FCF-48B2836FE060}) (Version: 6.2.0.300 - DigitalPersona, Inc.)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dr. Hardware 2013 13.5d (HKLM-x32\...\Dr. Hardware 2013_is1) (Version: - Peter A. Gebhard)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs)
FILEminimizer Suite (HKLM-x32\...\FILEminimizer Suite_is1) (Version: - balesio AG)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.10.1 - Androxyde)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Alarm Clock 2.7.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 2.7 - Comfort Software Group)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GameMaker-Studio 1.2 (HKCU\...\GameMaker-Studio12) (Version: - YoYo Games Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HD Video Converter Factory Pro (HKCU\...\HDVideoConverterFactoryPro) (Version: - WonderFox Soft, Inc. All Rights Reserved.)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{56F91CE8-0168-4619-8FEC-13F5087E40F8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IM-Magic Partition Resizer Professional 2013 (HKLM-x32\...\IM-Magic Partition Resizer Professional) (Version: 2013 - IM Magic Inc.)
Inpaint 5.5 (HKLM\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - Teorex)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1056 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Interaktive Sprachreise - Vokabeltrainer English (HKLM-x32\...\VTE_16_689501) (Version: - digital publishing AG)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kalenderchen 5 (HKLM-x32\...\{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1) (Version: - Daniel Manger)
kikin Plugin (NO23 Edition) 1.11 (HKLM-x32\...\kikin Plugin (NO23 Edition)) (Version: 1.11 - kikin)
Kingsoft Presentation (8.1.0.2948) (HKLM-x32\...\Kingsoft Presentation) (Version: 8.1.0.2948 - Kingsoft Corp.)
K-Lite Codec Pack 10.3.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Kvisoft Data Recovery1.5.2 (HKLM-x32\...\Kvisoft Data Recovery_is1) (Version: 1.5.2 - Kvisoft Co.,Ltd.)
LibreOffice 4.1.1.2 (HKLM-x32\...\{F1EE568A-171F-4C06-9BE6-2395BED067A3}) (Version: 4.1.1.2 - The Document Foundation)
LingoPad 2.5.1 (Build 325) (HKLM-x32\...\LingoPad_is1) (Version: 2.5.1 - Lingo4you GbR)
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Macrorit Disk Partition Expert Professional 2013 (HKLM-x32\...\Macrorit Disk Partition Expert Professional) (Version: 2013 - Macrorit Inc.)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Monitor Calibration Wizard 1.0 (HKLM-x32\...\Monitor Calibration Wizard) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 de)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
NEF Codec (HKLM-x32\...\{D6506521-0959-4FA3-875F-E2E28830B0D2}) (Version: 1.00.0000 - Nikon)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Opera Stable 21.0.1432.67 (HKLM-x32\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
Password Safe (HKLM-x32\...\Password Safe) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Perspective 1.0 (HKLM-x32\...\Perspective) (Version: 1.0 - Widdershins)
phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhoXo (HKLM-x32\...\PhoXo) (Version: 8.1.0.0 - PhoXo)
Price Metér (remove only) (HKCU\...\Price Metér) (Version: 1.1.3.7 - Price Meter) <==== ATTENTION
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.026 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.18.621.2013 - Realtek)
Realtek USB 2.0 Card Reader Software (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - )
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Rise Of Legends (HKLM-x32\...\InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}) (Version: 1.00.0000 - Microsoft Game Studios)
Rise Of Legends (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
S4 League_EU (HKLM-x32\...\{9FD41083-BF60-4066-8ADF-124AC30CF733}) (Version: 1.00.0000 - )
S4 League_EU (HKLM-x32\...\{AEF5DF33-00C7-439B-8F06-398F4288D4CF}) (Version: 1.00.0000 - )
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version: - Seagate Technology)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.2.201402071544 - Sony Mobile Communications AB)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0028 - ST Microelectronics)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
TaskmgrPro V1.4.5 (HKLM\...\TaskmgrPro_is1) (Version: - GoldGingko Software)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tipard DVD Ripper Platinum 6.2.20 (HKLM-x32\...\{C145A9AD-BD43-4255-B5F9-2803289C2F96}_is1) (Version: 6.2.20 - Tipard Studio)
Torchlight (HKLM-x32\...\Torchlight_is1) (Version: - GOG.com)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
UDPixel.exe (HKLM-x32\...\UDPixel) (Version: - )
Validity Sensors DDK (HKLM\...\{40BEDF44-88CF-4FF6-8790-882484452003}) (Version: 4.4.231.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare Video Editor(Build 3.1.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: 3.1.1.1 - Wondershare Software)
WordMatch (HKLM-x32\...\WordMatch) (Version: - )
WorldofTanks (HKCU\...\WorldofTanks) (Version: - WorldofTanks)
XBMC (HKCU\...\XBMC) (Version: - Team XBMC)
YTD Video Downloader 4.7.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.7.3 - GreenTree Applications SRL)
==================== Restore Points =========================
23-06-2014 10:44:32 Windows Update
27-06-2014 12:04:47 Sony PC Companion
07-07-2014 12:54:24 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {038E9733-51D5-4E0B-B93D-B6A7BD09BB4E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F81D5F9-CF65-45FD-84CB-6F1CD4524DED} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {1049907B-4E55-4A71-B0D3-BB2675B30122} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {28E5397B-965B-4798-B838-E6A2D681EB6E} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4388B81A-3E0B-4F55-8ECE-298F7351E557} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {44DF73C2-9B98-4C2C-8E85-C0DF834916BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5AB655C5-D943-4808-9C39-AD44D2AD17C0} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2013-02-26] (Beepa P/L)
Task: {5CB58F6F-6992-4709-95CF-15A85D639960} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {65A701E7-8C74-410B-9796-A480A9AAF83D} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {696BF4C9-EBE9-44D7-9289-9372E06995CC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71A3046A-0C4D-4A6C-A44B-1944619A0FC3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {74426CC3-4CE0-4119-A348-15D321736929} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7CE0AA23-0EF9-4F7B-8C56-4390303ABACB} - System32\Tasks\WpsUpdateTask_"MEIN NAME" => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-08-24] (Kingsoft Corp. Ltd.)
Task: {7F4950F8-021B-4DE0-B5DA-1D43E563EBEF} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {86F721A0-8E39-49DC-80B0-250BA29B3260} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA9BF5E2-9739-4D2E-8B9C-F4DC04C5EEBE} - \pricemeterwatcher No Task File <==== ATTENTION
Task: {B01CEC4F-A518-49BA-8782-BB1670FE266F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {BEAE672E-38D4-4E4E-AB73-A91CC6F61F1B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {C08BDDF2-570E-41C2-B4DD-1DDE8C036F50} - \pricemetertask No Task File <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6D764C0-089F-479D-A813-6487EAB62BCD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F2E385FD-11EF-4BE3-9946-0FCC658184A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-17] (Google Inc.)
Task: {F6C89968-9838-496F-A35D-DF23407FA82D} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {FCE1FB10-4193-4735-B5DC-AD94E401FE67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {FF37F708-02FC-4B0B-9D17-C08920CD9972} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {FFD40213-F5A0-4A75-A769-A0ED041D9D71} - System32\Tasks\Intel(R) Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-09-08] (Intel)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_"MEIN NAME".job => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe
==================== Loaded Modules (whitelisted) =============
2013-01-28 17:59 - 2012-04-25 04:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-10-04 00:42 - 2013-10-04 00:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-22 14:40 - 2013-09-05 18:42 - 00337752 _____ () C:\Program Files\TaskmgrPro\TaskmgrPro.exe
2013-09-21 03:30 - 2013-05-22 11:03 - 00126232 _____ () C:\Program Files (x86)\FILEminimizer Suite\fmshell64.dll
2013-09-19 15:22 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-19 15:22 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-19 15:22 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-19 15:22 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-19 15:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-17 17:30 - 2012-09-05 18:55 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll
2013-09-20 01:05 - 2013-09-20 01:05 - 00049152 _____ () C:\Program Files (x86)\Stickies\shook70.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-13 21:44 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-10 05:11 - 2014-07-10 05:11 - 00098816 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32api.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00110080 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pywintypes27.dll
2014-07-10 05:11 - 2014-07-10 05:11 - 00364544 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pythoncom27.dll
2014-07-10 05:11 - 2014-07-10 05:11 - 00045568 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_socket.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 01160704 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_ssl.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00320512 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32com.shell.shell.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00713216 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_hashlib.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 01175040 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._core_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00805888 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._gdi_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00811008 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._windows_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 01062400 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._controls_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00735232 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._misc_.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00128512 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_elementtree.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00127488 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pyexpat.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00557056 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\pysqlite2._sqlite.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00007168 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\hashobjs_ext.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00087552 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_ctypes.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00119808 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32file.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00108544 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32security.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00018432 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32event.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00038912 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32inet.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00070656 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._html2.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00167936 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32gui.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00011264 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32crypt.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00027136 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\_multiprocessing.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00122368 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._wizard.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00010240 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\select.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00024064 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32pipe.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00686080 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\unicodedata.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00025600 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32pdh.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00525640 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\windows._lib_cacheinvalidation.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00035840 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32process.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00017408 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32profile.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00022528 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\win32ts.pyd
2014-07-10 05:11 - 2014-07-10 05:11 - 00078336 _____ () C:\Users\"MEIN NAME"\AppData\Local\Temp\_MEI81202\wx._animate.pyd
2014-04-10 14:30 - 2014-04-10 14:30 - 00134664 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
2014-02-08 20:30 - 2013-09-12 12:55 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-01-28 18:03 - 2012-09-12 22:18 - 02003304 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-01-28 18:03 - 2012-08-06 11:59 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-01-28 18:03 - 2012-08-06 11:59 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\WINDOWS\SysWOW64\CN09T110P605JW:NW
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\Users\"MEIN NAME"\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\"MEIN NAME"\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKCU\...\StartupApproved\StartupFolder: => "DesktopEarth AutoStart.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Sidebar.lnk"
HKCU\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKCU\...\StartupApproved\StartupFolder: => "UDPixel.lnk"
HKCU\...\StartupApproved\Run: => "Steam"
HKCU\...\StartupApproved\Run: => "Overwolf"
HKCU\...\StartupApproved\Run: => "Skype"
HKCU\...\StartupApproved\Run: => "Sony PC Companion"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/10/2014 05:10:42 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.
Error: (07/09/2014 03:45:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/09/2014 03:45:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/09/2014 02:15:22 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (07/07/2014 04:15:32 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.
Error: (07/07/2014 02:54:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (07/10/2014 05:10:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (07/10/2014 05:10:34 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Error: (07/10/2014 05:10:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/09/2014 02:15:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (07/09/2014 02:15:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Error: (07/09/2014 02:15:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BlueStacks Hypervisor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/09/2014 02:15:03 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000133 (0x0000000000000001, 0x0000000000001e00, 0x0000000000000000, 0x0000000000000000)C:\WINDOWS\MEMORY.DMP070914-21515-01
Error: (07/09/2014 02:14:59 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 08.07.2014 um 17:25:20 unerwartet heruntergefahren.
Error: (07/07/2014 04:15:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14001
Error: (07/07/2014 04:15:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "BlueStacks Android Service" ist vom Dienst "BlueStacks Hypervisor" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2
Microsoft Office Sessions:
=========================
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
Error: (07/10/2014 06:06:33 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSFalscher Parameter. (0x80070057)
Error: (07/10/2014 05:10:42 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Error: (07/09/2014 03:45:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
Error: (07/09/2014 03:45:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSFalscher Parameter. (0x80070057)
Error: (07/09/2014 02:15:22 AM) (Source: SideBySide) (EventID: 79) (User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
Error: (07/07/2014 06:09:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINRETOOLSFalscher Parameter. (0x80070057)
Error: (07/07/2014 04:15:32 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
Error: (07/07/2014 02:54:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{bea0919e-bedc-40b3-9a41-441b01c028ab}\Falscher Parameter. (0x80070057)
CodeIntegrity Errors:
===================================
Date: 2014-04-07 22:09:40.160
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-08 21:59:54.746
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 18:38:55.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 18:35:19.563
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-07 18:35:19.363
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\igdpmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 20:56:04.983
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 20:13:01.518
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 17:47:00.159
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 16:20:58.036
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-01-11 15:30:16.433
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\IntcDAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 64%
Total physical RAM: 6013.27 MB
Available physical RAM: 2112.23 MB
Total Pagefile: 12157.27 MB
Available Pagefile: 8137.27 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:921.66 GB) (Free:36.82 GB) NTFS
Drive w: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
Drive x: (PBR Image) (Fixed) (Total:8.37 GB) (Free:0.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7BA981E6)
Partition: GPT Partition Type.
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 28FC915C)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
11.07.2014, 08:21
| #4 |
| /// the machine /// TB-Ausbilder | (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper" Adware & Co. deinstallieren
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu (mehrere) Trojanermeldung(en) AVG (Win8.1) : "Trojaner: Dropper.Generic2.ANGG.dropper" |
| anleitung, archiv, avg, e-mail, eingefangen, fehlermeldung, fix, frage, großes, guten, mehrere trojaner, module, morgen, problem, prozess, sicherheit, sorge, stelle, trojaner, violation, virus, wichtig, win, win8.1, worte, würde |
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
