| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus auf Error 404-Seite?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.07.2014, 18:25
| #1 |
| |  Virus auf Error 404-Seite? Hallo, ich habe vor kurzem dummerweise den Link einer Spammail geöffnet (der Text der E-Mail bestand nur aus diesem Link; die E-Mail hatte - glaube ich - keinen Anhang). Beim Öffnen des Links erschien eine Error 404-Seite. Ein paar Tage später las ich dann, dass über Yahoo-Konten Spammails verschickt werden (besagte Mail wurde über eine Yahoo-Adresse verschickt). Ich habe dann mit meinem Antivirenprogramm (Avira Free Antivirus) eine Systemprüfung durchgeführt. Dabei wurde zwar nichts Verdächtiges gefunden, aber das muss ja nicht unbedingt was heißen. Daher nun meine Fragen: 1. Können Error 404-Seiten Viren oder Trojaner enthalten? 2. Sind Fälle von gefakten Error 404-Seiten bekannt? Gruß, sdfhjk |
|
10.07.2014, 18:39
| #2 |
| /// the machine /// TB-Ausbilder    | Virus auf Error 404-Seite? Hi,
__________________möglich is alles. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.07.2014, 19:41
| #3 |
| | Virus auf Error 404-Seite? FRST.txt:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014
Ran by User (administrator) on MSI on 10-07-2014 20:16:20
Running from C:\Users\User\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Engelmann Media) C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Windows Net) C:\Users\User\AppData\Roaming\Windows Net Data\net.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [BlueStacks Agent] => c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3471801120-3442921855-1173847551-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\S-1-5-21-3471801120-3442921855-1173847551-1002\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShowDesktop.scf ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win8Starter.lnk
ShortcutTarget: Win8Starter.lnk -> C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe (Engelmann Media)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\User\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - DefaultScope {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 05 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9 18 C:\Windows\SysWOW64\BfLLR.dll [196096] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 05 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 06 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 18 %SYSTEMROOT%\system32\BfLLR.dll [216064] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\amazon-icon@giga.de [2013-11-16]
FF Extension: pricealarm - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-11-16]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\sparpilot@sparpilot.com [2014-04-15]
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: NoSquint - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\nosquint@urandom.ca.xpi [2013-10-16]
FF Extension: {937406fd-bbb8-406a-97de-846178fc637d} - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{937406fd-bbb8-406a-97de-846178fc637d}.xpi [2014-01-09]
FF Extension: PDF Print Converter Light - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{ef796d38-5147-442b-9047-3c859326b80f}.xpi [2014-01-12]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1030224 2014-07-10] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-08] (BlueStack Systems, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-11-01] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-21] (Ellora Assets Corp.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) [File not signed]
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [42040 2014-07-10] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
R2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-08] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation )
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-10 20:16 - 2014-07-10 20:17 - 00021115 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-10 20:16 - 2014-07-10 20:16 - 00000000 ____D () C:\FRST
2014-07-10 20:13 - 2014-07-10 20:13 - 02084352 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-09 19:56 - 2014-07-09 19:56 - 524648600 _____ () C:\Users\User\Downloads\Bilderbuch_14.07.09_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-09 19:46 - 2014-07-09 19:55 - 524649122 _____ () C:\Users\User\Downloads\Bilderbuch_14.07.09_14-45_sw3_45_TVOON_DE.mpg.avi.otrkey
2014-07-09 12:03 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 12:03 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-07 16:10 - 2014-05-15 03:02 - 00059424 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-07 16:10 - 2014-05-15 00:43 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-07 16:10 - 2014-05-15 00:43 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-07 16:10 - 2014-05-15 00:43 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-07 16:10 - 2014-05-15 00:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-03 22:07 - 2014-07-03 22:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-27 15:37 - 2014-06-27 15:37 - 00926970 _____ () C:\Users\User\Documents\7344447_mp4_h264_aac.flv
2014-06-11 11:57 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 11:57 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 11:57 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 11:57 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-11 11:57 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 11:57 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 11:57 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 11:57 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 11:57 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 11:57 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 11:57 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 11:57 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 11:57 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 11:57 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 11:57 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-11 11:57 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 11:57 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-11 11:57 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-11 11:57 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-11 11:57 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-11 11:57 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-11 11:57 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-11 11:57 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-11 11:57 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-11 11:52 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 11:52 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 11:52 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
==================== One Month Modified Files and Folders =======
2014-07-10 20:17 - 2014-07-10 20:16 - 00021115 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-10 20:17 - 2013-05-03 01:22 - 00000000 ____D () C:\ProgramData\Realtek
2014-07-10 20:16 - 2014-07-10 20:16 - 00000000 ____D () C:\FRST
2014-07-10 20:13 - 2014-07-10 20:13 - 02084352 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-10 20:05 - 2013-10-24 00:47 - 00000000 ____D () C:\Users\User\Documents\Studium
2014-07-10 20:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-10 19:36 - 2013-10-16 15:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-10 19:27 - 2013-10-16 13:51 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-10 18:45 - 2013-10-15 17:48 - 00057288 _____ () C:\Users\User\AppData\Local\BTServer.log
2014-07-10 16:17 - 2013-10-19 00:14 - 00000000 ____D () C:\Users\User\dwhelper
2014-07-10 16:16 - 2013-10-18 23:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-07-10 14:50 - 2013-10-15 17:45 - 01768395 _____ () C:\Windows\WindowsUpdate.log
2014-07-10 14:31 - 2013-10-15 21:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-10 14:31 - 2013-10-15 19:26 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-10 14:30 - 2013-10-16 13:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-10 14:30 - 2013-05-03 01:20 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-07-10 01:31 - 2014-02-15 18:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-09 19:56 - 2014-07-09 19:56 - 524648600 _____ () C:\Users\User\Downloads\Bilderbuch_14.07.09_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-09 19:55 - 2014-07-09 19:46 - 524649122 _____ () C:\Users\User\Downloads\Bilderbuch_14.07.09_14-45_sw3_45_TVOON_DE.mpg.avi.otrkey
2014-07-09 17:27 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-09 17:26 - 2013-10-18 02:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:26 - 2013-10-15 18:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 17:25 - 2013-10-18 02:23 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:25 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-08 19:36 - 2013-12-10 22:39 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:36 - 2013-10-16 15:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-04 13:07 - 2013-10-16 14:02 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-07-03 22:07 - 2014-07-03 22:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-03 21:36 - 2013-10-15 19:26 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 20:34 - 2013-10-28 06:10 - 00000000 ____D () C:\Users\User\Downloads\Schätze der Welt
2014-07-02 16:17 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-27 15:37 - 2014-06-27 15:37 - 00926970 _____ () C:\Users\User\Documents\7344447_mp4_h264_aac.flv
2014-06-24 04:24 - 2013-02-22 10:34 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-06-24 04:24 - 2013-02-22 10:34 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-06-24 04:24 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-23 02:39 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-23 02:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-22 04:22 - 2013-10-16 13:51 - 00004086 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 04:22 - 2013-10-16 13:51 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-13 14:33 - 2014-03-16 20:53 - 00000000 ____D () C:\Windows\rescache
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\User\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\User\AppData\Local\Temp\AskSLib.dll
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\COMAP.EXE
C:\Users\User\AppData\Local\Temp\FreemakeVideoConverter_4.0.4.5.exe
C:\Users\User\AppData\Local\Temp\FreemakeVideoConverter_4.1.0.1.exe
C:\Users\User\AppData\Local\Temp\FreemakeVideoDownloader_3.6.0.2.exe
C:\Users\User\AppData\Local\Temp\FreemakeVideoDownloader_3.6.2.0.exe
C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\ose00000.exe
C:\Users\User\AppData\Local\Temp\sdanircmdc.exe
C:\Users\User\AppData\Local\Temp\sdapskill.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-02 04:14
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014
Ran by User at 2014-07-10 20:17:23
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3505.0912 - „Microsoft Corporation“) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Common File Installer (x32 Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Help Center 2.1 (x32 Version: 2.1 - Adobe Systems) Hidden
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (x32 Version: 5.0 - Adobe Systems, Inc.) Hidden
Adobe Premiere Elements 3.0 (HKLM-x32\...\PremElem30) (Version: 3.0.0 - Ihr Firmenname)
Adobe Premiere Elements 3.0 (x32 Version: 3.0.0 - Ihr Firmenname) Hidden
Adobe Premiere Elements 3.0 Templates (HKLM-x32\...\{6EACDDF4-4220-49A3-9204-984C86852C3D}) (Version: 1.0.0 - Ihr Firmenname)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.1.0.1 - Aerosoft)
aerosoft's - Berlin-Wittenberg (HKLM-x32\...\{04D946B3-0B81-41A4-A793-B59000EAEAA8}) (Version: 1.00 - aerosoft)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
BlueStacks App Player (HKLM-x32\...\{1AE65157-6E14-49AF-98DF-447927FBC142}) (Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.0.2905 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citybus Simulator Munich (HKLM-x32\...\{7ABA5F78-0EFE-4144-A918-1ACBC7552EC0}) (Version: 1.24 - aerosoft)
Cool Edit Pro 2.1 (HKLM-x32\...\Cool Edit Pro 2.1) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.5.2 - Mediamond Tmi)
DVD-Cover Printmaster 1.4 (HKLM-x32\...\{38AFE2B1-19DB-432A-BA4A-410BFBA78DCE}) (Version: 1.4 - biu software)
DVDStyler v2.5.1 (HKLM-x32\...\DVDStyler_is1) (Version: - )
ETDWare PS/2-X64 11.13.2.4_WHQL (HKLM\...\Elantech) (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
F1 2012 Demo (HKLM-x32\...\Steam App 211940) (Version: - Codemasters Birmingham)
FIFA 12 CAREER MODE EDITOR V. 1.0 BY DOCTOR+ PRODUCTIONS (HKCU\...\FIFA 12 CAREER MODE EDITOR V. 1.0 BY DOCTOR+ PRODUCTIONS) (Version: - )
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.3 - Electronic Arts)
File Master Version 14.0 (HKLM-x32\...\File Master_is1) (Version: - FIFA MASTER)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Freemake Video Converter Version 4.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.0 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP ENVY 4500 series - Grundlegende Software für das Gerät (HKLM\...\{E7A3B455-76AD-423A-AE5E-F431C69BF2B0}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{28f90ef6-5415-4182-a638-3232ad7aa8eb}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSI Remind Manager (HKLM-x32\...\{7359585E-A828-4EFC-8177-7D1883DDA0B5}) (Version: 2.12.1003 - MSI)
MSI Social Media Collection (HKLM-x32\...\{5EE31A9B-EA26-41EA-B4B6-73910C5E06DC}) (Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero CoverDesigner (HKLM-x32\...\{3143E3EB-17A5-48F9-90FC-D7CA556CA210}) (Version: 12.0.01500 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10003 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoDose 5.3 (HKLM-x32\...\Photo Dose_is1) (Version: - )
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
Qualcomm Atheros Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.550 - Qualcomm Atheros)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - )
SCM (HKLM\...\{B6595BD7-9B3F-4B7B-9A8B-4410A983E1CD}) (Version: 13.013.04234 - Application)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.01 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.1.3.0 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.017 - MSI)
Train Simulator 2014 (HKLM-x32\...\Steam App 24010) (Version: - RailSimulator.com)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Win8Starter (HKLM\...\{F9383649-ED4F-47E5-0001-CB1F0FEBD122}) (Version: 1.0.13.703 - Engelmann Media GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - společnost Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Корпорація Майкрософт) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Utils (HKLM-x32\...\Windows Utils) (Version: - )
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinZip 16.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D3}) (Version: 16.5.10095 - WinZip Computing, S.L. )
World of Subways Vol. 3 (HKLM-x32\...\{3D294F77-AD11-45A5-B56B-E0D9C63C21FF}) (Version: 1.2 - aerosoft)
World of Subways Vol.2 (HKLM-x32\...\{0A902DF4-B767-49DB-98D3-D413E6F1E703}) (Version: 1.40 - TML-Studios)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 16.4.3505.0912 - Корпорация Майкрософт) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
07-07-2014 12:19:21 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1F6A2D16-5F0F-476F-924E-E048F7749324} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {56400D06-B081-4809-A02E-322F3D86C77A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {6548FBF1-A84D-4CC0-9A44-A34FB5460EF6} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {68F45CEA-3C07-4FED-A794-4CF496C91E80} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {7A504E2F-3BDA-4823-AF5E-5B994C314F9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16] (Google Inc.)
Task: {867C1B65-6C48-4FAA-B810-399D077CC145} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {8C110407-E81A-4930-8FFB-6EBA3D50F4E0} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D472E6A2-F292-4738-93A9-D16A8224108A} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F065311E-8918-44C4-BA7B-D419D64668D0} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2006-09-14 08:56 - 2006-09-14 08:56 - 00102400 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2013-05-03 01:22 - 2012-12-07 22:38 - 00039424 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2013-03-15 21:22 - 2013-03-15 21:22 - 00495616 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
2011-05-10 05:46 - 2011-05-10 05:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 05:56 - 2011-05-10 05:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 05:47 - 2011-05-10 05:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 05:48 - 2011-05-10 05:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 21:32 - 2011-05-10 21:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-05-03 01:34 - 2012-11-01 20:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-03-15 21:22 - 2013-03-15 21:22 - 00553984 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
2013-03-15 21:22 - 2013-03-15 21:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 21:22 - 2013-03-15 21:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2012-12-05 11:35 - 2012-12-05 11:35 - 00454144 _____ () C:\Windows\system32\EMRegSys.dll
2012-07-24 21:06 - 2012-07-24 21:06 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2013-05-03 01:15 - 2013-03-12 22:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-15 18:28 - 2014-02-15 18:28 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-08-16 05:12 - 2011-08-16 05:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 20:57 - 2012-06-14 20:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-16 05:12 - 2011-08-16 05:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-16 05:15 - 2011-08-16 05:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 01:41 - 2011-08-18 01:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-18 01:48 - 2011-08-18 01:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-18 01:48 - 2011-08-18 01:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-16 04:23 - 2011-08-16 04:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 20:56 - 2012-06-14 20:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 21:06 - 2012-06-14 21:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 20:55 - 2012-06-14 20:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-20 01:05 - 2011-07-20 01:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-16 05:17 - 2011-08-16 05:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-20 01:04 - 2011-07-20 01:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2014 01:07:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.0.0, Zeitstempel: 0x523f7ac4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057431
ID des fehlerhaften Prozesses: 0x319c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (06/27/2014 03:37:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: StreamTransport.exe, Version: 1.1.3.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: sockhook.dll, Version: 1.0.2.436, Zeitstempel: 0x533a0ee3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000410bf
ID des fehlerhaften Prozesses: 0x280
Startzeit der fehlerhaften Anwendung: 0xStreamTransport.exe0
Pfad der fehlerhaften Anwendung: StreamTransport.exe1
Pfad des fehlerhaften Moduls: StreamTransport.exe2
Berichtskennung: StreamTransport.exe3
Vollständiger Name des fehlerhaften Pakets: StreamTransport.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: StreamTransport.exe5
Error: (06/23/2014 01:20:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.0.0, Zeitstempel: 0x523f7ac4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00057431
ID des fehlerhaften Prozesses: 0x1bec
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5
Error: (06/23/2014 02:39:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/23/2014 02:12:31 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/13/2014 10:01:49 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/11/2014 02:41:02 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Outlook
Error: (06/11/2014 02:41:02 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Outlook8
Error: (06/07/2014 05:14:26 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/07/2014 03:41:55 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
System errors:
=============
Error: (07/02/2014 04:14:35 AM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (06/23/2014 02:39:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/23/2014 02:12:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/21/2014 01:49:55 PM) (Source: DCOM) (EventID: 10010) (User: MSI)
Description: {0006F03A-0000-0000-C000-000000000046}
Error: (06/13/2014 10:01:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/13/2014 09:15:40 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (06/10/2014 05:15:28 AM) (Source: DCOM) (EventID: 10000) (User: MSI)
Description: "C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE" -Embedding5{0006F03A-0000-0000-C000-000000000046}
Error: (06/07/2014 05:14:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/07/2014 03:41:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (05/31/2014 02:53:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Microsoft Office Sessions:
=========================
Error: (07/04/2014 01:07:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.0.0523f7ac4ntdll.dll6.2.9200.16578515fac6ec000000500057431319c01cf977813bf1ba1C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll58902575-036b-11e4-be9a-240a649ca8c6
Error: (06/27/2014 03:37:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: StreamTransport.exe1.1.3.02a425e19sockhook.dll1.0.2.436533a0ee3c0000005000410bf28001cf920cf4270abeC:\Program Files (x86)\StreamTransport\StreamTransport.exeC:\Program Files (x86)\StreamTransport\sockhook.dll3fdbd14c-fe00-11e3-be9a-240a649ca8c6
Error: (06/23/2014 01:20:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.0.0523f7ac4ntdll.dll6.2.9200.16578515fac6ec0000005000574311bec01cf8ed50584f7a9C:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Windows\SYSTEM32\ntdll.dll6326836b-fac8-11e3-be9a-240a649ca8c6
Error: (06/23/2014 02:39:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/23/2014 02:12:31 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/13/2014 10:01:49 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/11/2014 02:41:02 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Outlook
Error: (06/11/2014 02:41:02 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Outlook8
Error: (06/07/2014 05:14:26 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/07/2014 03:41:55 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8111.66 MB
Available physical RAM: 5699.71 MB
Total Pagefile: 10415.66 MB
Available Pagefile: 7353.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:630.45 GB) (Free:123.94 GB) NTFS
Drive d: (Data) (Fixed) (Total:281.35 GB) (Free:251.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: E6095D1C)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
11.07.2014, 13:44
| #4 |
| /// the machine /// TB-Ausbilder | Virus auf Error 404-Seite? hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.07.2014, 17:06
| #5 |
| | Virus auf Error 404-Seite? Hallo, Während Combofix lief, erschien zwei mal ein Avira-Fenster, mit dem sinngemäßen Inhalt, dass ein zweifelhafter Zugriff - oder so ähnlich - blockiert wurde. Avira Antivirus war aber ausgeschaltet! Nach dem von Combofix durchgeführten Neustart öffnete sich - kurz bevor im Combofix-Fenster der Hinweis erschien, dass man bevor Combofix fertig ist, keine Programme öffnen soll - der Windows-Explorer (macht er bei mir immer nach dem Hochfahren). Kurz danach öffnete sich dann noch der nervige Java Auto Updater. Ich habe das Programm "Windows 8 Starter", dass das bei Windows 8 nicht vorhandene Startmenu im Desktop ersetzt. Seitdem ich Combofix habe laufen lassen, funktioniert es nicht mehr. Beim Versuch es zu öffnen erscheint eine Fehlermeldung mit folgendem Text: C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe Ein an das System angeschlossenes Gerät funktioniert nicht. Code:
ATTFilter ComboFix 14-07-11.04 - User 11.07.2014 17:13:42.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.8112.6536 [GMT 2:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Java\jre7\bin\jp2ssv.dll
c:\users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7AD2883B-AB15-48C5-AF8B-51F6EEDE1FA7}.xps
c:\users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\{BD42E442-C312-438D-9044-DC09A7B9CD88}.xps
c:\users\User\AppData\Roaming\Windows Net Data
c:\users\User\AppData\Roaming\Windows Net Data\id.dat
c:\users\User\AppData\Roaming\Windows Net Data\net.exe
c:\users\User\AppData\Roaming\Windows Net Data\uninstaller.exe
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_acedrv11
-------\Service_npf
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-11 bis 2014-07-11 ))))))))))))))))))))))))))))))
.
.
2014-07-11 15:20 . 2014-07-11 15:20 -------- d-----w- c:\users\User\AppData\Local\temp
2014-07-11 15:20 . 2014-07-11 15:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-10 18:16 . 2014-07-10 18:18 -------- d-----w- C:\FRST
2014-07-09 10:04 . 2014-06-17 23:27 1440256 ----a-w- c:\windows\SysWow64\osk.exe
2014-07-09 10:03 . 2014-06-19 04:18 775320 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2014-07-07 14:10 . 2014-07-11 02:24 100352 ----a-w- c:\windows\system32\wudriver.dll
2014-07-07 14:10 . 2014-07-11 02:24 86528 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-07-07 14:10 . 2014-07-11 02:24 176640 ----a-w- c:\windows\system32\storewuauth.dll
2014-07-07 14:10 . 2014-07-11 02:24 773632 ----a-w- c:\windows\system32\wuapi.dll
2014-07-07 14:10 . 2014-07-11 02:24 253440 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2014-07-07 14:10 . 2014-07-11 02:24 1623040 ----a-w- c:\windows\system32\wucltux.dll
2014-07-07 14:10 . 2014-07-11 02:24 59416 ----a-w- c:\windows\system32\wuauclt.exe
2014-07-07 14:10 . 2014-07-11 02:24 3286528 ----a-w- c:\windows\system32\wuaueng.dll
2014-07-07 14:10 . 2014-07-11 02:24 629248 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-07-07 14:09 . 2014-07-11 02:24 35328 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-07 14:09 . 2014-07-11 02:24 128000 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-07-07 14:09 . 2014-07-11 02:24 40448 ----a-w- c:\windows\system32\wuapp.exe
2014-07-07 14:09 . 2014-07-11 02:24 144384 ----a-w- c:\windows\system32\wuwebv.dll
2014-06-11 20:49 . 2014-06-11 20:49 18636480 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-10 12:31 . 2013-10-15 17:26 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-09 15:25 . 2013-10-18 00:23 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-08 17:36 . 2013-12-10 20:39 11204096 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-03 19:36 . 2013-10-15 17:26 117712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-26 20:53 . 2013-12-15 14:18 703968 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-26 20:53 . 2013-12-15 14:18 105440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-27 14:02 . 2013-10-15 17:26 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-05-03 05:47 . 2014-06-11 09:57 3246592 ----a-w- c:\windows\system32\rdpcorets.dll
2014-05-03 03:34 . 2014-06-11 09:57 235520 ----a-w- c:\windows\system32\rdpudd.dll
2014-04-29 22:32 . 2014-06-11 09:57 1301504 ----a-w- c:\windows\system32\gdi32.dll
2014-04-29 22:22 . 2014-06-11 09:57 1023488 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-04-19 09:39 . 2014-05-06 13:08 628024 ----a-w- c:\windows\system32\NotificationUI.exe
2014-04-15 00:34 . 2014-04-15 00:34 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-01 13:16 222832 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-01 13:16 222832 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-01 13:16 222832 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-12-11 1823656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema"="c:\program files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe" [2012-11-29 711680]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-02-07 490480]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-01-07 597880]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-07-03 750160]
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-09-14 61440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
Qualcomm Atheros Killer Network Manager.lnk - c:\program files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe -minimized [2013-3-15 553984]
ShowDesktop.scf [2012-6-28 78]
Win8Starter.lnk - c:\program files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe [2013-7-3 840480]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK32.EXE [2012-7-4 603536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 RTL8168;Realtek 8168 NT-Treiber;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bwcW8x64.sys;c:\windows\SYSNATIVE\DRIVERS\bwcW8x64.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BTDevManager;BTDevManager;c:\program files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe;c:\program files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\SCM\MSIService.exe;c:\program files (x86)\SCM\MSIService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 Ke2200;NDIS Miniport Driver for the Killer e2200 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\e22w8x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w8x64.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver;c:\windows\system32\DRIVERS\RtkBtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\RtkBtfilter.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-16 17:36]
.
2014-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16 11:51]
.
2014-07-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-16 11:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-11-01 13:16 261744 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-11-01 13:16 261744 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-11-01 13:16 261744 ----a-w- c:\users\User\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-03-22 36352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-04-27 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-04-27 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-04-27 442696]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-04-27 13519432]
"BtServer"="c:\program files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe" [2013-01-28 452608]
"Radio Manager"="c:\program files (x86)\SCM\Radio Manager.exe" [2013-04-23 406920]
"SCM"="c:\program files (x86)\SCM\SCM.exe" [2013-04-23 406944]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2013-01-07 27648]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://msi13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\BfLLR.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk - c:\users\User\AppData\Roaming\Windows Net Data\net.exe
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Windows Utils - c:\users\User\AppData\Roaming\Windows Net Data\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-07-11 17:30:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-07-11 15:30
.
Vor Suchlauf: 16 Verzeichnis(se), 140.615.491.584 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 141.315.014.656 Bytes frei
.
- - End Of File - - ABCC69A546A5086FE72FCB74949A4465
5FB38429D5D77768867C76DCBDB35194
Geändert von sdfhjk (11.07.2014 um 17:48 Uhr) |
|
12.07.2014, 15:43
| #6 |
| /// the machine /// TB-Ausbilder | Virus auf Error 404-Seite? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Virus auf Error 404-Seite? |
|
13.07.2014, 01:09
| #7 |
| | Virus auf Error 404-Seite? mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 13.07.2014 Suchlauf-Zeit: 00:57:58 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.12.09 Rootkit Datenbank: v2014.07.09.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: User Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 325417 Verstrichene Zeit: 9 Min, 28 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 2 PUP.Optional.Soft32.A, C:\Users\User\Downloads\cool edit pro setup.exe, In Quarantäne, [45641985077458dedf1ba59905fc936d], PUP.Optional.OpenCandy, C:\Users\User\Downloads\FreemakeVideoConverterSetup_4.0.1.1.exe, In Quarantäne, [b4f5a5f90e6d5adc269ec252c8398a76], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 13/07/2014 um 01:21:36
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : User - MSI
# Gestartet von : C:\Users\User\Downloads\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\User\Documents\Updater
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\sparpilot@sparpilot.com
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\WEDLMNGR
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.17028
-\\ Mozilla Firefox v27.0.1 (de)
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1374 octets] - [13/07/2014 01:18:46]
AdwCleaner[S0].txt - [1194 octets] - [13/07/2014 01:21:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1254 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8 x64
Ran by User on 13.07.2014 at 1:41:37,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
~~~ FireFox
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\gz1diwo7.default\minidumps [21 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.07.2014 at 1:43:38,41
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by User (administrator) on MSI on 13-07-2014 01:47:06
Running from C:\Users\User\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Engelmann Media) C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [BlueStacks Agent] => c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3471801120-3442921855-1173847551-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-10] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShowDesktop.scf ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win8Starter.lnk
ShortcutTarget: Win8Starter.lnk -> C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe (Engelmann Media)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\amazon-icon@giga.de [2013-11-16]
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: NoSquint - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\nosquint@urandom.ca.xpi [2013-10-16]
FF Extension: {937406fd-bbb8-406a-97de-846178fc637d} - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{937406fd-bbb8-406a-97de-846178fc637d}.xpi [2014-01-09]
FF Extension: PDF Print Converter Light - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{ef796d38-5147-442b-9047-3c859326b80f}.xpi [2014-01-12]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1030224 2014-07-10] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-08] (BlueStack Systems, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-11-01] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-21] (Ellora Assets Corp.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) [File not signed]
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-05-02] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [42040 2014-07-10] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
R2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-08] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-13 01:46 - 2014-07-13 01:46 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-07-13 01:43 - 2014-07-13 01:43 - 00000835 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 01:37 - 2014-07-13 01:37 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 01:27 - 2014-07-13 01:27 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 01:18 - 2014-07-13 01:21 - 00000000 ____D () C:\AdwCleaner
2014-07-13 01:16 - 2014-07-13 01:17 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 01:15 - 2014-07-13 01:15 - 00001378 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 00:55 - 2014-07-13 01:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 00:54 - 2014-07-13 00:54 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-13 00:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-13 00:54 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-13 00:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-13 00:51 - 2014-07-13 00:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-12 14:16 - 2014-07-12 14:23 - 00006890 _____ () C:\Users\User\Documents\DVD Topographie 1.dvds
2014-07-12 14:14 - 2014-07-12 14:25 - 00003932 _____ () C:\Users\User\Documents\DVD Hessen von oben.dvds
2014-07-12 14:13 - 2014-07-12 14:13 - 00003930 _____ () C:\Users\User\Documents\DVD Die Saale von oben.dvds
2014-07-12 14:10 - 2014-07-12 14:11 - 00006929 _____ () C:\Users\User\Documents\DVD Der Südwesten von oben.dvds
2014-07-12 06:16 - 2014-07-12 06:17 - 1465432584 _____ () C:\Users\User\Downloads\Hessen_von_oben_14.04.18_20-15_hr3_90_TVOON_DE.mpg.HQ.avi
2014-07-12 06:05 - 2014-07-12 06:06 - 1413226144 _____ () C:\Users\User\Downloads\Die_Saale_von_oben_14.04.17_20-15_mdr_90_TVOON_DE.mpg.HQ.avi
2014-07-12 06:03 - 2014-07-12 06:05 - 1832615932 _____ () C:\Users\User\Downloads\Der_Suedwesten_von_oben_14.04.17_20-15_sw3_130_TVOON_DE.mpg.HQ.avi
2014-07-12 06:03 - 2014-07-12 06:03 - 741592242 _____ () C:\Users\User\Downloads\Bilderbuch_Deutschland_13.05.14_14-15_ndr_45_TVOON_DE.mpg.avi
2014-07-12 06:00 - 2014-07-12 06:01 - 650816080 _____ () C:\Users\User\Downloads\Bilderbuch_14.04.01_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-12 06:00 - 2014-07-12 06:00 - 613052574 _____ () C:\Users\User\Downloads\Bilderbuch_14.03.27_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-12 05:59 - 2014-07-12 05:59 - 495052028 _____ () C:\Users\User\Downloads\Bilderbuch_14.02.28_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-11 21:14 - 2014-07-11 21:15 - 00005446 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 62.dvds
2014-07-11 20:57 - 2014-07-11 20:57 - 00006896 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 61.dvds
2014-07-11 19:58 - 2014-07-11 20:32 - 00007012 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 60.dvds
2014-07-11 19:44 - 2014-07-11 20:10 - 00006942 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 59.dvds
2014-07-11 19:35 - 2014-07-11 19:36 - 00006861 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 58.dvds
2014-07-11 19:09 - 2014-07-11 19:11 - 00003928 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 57.dvds
2014-07-11 19:05 - 2014-07-11 19:07 - 00005423 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 56.dvds
2014-07-11 19:02 - 2014-07-11 19:04 - 00005395 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 55.dvds
2014-07-11 17:30 - 2014-07-11 17:30 - 00018700 _____ () C:\ComboFix.txt
2014-07-11 17:21 - 2014-07-11 17:21 - 00354136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-11 17:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-11 17:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-11 17:06 - 2014-07-11 17:30 - 00000000 ____D () C:\Qoobox
2014-07-11 17:06 - 2014-07-11 17:28 - 00000000 ____D () C:\Windows\erdnt
2014-07-11 17:01 - 2014-07-11 17:01 - 05218473 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-07-10 20:17 - 2014-07-10 20:18 - 00046111 _____ () C:\Users\User\Desktop\Addition.txt
2014-07-10 20:16 - 2014-07-13 01:47 - 00018711 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-10 20:16 - 2014-07-13 01:47 - 00000000 ____D () C:\FRST
2014-07-10 20:13 - 2014-07-13 01:46 - 02084864 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-09 12:04 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 12:04 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 12:04 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 12:04 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 12:04 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 12:04 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 12:04 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 12:04 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 12:04 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 12:04 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 12:04 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 12:04 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 12:04 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 12:04 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 12:04 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 12:04 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 12:04 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 12:04 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 12:04 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 12:04 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 12:04 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 12:04 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 12:04 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 12:04 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-09 12:03 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 12:03 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 12:03 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 12:03 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 12:03 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 12:03 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 12:03 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 12:03 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 12:03 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 12:03 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 12:03 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 12:03 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 12:03 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 12:03 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 12:03 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 12:03 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 12:03 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 12:03 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 16:10 - 2014-07-11 04:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-07 16:09 - 2014-07-11 04:24 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-07 16:09 - 2014-07-11 04:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-07 16:09 - 2014-07-11 04:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-07 16:09 - 2014-07-11 04:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-06-27 15:37 - 2014-06-27 15:37 - 00926970 _____ () C:\Users\User\Documents\7344447_mp4_h264_aac.flv
==================== One Month Modified Files and Folders =======
2014-07-13 01:47 - 2014-07-10 20:16 - 00018711 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-13 01:47 - 2014-07-10 20:16 - 00000000 ____D () C:\FRST
2014-07-13 01:46 - 2014-07-13 01:46 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-07-13 01:46 - 2014-07-10 20:13 - 02084864 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-13 01:43 - 2014-07-13 01:43 - 00000835 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 01:43 - 2013-10-15 21:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-13 01:41 - 2013-10-15 17:48 - 00095105 _____ () C:\Users\User\AppData\Local\BTServer.log
2014-07-13 01:41 - 2013-10-15 17:45 - 01934037 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 01:41 - 2013-05-03 01:20 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-07-13 01:40 - 2013-10-16 13:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 01:40 - 2013-05-03 01:22 - 00000000 ____D () C:\ProgramData\Realtek
2014-07-13 01:40 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 01:37 - 2014-07-13 01:37 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 01:36 - 2013-10-16 15:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 01:27 - 2014-07-13 01:27 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 01:27 - 2013-10-16 13:51 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-13 01:22 - 2013-02-22 09:00 - 01171476 _____ () C:\Windows\PFRO.log
2014-07-13 01:21 - 2014-07-13 01:18 - 00000000 ____D () C:\AdwCleaner
2014-07-13 01:17 - 2014-07-13 01:16 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 01:15 - 2014-07-13 01:15 - 00001378 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 01:13 - 2014-07-13 00:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 01:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-13 00:54 - 2014-07-13 00:54 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-13 00:52 - 2014-07-13 00:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-12 15:37 - 2014-02-15 18:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-12 14:27 - 2013-10-18 23:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-07-12 14:25 - 2014-07-12 14:14 - 00003932 _____ () C:\Users\User\Documents\DVD Hessen von oben.dvds
2014-07-12 14:23 - 2014-07-12 14:16 - 00006890 _____ () C:\Users\User\Documents\DVD Topographie 1.dvds
2014-07-12 14:13 - 2014-07-12 14:13 - 00003930 _____ () C:\Users\User\Documents\DVD Die Saale von oben.dvds
2014-07-12 14:11 - 2014-07-12 14:10 - 00006929 _____ () C:\Users\User\Documents\DVD Der Südwesten von oben.dvds
2014-07-12 13:35 - 2013-10-28 05:09 - 00000000 ____D () C:\Users\User\Downloads\Dokumentationen
2014-07-12 06:17 - 2014-07-12 06:16 - 1465432584 _____ () C:\Users\User\Downloads\Hessen_von_oben_14.04.18_20-15_hr3_90_TVOON_DE.mpg.HQ.avi
2014-07-12 06:06 - 2014-07-12 06:05 - 1413226144 _____ () C:\Users\User\Downloads\Die_Saale_von_oben_14.04.17_20-15_mdr_90_TVOON_DE.mpg.HQ.avi
2014-07-12 06:05 - 2014-07-12 06:03 - 1832615932 _____ () C:\Users\User\Downloads\Der_Suedwesten_von_oben_14.04.17_20-15_sw3_130_TVOON_DE.mpg.HQ.avi
2014-07-12 06:03 - 2014-07-12 06:03 - 741592242 _____ () C:\Users\User\Downloads\Bilderbuch_Deutschland_13.05.14_14-15_ndr_45_TVOON_DE.mpg.avi
2014-07-12 06:01 - 2014-07-12 06:00 - 650816080 _____ () C:\Users\User\Downloads\Bilderbuch_14.04.01_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-12 06:00 - 2014-07-12 06:00 - 613052574 _____ () C:\Users\User\Downloads\Bilderbuch_14.03.27_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-12 05:59 - 2014-07-12 05:59 - 495052028 _____ () C:\Users\User\Downloads\Bilderbuch_14.02.28_14-45_sw3_45_TVOON_DE.mpg.avi
2014-07-11 21:15 - 2014-07-11 21:14 - 00005446 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 62.dvds
2014-07-11 21:11 - 2013-10-16 14:02 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-07-11 20:57 - 2014-07-11 20:57 - 00006896 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 61.dvds
2014-07-11 20:32 - 2014-07-11 19:58 - 00007012 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 60.dvds
2014-07-11 20:10 - 2014-07-11 19:44 - 00006942 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 59.dvds
2014-07-11 19:36 - 2014-07-11 19:35 - 00006861 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 58.dvds
2014-07-11 19:11 - 2014-07-11 19:09 - 00003928 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 57.dvds
2014-07-11 19:07 - 2014-07-11 19:05 - 00005423 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 56.dvds
2014-07-11 19:04 - 2014-07-11 19:02 - 00005395 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 55.dvds
2014-07-11 17:30 - 2014-07-11 17:30 - 00018700 _____ () C:\ComboFix.txt
2014-07-11 17:30 - 2014-07-11 17:06 - 00000000 ____D () C:\Qoobox
2014-07-11 17:30 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-07-11 17:28 - 2014-07-11 17:06 - 00000000 ____D () C:\Windows\erdnt
2014-07-11 17:22 - 2012-07-26 07:26 - 00000243 _____ () C:\Windows\system.ini
2014-07-11 17:21 - 2014-07-11 17:21 - 00354136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:21 - 2012-07-26 07:26 - 76021760 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 18087936 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-11 17:21 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-11 17:01 - 2014-07-11 17:01 - 05218473 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-07-11 11:22 - 2014-03-16 20:53 - 00000000 ____D () C:\Windows\rescache
2014-07-11 09:13 - 2013-02-22 10:34 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-07-11 09:13 - 2013-02-22 10:34 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-07-11 09:13 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-11 04:24 - 2014-07-07 16:10 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-11 04:24 - 2014-07-07 16:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-11 04:24 - 2014-07-07 16:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-11 04:24 - 2014-07-07 16:09 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-11 04:24 - 2014-07-07 16:09 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-11 04:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 04:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 04:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 04:24 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-11 04:24 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 20:18 - 2014-07-10 20:17 - 00046111 _____ () C:\Users\User\Desktop\Addition.txt
2014-07-10 20:05 - 2013-10-24 00:47 - 00000000 ____D () C:\Users\User\Documents\Studium
2014-07-10 16:17 - 2013-10-19 00:14 - 00000000 ____D () C:\Users\User\dwhelper
2014-07-10 14:31 - 2013-10-15 19:26 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 17:26 - 2013-10-18 02:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:26 - 2013-10-15 18:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 17:25 - 2013-10-18 02:23 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:25 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-08 19:36 - 2013-12-10 22:39 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:36 - 2013-10-16 15:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-03 21:36 - 2013-10-15 19:26 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 20:34 - 2013-10-28 06:10 - 00000000 ____D () C:\Users\User\Downloads\Schätze der Welt
2014-07-02 16:17 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-27 15:37 - 2014-06-27 15:37 - 00926970 _____ () C:\Users\User\Documents\7344447_mp4_h264_aac.flv
2014-06-26 22:53 - 2013-12-15 16:18 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2013-12-15 16:18 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 04:22 - 2013-10-16 13:51 - 00004086 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 04:22 - 2013-10-16 13:51 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 04:12 - 2014-07-09 12:04 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 04:12 - 2014-07-09 12:04 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-09 12:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-19 04:12 - 2014-07-09 12:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-19 04:12 - 2014-07-09 12:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-09 12:04 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-09 12:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 04:11 - 2014-07-09 12:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-09 12:03 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 02:53 - 2014-07-09 12:04 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-09 12:04 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-09 12:04 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-09 12:03 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-09 12:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-09 12:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 00:05 - 2014-07-09 12:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-18 01:27 - 2014-07-09 12:04 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 01:24 - 2014-07-09 12:04 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
Some content of TEMP:
====================
C:\Users\User\AppData\Local\temp\avgnt.exe
C:\Users\User\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-12 07:48
==================== End Of Log ============================
|
|
13.07.2014, 15:11
| #8 |
| /// the machine /// TB-Ausbilder | Virus auf Error 404-Seite?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.07.2014, 02:10
| #9 |
| | Virus auf Error 404-Seite? Eset Online Scanner log.txt: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4f9e77f84e8bd541b0690b2dc2337e08
# engine=19154
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-14 12:52:56
# local_time=2014-07-14 02:52:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 39957 23870334 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4258720 37764475 0 0
# scanned=309389
# found=1
# cleaned=0
# scan_time=26370
sh=E0C275F08CDDAF9AA2EF3AEB8648615899B67EAA ft=1 fh=70f2756a5a58301d vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\Downloads\DVDStyler-2.5.1-win32.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.85
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Windows Defender
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 51
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Mozilla Firefox 27.0.1 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by User (administrator) on MSI on 14-07-2014 03:20:59
Running from C:\Users\User\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Engelmann Media) C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [BlueStacks Agent] => c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3471801120-3442921855-1173847551-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-10] (Valve Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qualcomm Atheros Killer Network Manager.lnk
ShortcutTarget: Qualcomm Atheros Killer Network Manager.lnk -> C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShowDesktop.scf ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Win8Starter.lnk
ShortcutTarget: Win8Starter.lnk -> C:\Program Files (x86)\Engelmann Media\Win8Starter\Win8Starter.exe (Engelmann Media)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK32.EXE (WinZip Computing, S.L.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {3368A6F7-63B1-4F41-926E-2CF548F0DF9F} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Amazon-Icon - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\amazon-icon@giga.de [2013-11-16]
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: NoSquint - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\nosquint@urandom.ca.xpi [2013-10-16]
FF Extension: {937406fd-bbb8-406a-97de-846178fc637d} - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{937406fd-bbb8-406a-97de-846178fc637d}.xpi [2014-01-09]
FF Extension: PDF Print Converter Light - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gz1diwo7.default\Extensions\{ef796d38-5147-442b-9047-3c859326b80f}.xpi [2014-01-12]
==================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1030224 2014-07-10] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-08] (BlueStack Systems, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] () [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-11-01] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-21] (Ellora Assets Corp.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI) [File not signed]
R2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-05-02] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [42040 2014-07-10] (Avira Operations GmbH & Co. KG)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
R2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-08] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-14 03:13 - 2014-07-14 03:13 - 00854390 _____ () C:\Users\User\Desktop\SecurityCheck.exe
2014-07-13 19:18 - 2014-07-13 19:18 - 02347384 _____ (ESET) C:\Users\User\Desktop\esetsmartinstaller_deu.exe
2014-07-13 01:46 - 2014-07-14 03:20 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-07-13 01:43 - 2014-07-13 01:43 - 00000835 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 01:37 - 2014-07-13 01:37 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 01:27 - 2014-07-13 01:27 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 01:18 - 2014-07-13 01:21 - 00000000 ____D () C:\AdwCleaner
2014-07-13 01:16 - 2014-07-13 01:17 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 01:15 - 2014-07-13 01:15 - 00001378 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 00:55 - 2014-07-13 01:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 00:54 - 2014-07-13 00:54 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-13 00:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-13 00:54 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-13 00:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-13 00:51 - 2014-07-13 00:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-12 14:16 - 2014-07-12 14:23 - 00006890 _____ () C:\Users\User\Documents\DVD Topographie 1.dvds
2014-07-12 14:14 - 2014-07-12 14:25 - 00003932 _____ () C:\Users\User\Documents\DVD Hessen von oben.dvds
2014-07-12 14:13 - 2014-07-12 14:13 - 00003930 _____ () C:\Users\User\Documents\DVD Die Saale von oben.dvds
2014-07-12 14:10 - 2014-07-12 14:11 - 00006929 _____ () C:\Users\User\Documents\DVD Der Südwesten von oben.dvds
2014-07-12 06:16 - 2014-07-12 06:17 - 1465432584 _____ () C:\Users\User\Downloads\Hessen_von_oben_14.04.18_20-15_hr3_90_TVOON_DE.mpg.HQ.avi
2014-07-12 06:03 - 2014-07-12 06:05 - 1832615932 _____ () C:\Users\User\Downloads\Der_Suedwesten_von_oben_14.04.17_20-15_sw3_130_TVOON_DE.mpg.HQ.avi
2014-07-11 21:14 - 2014-07-11 21:15 - 00005446 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 62.dvds
2014-07-11 20:57 - 2014-07-11 20:57 - 00006896 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 61.dvds
2014-07-11 19:58 - 2014-07-11 20:32 - 00007012 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 60.dvds
2014-07-11 19:44 - 2014-07-11 20:10 - 00006942 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 59.dvds
2014-07-11 19:35 - 2014-07-11 19:36 - 00006861 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 58.dvds
2014-07-11 19:09 - 2014-07-11 19:11 - 00003928 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 57.dvds
2014-07-11 19:05 - 2014-07-11 19:07 - 00005423 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 56.dvds
2014-07-11 19:02 - 2014-07-11 19:04 - 00005395 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 55.dvds
2014-07-11 17:30 - 2014-07-11 17:30 - 00018700 _____ () C:\ComboFix.txt
2014-07-11 17:21 - 2014-07-11 17:21 - 00354136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-11 17:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-11 17:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-11 17:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-11 17:06 - 2014-07-11 17:30 - 00000000 ____D () C:\Qoobox
2014-07-11 17:06 - 2014-07-11 17:28 - 00000000 ____D () C:\Windows\erdnt
2014-07-11 17:01 - 2014-07-11 17:01 - 05218473 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-07-10 20:17 - 2014-07-10 20:18 - 00046111 _____ () C:\Users\User\Desktop\Addition.txt
2014-07-10 20:16 - 2014-07-14 03:21 - 00000000 ____D () C:\FRST
2014-07-10 20:16 - 2014-07-14 03:20 - 00019005 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-10 20:13 - 2014-07-14 03:20 - 02086912 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-09 12:04 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 12:04 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 12:04 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 12:04 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 12:04 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 12:04 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 12:04 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 12:04 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 12:04 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 12:04 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 12:04 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 12:04 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-07-09 12:04 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-07-09 12:04 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 12:04 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-07-09 12:04 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-07-09 12:04 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-07-09 12:04 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-07-09 12:04 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-07-09 12:04 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-07-09 12:04 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-07-09 12:04 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-09 12:04 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 12:04 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-09 12:04 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 12:04 - 2014-02-08 06:34 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-07-09 12:03 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-07-09 12:03 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-07-09 12:03 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 12:03 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 12:03 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 12:03 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 12:03 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 12:03 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 12:03 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 12:03 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 12:03 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 12:03 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 12:03 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 12:03 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 12:03 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 12:03 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-07-09 12:03 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 12:03 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 12:03 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2014-07-09 12:03 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-07 16:10 - 2014-07-11 04:24 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-07 16:10 - 2014-07-11 04:24 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-07 16:09 - 2014-07-11 04:24 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-07 16:09 - 2014-07-11 04:24 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-07 16:09 - 2014-07-11 04:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-07 16:09 - 2014-07-11 04:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-06-27 15:37 - 2014-06-27 15:37 - 00926970 _____ () C:\Users\User\Documents\7344447_mp4_h264_aac.flv
==================== One Month Modified Files and Folders =======
2014-07-14 03:21 - 2014-07-10 20:16 - 00019005 _____ () C:\Users\User\Desktop\FRST.txt
2014-07-14 03:21 - 2014-07-10 20:16 - 00000000 ____D () C:\FRST
2014-07-14 03:20 - 2014-07-13 01:46 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion
2014-07-14 03:20 - 2014-07-10 20:13 - 02086912 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-07-14 03:13 - 2014-07-14 03:13 - 00854390 _____ () C:\Users\User\Desktop\SecurityCheck.exe
2014-07-14 03:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-14 02:36 - 2013-10-16 15:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-14 02:28 - 2013-10-16 13:51 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-14 02:26 - 2013-10-15 17:48 - 00096786 _____ () C:\Users\User\AppData\Local\BTServer.log
2014-07-13 20:08 - 2013-05-03 01:22 - 00000000 ____D () C:\ProgramData\Realtek
2014-07-13 19:18 - 2014-07-13 19:18 - 02347384 _____ (ESET) C:\Users\User\Desktop\esetsmartinstaller_deu.exe
2014-07-13 18:52 - 2014-02-15 18:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-13 18:42 - 2013-02-22 10:34 - 00754172 _____ () C:\Windows\system32\perfh007.dat
2014-07-13 18:42 - 2013-02-22 10:34 - 00156362 _____ () C:\Windows\system32\perfc007.dat
2014-07-13 18:42 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 16:50 - 2013-10-18 23:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-07-13 15:59 - 2013-10-15 17:45 - 01973453 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 15:46 - 2013-10-15 21:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-13 15:45 - 2013-10-16 13:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 15:45 - 2013-05-03 01:20 - 00000000 ____D () C:\ProgramData\Bigfoot Networks
2014-07-13 07:32 - 2013-10-28 05:09 - 00000000 ____D () C:\Users\User\Downloads\Dokumentationen
2014-07-13 07:21 - 2013-10-28 05:08 - 00000000 ____D () C:\Users\User\Downloads\Expeditionen ins Tierreich
2014-07-13 01:43 - 2014-07-13 01:43 - 00000835 _____ () C:\Users\User\Desktop\JRT.txt
2014-07-13 01:40 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-13 01:37 - 2014-07-13 01:37 - 00000000 ____D () C:\Windows\ERUNT
2014-07-13 01:27 - 2014-07-13 01:27 - 01016261 _____ (Thisisu) C:\Users\User\Downloads\JRT.exe
2014-07-13 01:22 - 2013-02-22 09:00 - 01171476 _____ () C:\Windows\PFRO.log
2014-07-13 01:21 - 2014-07-13 01:18 - 00000000 ____D () C:\AdwCleaner
2014-07-13 01:17 - 2014-07-13 01:16 - 01348263 _____ () C:\Users\User\Downloads\adwcleaner_3.215.exe
2014-07-13 01:15 - 2014-07-13 01:15 - 00001378 _____ () C:\Users\User\Desktop\mbam.txt
2014-07-13 01:13 - 2014-07-13 00:55 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-13 00:54 - 2014-07-13 00:54 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-13 00:54 - 2014-07-13 00:54 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-13 00:52 - 2014-07-13 00:51 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-12 14:25 - 2014-07-12 14:14 - 00003932 _____ () C:\Users\User\Documents\DVD Hessen von oben.dvds
2014-07-12 14:23 - 2014-07-12 14:16 - 00006890 _____ () C:\Users\User\Documents\DVD Topographie 1.dvds
2014-07-12 14:13 - 2014-07-12 14:13 - 00003930 _____ () C:\Users\User\Documents\DVD Die Saale von oben.dvds
2014-07-12 14:11 - 2014-07-12 14:10 - 00006929 _____ () C:\Users\User\Documents\DVD Der Südwesten von oben.dvds
2014-07-12 06:17 - 2014-07-12 06:16 - 1465432584 _____ () C:\Users\User\Downloads\Hessen_von_oben_14.04.18_20-15_hr3_90_TVOON_DE.mpg.HQ.avi
2014-07-12 06:05 - 2014-07-12 06:03 - 1832615932 _____ () C:\Users\User\Downloads\Der_Suedwesten_von_oben_14.04.17_20-15_sw3_130_TVOON_DE.mpg.HQ.avi
2014-07-11 21:15 - 2014-07-11 21:14 - 00005446 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 62.dvds
2014-07-11 21:11 - 2013-10-16 14:02 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-07-11 20:57 - 2014-07-11 20:57 - 00006896 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 61.dvds
2014-07-11 20:32 - 2014-07-11 19:58 - 00007012 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 60.dvds
2014-07-11 20:10 - 2014-07-11 19:44 - 00006942 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 59.dvds
2014-07-11 19:36 - 2014-07-11 19:35 - 00006861 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 58.dvds
2014-07-11 19:11 - 2014-07-11 19:09 - 00003928 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 57.dvds
2014-07-11 19:07 - 2014-07-11 19:05 - 00005423 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 56.dvds
2014-07-11 19:04 - 2014-07-11 19:02 - 00005395 _____ () C:\Users\User\Documents\DVD Bilderbuch Deutschland 55.dvds
2014-07-11 17:30 - 2014-07-11 17:30 - 00018700 _____ () C:\ComboFix.txt
2014-07-11 17:30 - 2014-07-11 17:06 - 00000000 ____D () C:\Qoobox
2014-07-11 17:30 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-07-11 17:28 - 2014-07-11 17:06 - 00000000 ____D () C:\Windows\erdnt
2014-07-11 17:22 - 2012-07-26 07:26 - 00000243 _____ () C:\Windows\system.ini
2014-07-11 17:21 - 2014-07-11 17:21 - 00354136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:21 - 2012-07-26 07:26 - 76021760 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 18087936 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-11 17:21 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-11 17:21 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-11 17:01 - 2014-07-11 17:01 - 05218473 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-07-11 11:22 - 2014-03-16 20:53 - 00000000 ____D () C:\Windows\rescache
2014-07-11 04:24 - 2014-07-07 16:10 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-11 04:24 - 2014-07-07 16:10 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-11 04:24 - 2014-07-07 16:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-11 04:24 - 2014-07-07 16:09 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-11 04:24 - 2014-07-07 16:09 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-11 04:24 - 2014-07-07 16:09 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-11 04:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 04:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-11 04:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-07-11 04:24 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-11 04:24 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 20:18 - 2014-07-10 20:17 - 00046111 _____ () C:\Users\User\Desktop\Addition.txt
2014-07-10 20:05 - 2013-10-24 00:47 - 00000000 ____D () C:\Users\User\Documents\Studium
2014-07-10 16:17 - 2013-10-19 00:14 - 00000000 ____D () C:\Users\User\dwhelper
2014-07-10 14:31 - 2013-10-15 19:26 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-09 17:26 - 2013-10-18 02:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 17:26 - 2013-10-15 18:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 17:25 - 2013-10-18 02:23 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:25 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-08 19:36 - 2013-12-10 22:39 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 19:36 - 2013-10-16 15:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-03 21:36 - 2013-10-15 19:26 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-03 20:34 - 2013-10-28 06:10 - 00000000 ____D () C:\Users\User\Downloads\Schätze der Welt
2014-07-02 16:17 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-27 15:37 - 2014-06-27 15:37 - 00926970 _____ () C:\Users\User\Documents\7344447_mp4_h264_aac.flv
2014-06-26 22:53 - 2013-12-15 16:18 - 00703968 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-26 22:53 - 2013-12-15 16:18 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-22 04:22 - 2013-10-16 13:51 - 00004086 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 04:22 - 2013-10-16 13:51 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 04:12 - 2014-07-09 12:04 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 04:12 - 2014-07-09 12:04 - 01366528 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 04:12 - 2014-07-09 12:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-19 04:12 - 2014-07-09 12:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-19 04:12 - 2014-07-09 12:03 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 04:11 - 2014-07-09 12:04 - 19277312 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 04:11 - 2014-07-09 12:03 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 04:11 - 2014-07-09 12:03 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 15369728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 02650624 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 04:10 - 2014-07-09 12:04 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 04:10 - 2014-07-09 12:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 04:09 - 2014-07-09 12:03 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 02:53 - 2014-07-09 12:04 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:53 - 2014-07-09 12:04 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 02:53 - 2014-07-09 12:04 - 01141760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 02:53 - 2014-07-09 12:03 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 13732352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 02863616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 02:52 - 2014-07-09 12:04 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 02:52 - 2014-07-09 12:03 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 02:52 - 2014-07-09 12:03 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 02:33 - 2014-07-09 12:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 02:30 - 2014-07-09 12:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 00:05 - 2014-07-09 12:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-18 01:27 - 2014-07-09 12:04 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 01:24 - 2014-07-09 12:04 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
Some content of TEMP:
====================
C:\Users\User\AppData\Local\temp\avgnt.exe
C:\Users\User\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-13 07:38
==================== End Of Log ============================
Geändert von sdfhjk (14.07.2014 um 02:31 Uhr) |
|
14.07.2014, 17:49
| #10 |
| /// the machine /// TB-Ausbilder | Virus auf Error 404-Seite? Java und Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.07.2014, 19:32
| #11 |
| | Virus auf Error 404-Seite? Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-07-2014
Ran by User at 2014-07-14 20:23:54 Run:1
Running from C:\Users\User\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\Winlogon: [Shell] explorer.exe /select,explorer.exe
*****************
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.
==== End of Fixlog ====
|
|
15.07.2014, 19:21
| #12 |
| /// the machine /// TB-Ausbilder | Virus auf Error 404-Seite? ja kannste
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.07.2014, 21:20
| #13 |
| | Virus auf Error 404-Seite? Vielen Dank! Damit ist das Thema für mich erledigt. Geändert von sdfhjk (15.07.2014 um 21:29 Uhr) |
|
16.07.2014, 18:44
| #14 |
| /// the machine /// TB-Ausbilder | Virus auf Error 404-Seite? Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Virus auf Error 404-Seite? |
| antivirenprogramm, antivirus, e-mail, enthalten, fragen, glaube, kurzem, links, nichts, programm, pup.optional.opencandy, pup.optional.soft32.a, spammail, spammails, trojaner, unbedingt, verdächtiges, verschickt, win32/somoto.e |
WARNUNG an die MITLESER: 
Linear-Darstellung
