| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: inetstat.exe - Was ist das ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.08.2014, 17:57
| #1 |
| |  inetstat.exe - Was ist das ? Verehrte Trojaner-Board Community, Ich wollte mir vor kurzem ein Programm runterladen. Aber nachdem ich diese eine Exe auch geöffnet / ausgeführt habe, steht wenn ich bei meinem Task-Manager auf Autostart gehe ein Programm mit dem Namen Inetstat. Dieses habe ich allerdings deaktiviert. Mein Kumpel meinte nur das sei ein Virus. Jetzt habe ich schon mit Super Anti Spyware oder Avira versucht dieses Programm zu entferne - erfolglos. Könnte mir eventuell jemand bei meinem Problem helfen ? Besten Dank schonmal im Vorraus! Mit freundlichen Grüßen, Florian |
|
11.08.2014, 18:33
| #2 |
| /// TB-Ausbilder   | inetstat.exe - Was ist das ? Hallo Flori5563
__________________ Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
 Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
11.08.2014, 18:53
| #3 |
| | inetstat.exe - Was ist das ? Hallo Timo,
__________________Vorab möchte ich noch sagen, dass ich derzeit die ganze Zeit noch probiert habe. Ich habe einmal den ESET Online Scanner verwendet habe. Ich weiß aber immernoch nicht, ob der Virus immernoch auf meinem PC ist. Im Folgenden findest Du noch die zwei Textdateien. //edit Dazu muss ich noch sagen : Ich bekomme zudem eine komische Startseite, die sich auch nichtmehr entfernen lässt. Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2014 01
Ran by Florian at 2014-08-11 19:52:31
Running from C:\Users\Florian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version: - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM-x32\...\Steam App 219540) (Version: - )
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version: - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version: - Bohemia Interactive)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Zombie, Inc.)
BlackShot Á¦°Å (HKLM-x32\...\BlackShot) (Version: - )
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Chivalry: Medieval Warfare Beta (HKLM-x32\...\Steam App 232210) (Version: - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Craften Terminal 4.0 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.0 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daylight (HKLM-x32\...\Steam App 230840) (Version: - Zombie Studios)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Disciples III: Renaissance (HKLM-x32\...\Steam App 33670) (Version: - Akella)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.45489 - Electronic Arts, Inc.)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version: - SEIKO EPSON Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1 Alpha - ETS2MP Team)
FileZilla Client 3.9.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
istartsurf uninstall (HKLM-x32\...\istartsurf uninstall) (Version: - istartsurf)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KeyCommander 1.3.1 (HKLM-x32\...\KeyCommander) (Version: 1.3.1 - fabi.me)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
MacroX 3.1 (HKLM-x32\...\MacroX) (Version: 3.1 - Uhrzeit.org)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MTA:SA v1.3.5 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.5 - Multi Theft Auto)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
REALTEK Wireless LAN Driver (HKLM-x32\...\{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}) (Version: 1.00.0192 - REALTEK Semiconductor Corp.)
Skype™ 6.14 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.14.104 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek GmbH)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3253947246-835676800-3242475936-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Florian\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3253947246-835676800-3242475936-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Florian\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
==================== Restore Points =========================
11-08-2014 10:53:22 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1831D568-FF81-4635-8582-DC36B24C341B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {230396C3-AEDD-4AEE-AC70-D23ADBFAD12E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {307FD13C-FF31-43A4-9E8B-07929AF358CC} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5CC83698-04AE-47E3-815C-C2B7EF069155} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {65777086-6ACA-406C-9B3F-77C3CFE165C7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-10] (Microsoft Corporation)
Task: {678619EC-27C3-4F6C-867B-82A2A21D120A} - System32\Tasks\AmiUpdXp => C:\Users\Florian\AppData\Local\10149\a25760.exe [2014-08-11] ()
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F45C1-C266-4187-98B3-C256ADD16D2B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-11] (AVAST Software)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E293BB24-CFF6-463A-8F75-402B8D6B2AF8} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EDB872D5-3E61-4A98-BA15-2E28BE815E40} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {F7895DBA-0A40-4EFA-880C-592D1390B7C5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Florian\AppData\Local\10149\a25760.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-05-01 00:48 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-28 18:17 - 2014-08-11 18:14 - 00098816 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-28 18:17 - 2014-08-11 18:14 - 00086016 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2014-02-28 15:33 - 2014-02-28 15:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:45 - 2014-02-27 15:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 15:41 - 2014-02-28 15:41 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-02-28 15:41 - 2014-02-28 15:41 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 15:42 - 2014-02-28 15:42 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 15:42 - 2014-02-28 15:42 - 00483784 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-08-11 18:29 - 2014-08-11 18:29 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-11 18:31 - 2014-08-11 18:31 - 02795520 _____ () C:\Program Files\AVAST Software\Avast\defs\14081101\algo.dll
2014-08-11 18:29 - 2014-08-11 18:29 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-26 16:53 - 2014-07-30 00:25 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-12 14:38 - 2014-07-12 02:53 - 01116672 _____ () F:\Steam\libavcodec-55.dll
2014-07-12 14:38 - 2014-07-12 02:53 - 00399360 _____ () F:\Steam\libavformat-55.dll
2014-07-12 14:38 - 2014-07-12 02:53 - 00331264 _____ () F:\Steam\libavresample-1.dll
2014-07-12 14:38 - 2014-07-12 02:53 - 00438784 _____ () F:\Steam\libavutil-53.dll
2014-07-03 18:18 - 2014-06-27 00:40 - 00764416 _____ () F:\Steam\SDL2.dll
2014-07-18 11:33 - 2014-07-16 04:28 - 02139328 _____ () F:\Steam\video.dll
2014-05-29 15:18 - 2014-04-29 02:37 - 00519168 _____ () F:\Steam\libswscale-2.dll
2014-07-18 11:33 - 2014-07-16 04:28 - 01116864 _____ () F:\Steam\bin\chromehtml.DLL
2014-05-29 15:18 - 2014-05-02 01:35 - 20628160 _____ () F:\Steam\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Florian\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Florian\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\Florian\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Florian\AppData\Roaming:NT
AlternateDataStreams: C:\Users\Florian\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKCU\...\StartupApproved\Run: => "InetStat"
==================== Faulty Device Manager Devices =============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/11/2014 06:41:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (08/11/2014 06:41:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (08/11/2014 06:40:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (08/11/2014 06:17:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm spotify.exe, Version 0.9.11.27 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7e4
Startzeit: 01cfb57fb3a75650
Endzeit: 4294967295
Anwendungspfad: C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
Berichts-ID: fb00d7e0-2172-11e4-826d-d43d7efb7149
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/11/2014 06:17:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.14.32.104 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1374
Startzeit: 01cfb57fae672686
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: f9af4c8b-2172-11e4-826d-d43d7efb7149
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/11/2014 06:14:52 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
Error: (08/11/2014 06:14:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1704
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5
Error: (08/11/2014 00:52:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/11/2014 00:51:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.14.32.104 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 7d0
Startzeit: 01cfb4bb4aa2a46f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: ef0b2350-20e0-11e4-826c-d43d7efb7149
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/11/2014 00:51:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1884
Startzeit: 01cfb4e165faa8b3
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID: ec419683-20e0-11e4-826c-d43d7efb7149
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (08/11/2014 06:29:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "avast! EmHWID" wurde aufgrund folgenden Fehlers nicht gestartet:
%%127
Error: (08/11/2014 06:21:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LMIGuardianSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/11/2014 06:17:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IePlugin Services" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/11/2014 00:48:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/10/2014 10:30:04 AM) (Source: DCOM) (EventID: 10010) (User: FLORIAN)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (08/09/2014 00:59:26 AM) (Source: DCOM) (EventID: 10010) (User: FLORIAN)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (08/09/2014 00:59:26 AM) (Source: DCOM) (EventID: 10010) (User: FLORIAN)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (08/09/2014 00:59:26 AM) (Source: DCOM) (EventID: 10010) (User: FLORIAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (08/09/2014 00:59:26 AM) (Source: DCOM) (EventID: 10010) (User: FLORIAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (08/09/2014 00:59:26 AM) (Source: DCOM) (EventID: 10010) (User: FLORIAN)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office Sessions:
=========================
Error: (08/11/2014 06:41:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
Error: (08/11/2014 06:41:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
Error: (08/11/2014 06:40:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
Error: (08/11/2014 06:17:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: spotify.exe0.9.11.277e401cfb57fb3a756504294967295C:\Users\Florian\AppData\Roaming\Spotify\spotify.exefb00d7e0-2172-11e4-826d-d43d7efb7149
Error: (08/11/2014 06:17:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.14.32.104137401cfb57fae6726864294967295C:\Program Files (x86)\Skype\Phone\Skype.exef9af4c8b-2172-11e4-826d-d43d7efb7149
Error: (08/11/2014 06:14:52 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
Error: (08/11/2014 06:14:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b170401cfb542404ac4b9C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll991fde66-2172-11e4-826d-d43d7efb7149
Error: (08/11/2014 00:52:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (08/11/2014 00:51:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.14.32.1047d001cfb4bb4aa2a46f4294967295C:\Program Files (x86)\Skype\Phone\Skype.exeef0b2350-20e0-11e4-826c-d43d7efb7149
Error: (08/11/2014 00:51:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.5310188401cfb4e165faa8b34294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exeec419683-20e0-11e4-826c-d43d7efb7149
==================== Memory info ===========================
Percentage of memory in use: 38%
Total physical RAM: 8148.37 MB
Available physical RAM: 5029.74 MB
Total Pagefile: 13751.89 MB
Available Pagefile: 11184.84 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:59.11 GB) (Free:1.51 GB) NTFS
Drive e: (NORTON) (CDROM) (Total:0.61 GB) (Free:0 GB) CDFS
Drive f: (Volume) (Fixed) (Total:1863.01 GB) (Free:1712.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 60 GB) (Disk ID: CC3E6161)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CC3E619B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Florian (administrator) on FLORIAN on 11-08-2014 19:52:05
Running from C:\Users\Florian\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Fuyu LIMITED) C:\Windows\Temp\_avast_\unp49253817.tmp
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Spotify Ltd) C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Valve Corporation) F:\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-08-11] (AVAST Software)
HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20917408 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Spotify Web Helper] => C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Spotify] => C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [InetStat] => C:\Users\Florian\AppData\Roaming\InetStat\inetstat.exe
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\MountPoints2: {dc874563-d0b7-11e3-824c-806e6f6e6963} - "E:\Start.exe"
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar905.lnk
ShortcutTarget: Sidebar905.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:4ec139011b /wow /dir:"C:\Program Files\AVAST Software\Avast"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M31CCA8BE-8829-4F5E-B65E-AABCCDFB04E4&SearchSource=55&CUI=&UM=5&UP=SP6CE73607-7E19-48E3-8BFA-DA5400BA76EE&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x707A52DCC564CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://www.bing.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\m7t6ivwh.default-1407774337751
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\45ssou7x.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-11]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.istartsurf.com/?type=sc&ts=1407773681&from=amt&uid=SanDiskXSD6SB1M064G_135192400901
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (YouTube) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (Google-Suche) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Google Mail) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR Extension: (Extutil) - C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-05-02]
CHR Extension: (Managera) - C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [694784 2014-08-11] (Cherished Technololgy LIMITED) [File not signed]
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-11] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-11] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-11] ()
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 19:52 - 2014-08-11 19:52 - 00016745 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-08-11 19:51 - 2014-08-11 19:52 - 00000000 ____D () C:\FRST
2014-08-11 19:48 - 2014-08-11 19:48 - 02099712 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-08-11 18:41 - 2014-08-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-11 18:39 - 2014-08-11 18:39 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2014-08-11 18:30 - 2014-08-11 18:53 - 149922450 _____ (Norman Shark AS) C:\Users\Florian\Downloads\Norman_Malware_Cleaner.exe.part
2014-08-11 18:29 - 2014-08-11 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1407774562265
2014-08-11 18:29 - 2014-08-11 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 18:29 - 2014-08-11 18:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:29 - 2014-08-11 18:29 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AVAST Software
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-11 18:27 - 2014-08-11 18:28 - 91906368 _____ (AVAST Software) C:\Users\Florian\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-11 18:25 - 2014-08-11 18:25 - 00000000 ____D () C:\Users\Florian\Desktop\Alte Firefox-Daten
2014-08-11 18:15 - 2014-08-11 19:45 - 00000368 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-08-11 18:15 - 2014-08-11 18:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\ContextFree
2014-08-11 18:15 - 2014-08-11 18:15 - 00003384 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-08-11 18:15 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\10149
2014-08-11 18:15 - 2014-08-11 18:15 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-11 18:14 - 2014-08-11 18:30 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-11 18:14 - 2014-08-11 18:20 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabulous_08111614
2014-08-11 18:14 - 2014-08-11 18:15 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-08-11 18:14 - 2014-08-11 18:14 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-11 18:14 - 2014-08-11 18:14 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\istartsurf
2014-08-11 18:13 - 2014-08-11 18:13 - 00578240 _____ () C:\Users\Florian\Downloads\Minecraft force op__8124_il14581.exe
2014-08-11 18:11 - 2014-08-11 18:11 - 00257752 _____ () C:\Users\Florian\Downloads\Minecraft Force Op.rar
2014-08-11 18:03 - 2014-08-11 18:03 - 00356864 _____ () C:\Users\Florian\Downloads\Minecraft.exe
2014-08-11 11:09 - 2014-08-11 11:09 - 04980105 _____ () C:\Users\Florian\Desktop\launcher^FTB_Launcher(1).exe
2014-08-10 19:21 - 2014-08-10 19:22 - 00000000 ____D () C:\Users\Florian\Desktop\Modxray
2014-08-07 13:00 - 2014-08-07 15:08 - 00000000 ____D () C:\Users\Florian\Desktop\Grand Theft Auto San Andreas
2014-08-07 13:00 - 2014-08-07 15:07 - 00000000 ____D () C:\Users\Florian\Desktop\FSX(1)
2014-08-07 10:23 - 2014-08-07 10:57 - 701897648 _____ () C:\Users\Florian\Desktop\FSX(1).rar
2014-08-06 21:19 - 2014-08-06 21:20 - 00033426 _____ () C:\Users\Florian\Downloads\FSX.rar
2014-08-06 20:58 - 2014-08-06 20:58 - 00675988 _____ () C:\Users\Florian\Desktop\Minecraft.exe
2014-08-06 20:48 - 2014-08-06 20:49 - 11990847 _____ () C:\Users\Florian\Downloads\sa-mp-0.3z-R1-install.exe
2014-08-06 20:15 - 2014-08-06 20:15 - 00000000 ___RD () C:\Users\Florian\Documents\Notes
2014-08-06 20:13 - 2014-08-06 20:13 - 00001474 _____ () C:\Users\Florian\Desktop\Windows Live Mail.lnk
2014-08-06 20:13 - 2014-08-06 20:13 - 00000453 _____ () C:\Users\Florian\Desktop\Minecraft - Verknüpfung.lnk
2014-08-06 20:12 - 2014-08-08 17:34 - 00000000 ___RD () C:\Users\Florian\Desktop\ä
2014-08-06 12:17 - 2014-08-11 18:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2014-08-06 12:13 - 2014-08-06 12:13 - 02632153 _____ () C:\Users\Florian\Downloads\forge-1.7.2-10.12.0.1024-installer.jar
2014-08-05 00:03 - 2014-08-05 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashRpt
2014-08-04 23:56 - 2014-08-11 00:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\wf-launcher
2014-08-04 23:56 - 2014-08-11 00:31 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-03 20:42 - 2014-08-03 23:57 - 00000000 ____D () C:\Users\Florian\Documents\FIFA World
2014-08-03 20:23 - 2014-08-03 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-08-03 17:41 - 2014-08-03 17:42 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Florian\Downloads\EASportsFIFAWorld.exe
2014-08-01 17:23 - 2014-08-01 17:23 - 00000609 _____ () C:\Users\Florian\Documents\Standard.mvc
2014-08-01 17:19 - 2014-08-06 12:10 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-01 17:18 - 2014-08-01 17:19 - 23178493 _____ (Craften.de ) C:\Users\Florian\Downloads\craftenterminal.exe
2014-08-01 00:35 - 2014-08-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
2014-08-01 00:33 - 2014-08-01 00:35 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3
2014-08-01 00:32 - 2014-08-01 00:33 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.4
2014-08-01 00:31 - 2014-08-01 00:31 - 21830784 _____ (Multi Theft Auto) C:\Users\Florian\Downloads\mtasa-1.4.exe
2014-07-30 14:35 - 2014-07-30 14:45 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-30 14:32 - 2014-07-30 14:32 - 05981830 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-29 23:59 - 2014-07-29 23:59 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-07-29 23:56 - 2014-07-30 00:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Winamp
2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 23:53 - 2014-07-29 23:53 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Winamp Installer.exe
2014-07-29 23:51 - 2014-07-29 23:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe
2014-07-29 18:05 - 2014-08-10 11:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\paul.bv96@yahoo.com
2014-07-29 18:05 - 2014-07-29 18:05 - 00029718 _____ () C:\Users\Florian\Downloads\SAMP_KeyBinder.zip
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-28 19:16 - 2014-07-28 19:16 - 00000880 _____ () C:\Users\Florian\Downloads\Dokumente - Verknüpfung.lnk
2014-07-26 20:55 - 2014-07-26 20:55 - 04873530 _____ () C:\Users\Florian\Downloads\Cops.rar
2014-07-25 22:08 - 2014-07-25 22:08 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Avast Installer.exe
2014-07-24 20:13 - 2014-07-24 20:27 - 00004841 _____ () C:\Users\Florian\Documents\TombRaider.log
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-17 18:36 - 2014-07-17 18:36 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-17 18:36 - 2014-07-17 18:36 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-07-17 18:36 - 2014-07-11 23:15 - 03130440 _____ () C:\Windows\SysWOW64\pbsvc_blr.exe
2014-07-15 16:21 - 2014-07-15 16:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00169004 _____ () C:\Users\Florian\Downloads\KeyCommander-1.3.1-setup.exe
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\Program Files (x86)\fabi.me
2014-07-15 15:40 - 2014-08-11 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-07-15 15:39 - 2014-07-15 15:39 - 11878040 _____ (AutoIt Team) C:\Users\Florian\Downloads\autoit-v3-setup.exe
2014-07-15 15:35 - 2014-07-15 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 15:35 - 2014-07-15 15:36 - 00000000 ____D () C:\Program Files (x86)\MacroX
2014-07-15 15:35 - 2014-07-15 15:35 - 02480915 _____ () C:\Users\Florian\Downloads\macrox!.exe
2014-07-15 15:35 - 2014-07-15 15:35 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\MacroX.lnk
2014-07-15 15:35 - 2014-07-15 15:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 14:49 - 2014-07-15 14:49 - 02714169 _____ () C:\Users\Florian\Downloads\minecraft_trn7.zip
2014-07-12 13:21 - 2014-07-12 13:21 - 00296288 _____ () C:\Windows\Minidump\071214-4203-01.dmp
2014-07-12 13:21 - 2014-07-12 13:21 - 00000000 ____D () C:\Windows\Minidump
2014-07-12 00:10 - 2014-07-12 00:10 - 00014421 _____ () C:\Users\Florian\Downloads\ServerOS-Disk
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-11 19:52 - 2014-08-11 19:52 - 00016745 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-08-11 19:52 - 2014-08-11 19:51 - 00000000 ____D () C:\FRST
2014-08-11 19:48 - 2014-08-11 19:48 - 02099712 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-08-11 19:45 - 2014-08-11 18:15 - 00000368 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-08-11 19:36 - 2014-05-01 00:47 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3253947246-835676800-3242475936-1001
2014-08-11 19:22 - 2014-07-04 19:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-11 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-11 18:53 - 2014-08-11 18:30 - 149922450 _____ (Norman Shark AS) C:\Users\Florian\Downloads\Norman_Malware_Cleaner.exe.part
2014-08-11 18:45 - 2014-05-01 00:38 - 01153071 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 18:41 - 2014-08-11 18:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-11 18:39 - 2014-08-11 18:39 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2014-08-11 18:30 - 2014-08-11 18:14 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-08-11 18:29 - 2014-08-11 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1407774562265
2014-08-11 18:29 - 2014-08-11 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 18:29 - 2014-08-11 18:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:29 - 2014-08-11 18:29 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AVAST Software
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:27 - 91906368 _____ (AVAST Software) C:\Users\Florian\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-11 18:25 - 2014-08-11 18:25 - 00000000 ____D () C:\Users\Florian\Desktop\Alte Firefox-Daten
2014-08-11 18:21 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\ContextFree
2014-08-11 18:21 - 2014-07-15 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-08-11 18:21 - 2013-08-22 22:59 - 00000000 ____D () C:\Windows\ShellNew
2014-08-11 18:20 - 2014-08-11 18:14 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabulous_08111614
2014-08-11 18:18 - 2014-05-01 01:07 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2014-08-11 18:17 - 2014-07-11 23:12 - 00000000 ____D () C:\Users\Florian\AppData\Local\LogMeIn Hamachi
2014-08-11 18:17 - 2014-05-29 13:44 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2014-08-11 18:17 - 2014-05-01 15:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2014-08-11 18:16 - 2014-05-01 00:44 - 00000000 __RDO () C:\Users\Florian\SkyDrive
2014-08-11 18:15 - 2014-08-11 18:15 - 00003384 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-08-11 18:15 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\10149
2014-08-11 18:15 - 2014-08-11 18:15 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-11 18:15 - 2014-08-11 18:14 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-08-11 18:14 - 2014-08-11 18:14 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-11 18:14 - 2014-08-11 18:14 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\istartsurf
2014-08-11 18:14 - 2014-06-26 16:53 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-11 18:14 - 2014-05-01 00:56 - 00002361 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-11 18:14 - 2014-05-01 00:42 - 00001652 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-11 18:13 - 2014-08-11 18:13 - 00578240 _____ () C:\Users\Florian\Downloads\Minecraft force op__8124_il14581.exe
2014-08-11 18:11 - 2014-08-11 18:11 - 00257752 _____ () C:\Users\Florian\Downloads\Minecraft Force Op.rar
2014-08-11 18:03 - 2014-08-11 18:03 - 00356864 _____ () C:\Users\Florian\Downloads\Minecraft.exe
2014-08-11 18:03 - 2014-08-06 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2014-08-11 11:29 - 2014-07-11 22:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\ftblauncher
2014-08-11 11:09 - 2014-08-11 11:09 - 04980105 _____ () C:\Users\Florian\Desktop\launcher^FTB_Launcher(1).exe
2014-08-11 00:58 - 2014-05-01 00:43 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-11 00:58 - 2013-09-12 11:43 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-08-11 00:58 - 2013-09-12 11:43 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-08-11 00:52 - 2014-08-04 23:56 - 00000000 ____D () C:\Users\Florian\AppData\Local\wf-launcher
2014-08-11 00:52 - 2014-05-01 00:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-11 00:52 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 00:52 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-11 00:31 - 2014-08-04 23:56 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-10 19:22 - 2014-08-10 19:21 - 00000000 ____D () C:\Users\Florian\Desktop\Modxray
2014-08-10 11:35 - 2014-07-29 18:05 - 00000000 ____D () C:\Users\Florian\AppData\Local\paul.bv96@yahoo.com
2014-08-09 22:27 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-08 17:34 - 2014-08-06 20:12 - 00000000 ___RD () C:\Users\Florian\Desktop\ä
2014-08-07 15:08 - 2014-08-07 13:00 - 00000000 ____D () C:\Users\Florian\Desktop\Grand Theft Auto San Andreas
2014-08-07 15:07 - 2014-08-07 13:00 - 00000000 ____D () C:\Users\Florian\Desktop\FSX(1)
2014-08-07 10:57 - 2014-08-07 10:23 - 701897648 _____ () C:\Users\Florian\Desktop\FSX(1).rar
2014-08-06 21:20 - 2014-08-06 21:19 - 00033426 _____ () C:\Users\Florian\Downloads\FSX.rar
2014-08-06 20:58 - 2014-08-06 20:58 - 00675988 _____ () C:\Users\Florian\Desktop\Minecraft.exe
2014-08-06 20:50 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\Florian\AppData\Local\Packages
2014-08-06 20:49 - 2014-08-06 20:48 - 11990847 _____ () C:\Users\Florian\Downloads\sa-mp-0.3z-R1-install.exe
2014-08-06 20:15 - 2014-08-06 20:15 - 00000000 ___RD () C:\Users\Florian\Documents\Notes
2014-08-06 20:13 - 2014-08-06 20:13 - 00001474 _____ () C:\Users\Florian\Desktop\Windows Live Mail.lnk
2014-08-06 20:13 - 2014-08-06 20:13 - 00000453 _____ () C:\Users\Florian\Desktop\Minecraft - Verknüpfung.lnk
2014-08-06 17:49 - 2014-06-26 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:49 - 2014-05-01 00:36 - 00057824 _____ () C:\Windows\PFRO.log
2014-08-06 17:06 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2014-08-06 12:13 - 2014-08-06 12:13 - 02632153 _____ () C:\Users\Florian\Downloads\forge-1.7.2-10.12.0.1024-installer.jar
2014-08-06 12:10 - 2014-08-01 17:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Craften Terminal
2014-08-05 00:03 - 2014-08-05 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashRpt
2014-08-03 23:57 - 2014-08-03 20:42 - 00000000 ____D () C:\Users\Florian\Documents\FIFA World
2014-08-03 20:42 - 2014-06-04 17:51 - 00000000 ____D () C:\ProgramData\Origin
2014-08-03 20:23 - 2014-08-03 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-08-03 20:23 - 2014-05-02 17:34 - 00133208 _____ () C:\Windows\DirectX.log
2014-08-03 20:04 - 2014-06-04 17:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-03 17:42 - 2014-08-03 17:41 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Florian\Downloads\EASportsFIFAWorld.exe
2014-08-03 17:42 - 2014-06-04 17:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-01 17:23 - 2014-08-01 17:23 - 00000609 _____ () C:\Users\Florian\Documents\Standard.mvc
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:18 - 23178493 _____ (Craften.de ) C:\Users\Florian\Downloads\craftenterminal.exe
2014-08-01 00:35 - 2014-08-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
2014-08-01 00:35 - 2014-08-01 00:33 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3
2014-08-01 00:33 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.4
2014-08-01 00:31 - 2014-08-01 00:31 - 21830784 _____ (Multi Theft Auto) C:\Users\Florian\Downloads\mtasa-1.4.exe
2014-07-30 14:45 - 2014-07-30 14:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-30 14:32 - 2014-07-30 14:32 - 05981830 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-30 00:25 - 2014-06-26 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 00:06 - 2014-07-29 23:56 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Winamp
2014-07-29 23:59 - 2014-07-29 23:59 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-07-29 23:59 - 2013-08-22 16:46 - 00015110 _____ () C:\Windows\setupact.log
2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 23:53 - 2014-07-29 23:53 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Winamp Installer.exe
2014-07-29 23:51 - 2014-07-29 23:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe
2014-07-29 21:11 - 2014-05-01 14:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-29 18:05 - 2014-07-29 18:05 - 00029718 _____ () C:\Users\Florian\Downloads\SAMP_KeyBinder.zip
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-28 19:16 - 2014-07-28 19:16 - 00000880 _____ () C:\Users\Florian\Downloads\Dokumente - Verknüpfung.lnk
2014-07-28 15:33 - 2014-05-19 13:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\ftblauncher
2014-07-26 20:55 - 2014-07-26 20:55 - 04873530 _____ () C:\Users\Florian\Downloads\Cops.rar
2014-07-25 22:08 - 2014-07-25 22:08 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Avast Installer.exe
2014-07-25 21:56 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Origin
2014-07-25 21:56 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Origin
2014-07-24 20:27 - 2014-07-24 20:13 - 00004841 _____ () C:\Users\Florian\Documents\TombRaider.log
2014-07-24 16:52 - 2014-05-09 16:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Windows Live Writer
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-21 16:11 - 2014-06-30 19:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\SpinTires
2014-07-17 18:36 - 2014-07-17 18:36 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-17 18:36 - 2014-07-17 18:36 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-07-15 16:21 - 2014-07-15 16:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00169004 _____ () C:\Users\Florian\Downloads\KeyCommander-1.3.1-setup.exe
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\Program Files (x86)\fabi.me
2014-07-15 15:39 - 2014-07-15 15:39 - 11878040 _____ (AutoIt Team) C:\Users\Florian\Downloads\autoit-v3-setup.exe
2014-07-15 15:36 - 2014-07-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 15:36 - 2014-07-15 15:35 - 00000000 ____D () C:\Program Files (x86)\MacroX
2014-07-15 15:36 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-07-15 15:35 - 2014-07-15 15:35 - 02480915 _____ () C:\Users\Florian\Downloads\macrox!.exe
2014-07-15 15:35 - 2014-07-15 15:35 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\MacroX.lnk
2014-07-15 15:35 - 2014-07-15 15:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 14:49 - 2014-07-15 14:49 - 02714169 _____ () C:\Users\Florian\Downloads\minecraft_trn7.zip
2014-07-13 15:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-07-12 13:21 - 2014-07-12 13:21 - 00296288 _____ () C:\Windows\Minidump\071214-4203-01.dmp
2014-07-12 13:21 - 2014-07-12 13:21 - 00000000 ____D () C:\Windows\Minidump
2014-07-12 00:10 - 2014-07-12 00:10 - 00014421 _____ () C:\Users\Florian\Downloads\ServerOS-Disk
Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\nscB656.exe
C:\Users\Florian\AppData\Local\Temp\nslA563.exe
C:\Users\Florian\AppData\Local\Temp\nspA211.exe
C:\Users\Florian\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-06 17:17
==================== End Of Log ============================
--- --- --- Mit freundlichen Grüßen, Florian |
|
11.08.2014, 21:54
| #4 |
| /// TB-Ausbilder | inetstat.exe - Was ist das ? Gibts vom ESET Online Scan noch nen Log ?
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
11.08.2014, 22:02
| #5 |
| /// TB-Ausbilder | inetstat.exe - Was ist das ? Adware & Co. deinstallieren
Ausserdem deinstallieren:
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade Dir bitte  Malwarebytes Anti-Malware
Starte noch einmal FRST.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
12.08.2014, 00:00
| #6 |
| | inetstat.exe - Was ist das ? Servus Timo, Nun sieht es doch mittlerweile sehr gut aus. Im Folgenden findest Du die Textdateien! Achja, ich hab die Anleitung für den Revo Uninstaller nicht gut verstanden. Ich hoffe, es ist trotzdem ok, dass ich es ausgelassen habe. Junkware Remove Tool Textdatei : Code:
ATTFilter # AdwCleaner v3.304 - Bericht erstellt am 12/08/2014 um 00:37:16
# Aktualisiert 08/08/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Florian - FLORIAN
# Gestartet von : C:\Users\Florian\Downloads\adwcleaner_3.304.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : IePluginServices
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Florian\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
***** [ Tasks ] *****
Task Gelöscht : AmiUpdXp
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Florian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EAB5257A-1FB3-474C-9B42-231F52622E72}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Fabulous
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\m7t6ivwh.default-1407774337751\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
*************************
AdwCleaner[R0].txt - [8033 octets] - [12/08/2014 00:36:34]
AdwCleaner[S0].txt - [5779 octets] - [12/08/2014 00:37:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5839 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 12.08.2014 Suchlauf-Zeit: 00:41:39 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.11.08 Rootkit Datenbank: v2014.08.04.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Florian Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 322308 Verstrichene Zeit: 4 Min, 54 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 2 PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, In Quarantäne, [94c04f76700b60d62fd8defa4ab8f40c], PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, In Quarantäne, [ef6563625625a19562bbc411d2309769], Registrierungswerte: 1 PUP.Optional.FastStart.A, HKU\S-1-5-21-3253947246-835676800-3242475936-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, In Quarantäne, [db7919acb7c40a2cbe198b56679b0cf4] Registrierungsdaten: 0 (No malicious items detected) Ordner: 6 PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [5ff5636256255cda401ad2face349f61], PUP.Optional.Managera.A, C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [df756e57324967cf7ddee6e6649e2bd5], PUP.Optional.Fabulous.Discounts.T, C:\Users\Florian\AppData\Local\fabulous_08111614, In Quarantäne, [e96bb80d710a8da9a5a0814d0cf6e51b], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code, In Quarantäne, [ef6563625625a19562bbc411d2309769], Dateien: 57 PUP.Optional.SearchProtect.A, C:\Users\Florian\AppData\Local\Temp\nscB656.exe, In Quarantäne, [490bf7cedba04de9ee30b183e21fef11], PUP.Optional.Conduit.A, C:\Users\Florian\AppData\Local\Temp\nslA563.exe, In Quarantäne, [045075504d2e58deeb189fee30d1b848], PUP.Optional.SearchProtect.A, C:\Users\Florian\AppData\Local\Temp\nspA211.exe, In Quarantäne, [c98b398c671441f5a17d1024887944bc], PUP.Optional.Conduit.A, C:\Users\Florian\AppData\Local\Temp\nsz6F38\SpSetup.exe, In Quarantäne, [ea6ab70e7704fb3b62ac31f814edaf51], PUP.Optional.Conduit.A, C:\Windows\Temp\nsa1947.exe, In Quarantäne, [a5afb70e8fecb97d9a69810c9f62d828], PUP.Optional.Conduit.A, C:\Windows\Temp\nsaEF9A.exe, In Quarantäne, [6aea428380fbc17534cfbdd0c53c1ee2], PUP.Optional.Conduit.A, C:\Windows\Temp\nsd5F72.exe, In Quarantäne, [76de9c29fc7ff442d1327b1239c8ba46], PUP.Optional.Conduit.A, C:\Windows\Temp\nsf7366.exe, In Quarantäne, [d480f1d47b0058de01028ffe857cd42c], PUP.Optional.Conduit.A, C:\Windows\Temp\nsfEB76.exe, In Quarantäne, [59fbdbea8eed251106fdc8c5fe0346ba], PUP.Optional.Conduit.A, C:\Windows\Temp\nsfFA03.exe, In Quarantäne, [2f252c998fec6ccad42f64292cd5bc44], PUP.Optional.Conduit.A, C:\Windows\Temp\nsgCB4.exe, In Quarantäne, [2f256b5a2e4dec4a25decbc2cd348977], PUP.Optional.Conduit.A, C:\Windows\Temp\nsi51A6.exe, In Quarantäne, [a6ae18ad324938fe0201cebf40c15fa1], PUP.Optional.Conduit.A, C:\Windows\Temp\nsi6106.exe, In Quarantäne, [dd77d4f1166571c560a3038a2cd58878], PUP.Optional.Conduit.A, C:\Windows\Temp\nskFBA1.exe, In Quarantäne, [441007bec0bb58de5da68effda274ab6], PUP.Optional.Conduit.A, C:\Windows\Temp\nsm7C6E.exe, In Quarantäne, [f85cd0f5106b25112ed5cebf28d9837d], PUP.Optional.Conduit.A, C:\Windows\Temp\nsm896F.exe, In Quarantäne, [4014774e6e0d8caa699adab3e51c956b], PUP.Optional.Conduit.A, C:\Windows\Temp\nso54C9.exe, In Quarantäne, [84d016af04776acc7390a8e5d0314cb4], PUP.Optional.Conduit.A, C:\Windows\Temp\nsq16F0.exe, In Quarantäne, [c391467fef8ca096c241d2bb19e85ca4], PUP.Optional.Conduit.A, C:\Windows\Temp\nsq2355.exe, In Quarantäne, [4e065c691f5c68ceef145c319d64e11f], PUP.Optional.Conduit.A, C:\Windows\Temp\nsr44D9.exe, In Quarantäne, [96be349125563105ea199cf14cb54ab6], PUP.Optional.Conduit.A, C:\Windows\Temp\nsw9D3.exe, In Quarantäne, [86ce15b0c8b36accdd26f09ddc25e31d], PUP.Optional.Conduit.A, C:\Windows\Temp\nszDE07.exe, In Quarantäne, [8ec6566fa8d366d0d42f9feebf42dd23], PUP.Optional.Amonetize, C:\Users\Florian\Downloads\Minecraft force op__8124_il14581.exe, In Quarantäne, [f163b411c7b4f640112784240ef38080], PUP.Hacktool, C:\Users\Florian\Downloads\minecraft_trn7.zip, In Quarantäne, [282cedd83645c76fdc1a77fec23e21df], PUP.Optional.Amonetize, C:\Users\Florian\AppData\Local\10149\a25760.exe, In Quarantäne, [dc7830956a11cc6a7340bde443be8977], PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, In Quarantäne, [aaaa279e7cff92a4aa9237a2877b768a], PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [5ff5636256255cda401ad2face349f61], PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [5ff5636256255cda401ad2face349f61], PUP.Optional.Extutil.A, C:\Users\Florian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [5ff5636256255cda401ad2face349f61], PUP.Optional.Managera.A, C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [df756e57324967cf7ddee6e6649e2bd5], PUP.Optional.Managera.A, C:\Users\Florian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [df756e57324967cf7ddee6e6649e2bd5], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\277.json, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\MessageBox.xml, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\uninstallDlg2.xml, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\UninstallManager.exe, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\bg.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\bg1.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\bk_shadow.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\button.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\button1.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\checkbox.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\checkbox_select.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\checked.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\close.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\loading_bg.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\loading_light.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\min.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\scrollbar.bmp, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\Thumbs.db, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\unchecked.png, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code1.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code2.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code3.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code4.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code5.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\code6.jpg, In Quarantäne, [ef6563625625a19562bbc411d2309769], PUP.Optional.IStartSurf.A, C:\Users\Florian\AppData\Roaming\istartsurf\images\code\Thumbs.db, In Quarantäne, [ef6563625625a19562bbc411d2309769], Physische Sektoren: 0 (No malicious items detected) (end) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Florian (administrator) on FLORIAN on 12-08-2014 00:57:49
Running from C:\Users\Florian\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Spotify Ltd) C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-11] (AVAST Software)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20917408 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Spotify Web Helper] => C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\Run: [Spotify] => C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe [6162488 2014-07-09] (Spotify Ltd)
HKU\S-1-5-21-3253947246-835676800-3242475936-1001\...\MountPoints2: {dc874563-d0b7-11e3-824c-806e6f6e6963} - "E:\Start.exe"
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar905.lnk
ShortcutTarget: Sidebar905.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x707A52DCC564CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\m7t6ivwh.default-1407774337751
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-11]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (YouTube) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-01]
CHR Extension: (Google-Suche) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Google Wallet) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Google Mail) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-11] (AVAST Software)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-11] ()
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-12 00:57 - 2014-08-12 00:57 - 00009909 _____ () C:\Users\Florian\Desktop\mbam.txt
2014-08-12 00:53 - 2014-08-12 00:53 - 00006239 _____ () C:\Users\Florian\Desktop\Neu.txt
2014-08-12 00:40 - 2014-08-12 00:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 00:40 - 2014-08-12 00:40 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-12 00:40 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-12 00:40 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-12 00:39 - 2014-08-12 00:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-12 00:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-12 00:35 - 2014-08-12 00:37 - 00000000 ____D () C:\AdwCleaner
2014-08-12 00:35 - 2014-08-12 00:35 - 01366203 _____ () C:\Users\Florian\Downloads\adwcleaner_3.304.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Florian\Downloads\revosetup95.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 00001280 _____ () C:\Users\Florian\Desktop\Revo Uninstaller.lnk
2014-08-12 00:28 - 2014-08-12 00:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-11 19:52 - 2014-08-12 00:57 - 00011596 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-08-11 19:52 - 2014-08-11 19:52 - 00035498 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-08-11 19:51 - 2014-08-12 00:57 - 00000000 ____D () C:\FRST
2014-08-11 19:48 - 2014-08-11 19:48 - 02099712 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-08-11 18:39 - 2014-08-11 18:39 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2014-08-11 18:30 - 2014-08-11 18:53 - 149922450 _____ (Norman Shark AS) C:\Users\Florian\Downloads\Norman_Malware_Cleaner.exe.part
2014-08-11 18:29 - 2014-08-11 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 18:29 - 2014-08-11 18:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:29 - 2014-08-11 18:29 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AVAST Software
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-11 18:27 - 2014-08-11 18:28 - 91906368 _____ (AVAST Software) C:\Users\Florian\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-11 18:25 - 2014-08-11 18:25 - 00000000 ____D () C:\Users\Florian\Desktop\Alte Firefox-Daten
2014-08-11 18:15 - 2014-08-12 00:53 - 00000000 ____D () C:\Users\Florian\AppData\Local\10149
2014-08-11 18:15 - 2014-08-11 18:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\ContextFree
2014-08-11 18:11 - 2014-08-11 18:11 - 00257752 _____ () C:\Users\Florian\Downloads\Minecraft Force Op.rar
2014-08-11 18:03 - 2014-08-11 18:03 - 00356864 _____ () C:\Users\Florian\Downloads\Minecraft.exe
2014-08-11 11:09 - 2014-08-11 11:09 - 04980105 _____ () C:\Users\Florian\Desktop\launcher^FTB_Launcher(1).exe
2014-08-10 19:21 - 2014-08-10 19:22 - 00000000 ____D () C:\Users\Florian\Desktop\Modxray
2014-08-07 13:00 - 2014-08-07 15:08 - 00000000 ____D () C:\Users\Florian\Desktop\Grand Theft Auto San Andreas
2014-08-07 13:00 - 2014-08-07 15:07 - 00000000 ____D () C:\Users\Florian\Desktop\FSX(1)
2014-08-07 10:23 - 2014-08-07 10:57 - 701897648 _____ () C:\Users\Florian\Desktop\FSX(1).rar
2014-08-06 21:19 - 2014-08-06 21:20 - 00033426 _____ () C:\Users\Florian\Downloads\FSX.rar
2014-08-06 20:58 - 2014-08-06 20:58 - 00675988 _____ () C:\Users\Florian\Desktop\Minecraft.exe
2014-08-06 20:48 - 2014-08-06 20:49 - 11990847 _____ () C:\Users\Florian\Downloads\sa-mp-0.3z-R1-install.exe
2014-08-06 20:15 - 2014-08-06 20:15 - 00000000 ___RD () C:\Users\Florian\Documents\Notes
2014-08-06 20:13 - 2014-08-06 20:13 - 00001474 _____ () C:\Users\Florian\Desktop\Windows Live Mail.lnk
2014-08-06 20:13 - 2014-08-06 20:13 - 00000453 _____ () C:\Users\Florian\Desktop\Minecraft - Verknüpfung.lnk
2014-08-06 20:12 - 2014-08-08 17:34 - 00000000 ___RD () C:\Users\Florian\Desktop\ä
2014-08-06 12:17 - 2014-08-11 20:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2014-08-06 12:13 - 2014-08-06 12:13 - 02632153 _____ () C:\Users\Florian\Downloads\forge-1.7.2-10.12.0.1024-installer.jar
2014-08-05 00:03 - 2014-08-05 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashRpt
2014-08-04 23:56 - 2014-08-11 00:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\wf-launcher
2014-08-04 23:56 - 2014-08-11 00:31 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-03 20:42 - 2014-08-03 23:57 - 00000000 ____D () C:\Users\Florian\Documents\FIFA World
2014-08-03 20:23 - 2014-08-03 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-08-03 17:41 - 2014-08-03 17:42 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Florian\Downloads\EASportsFIFAWorld.exe
2014-08-01 17:23 - 2014-08-01 17:23 - 00000609 _____ () C:\Users\Florian\Documents\Standard.mvc
2014-08-01 17:19 - 2014-08-06 12:10 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-01 17:18 - 2014-08-01 17:19 - 23178493 _____ (Craften.de ) C:\Users\Florian\Downloads\craftenterminal.exe
2014-08-01 00:35 - 2014-08-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
2014-08-01 00:33 - 2014-08-01 00:35 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3
2014-08-01 00:32 - 2014-08-01 00:33 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.4
2014-08-01 00:31 - 2014-08-01 00:31 - 21830784 _____ (Multi Theft Auto) C:\Users\Florian\Downloads\mtasa-1.4.exe
2014-07-30 14:35 - 2014-07-30 14:45 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-30 14:32 - 2014-07-30 14:32 - 05981830 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-29 23:59 - 2014-07-29 23:59 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-07-29 23:56 - 2014-07-30 00:06 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Winamp
2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 23:53 - 2014-07-29 23:53 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Winamp Installer.exe
2014-07-29 23:51 - 2014-07-29 23:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe
2014-07-29 18:05 - 2014-08-10 11:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\paul.bv96@yahoo.com
2014-07-29 18:05 - 2014-07-29 18:05 - 00029718 _____ () C:\Users\Florian\Downloads\SAMP_KeyBinder.zip
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-28 19:16 - 2014-07-28 19:16 - 00000880 _____ () C:\Users\Florian\Downloads\Dokumente - Verknüpfung.lnk
2014-07-26 20:55 - 2014-07-26 20:55 - 04873530 _____ () C:\Users\Florian\Downloads\Cops.rar
2014-07-25 22:08 - 2014-07-25 22:08 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Avast Installer.exe
2014-07-24 20:13 - 2014-07-24 20:27 - 00004841 _____ () C:\Users\Florian\Documents\TombRaider.log
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-17 18:36 - 2014-07-17 18:36 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-17 18:36 - 2014-07-17 18:36 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-07-15 16:21 - 2014-07-15 16:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00169004 _____ () C:\Users\Florian\Downloads\KeyCommander-1.3.1-setup.exe
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\Program Files (x86)\fabi.me
2014-07-15 15:40 - 2014-08-11 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-07-15 15:39 - 2014-07-15 15:39 - 11878040 _____ (AutoIt Team) C:\Users\Florian\Downloads\autoit-v3-setup.exe
2014-07-15 15:35 - 2014-07-15 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 15:35 - 2014-07-15 15:36 - 00000000 ____D () C:\Program Files (x86)\MacroX
2014-07-15 15:35 - 2014-07-15 15:35 - 02480915 _____ () C:\Users\Florian\Downloads\macrox!.exe
2014-07-15 15:35 - 2014-07-15 15:35 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\MacroX.lnk
2014-07-15 15:35 - 2014-07-15 15:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MacroX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-12 00:58 - 2014-08-11 19:52 - 00011596 _____ () C:\Users\Florian\Downloads\FRST.txt
2014-08-12 00:57 - 2014-08-12 00:57 - 00009909 _____ () C:\Users\Florian\Desktop\mbam.txt
2014-08-12 00:57 - 2014-08-11 19:51 - 00000000 ____D () C:\FRST
2014-08-12 00:56 - 2014-08-12 00:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-12 00:55 - 2014-05-01 15:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2014-08-12 00:54 - 2014-07-11 23:12 - 00000000 ____D () C:\Users\Florian\AppData\Local\LogMeIn Hamachi
2014-08-12 00:54 - 2014-05-29 13:44 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Spotify
2014-08-12 00:54 - 2014-05-01 01:07 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2014-08-12 00:54 - 2014-05-01 00:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-12 00:54 - 2014-05-01 00:44 - 00000000 __RDO () C:\Users\Florian\SkyDrive
2014-08-12 00:54 - 2014-05-01 00:36 - 00077186 _____ () C:\Windows\PFRO.log
2014-08-12 00:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Performance
2014-08-12 00:54 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-12 00:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-12 00:53 - 2014-08-12 00:53 - 00006239 _____ () C:\Users\Florian\Desktop\Neu.txt
2014-08-12 00:53 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\10149
2014-08-12 00:43 - 2014-05-01 00:47 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3253947246-835676800-3242475936-1001
2014-08-12 00:43 - 2014-05-01 00:43 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-12 00:43 - 2013-09-12 11:43 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-08-12 00:43 - 2013-09-12 11:43 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-08-12 00:40 - 2014-08-12 00:40 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-12 00:40 - 2014-08-12 00:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-12 00:40 - 2014-08-12 00:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Florian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-12 00:37 - 2014-08-12 00:35 - 00000000 ____D () C:\AdwCleaner
2014-08-12 00:37 - 2014-06-26 16:53 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-12 00:37 - 2014-05-01 00:56 - 00001112 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-12 00:37 - 2014-05-01 00:42 - 00001011 _____ () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-12 00:35 - 2014-08-12 00:35 - 01366203 _____ () C:\Users\Florian\Downloads\adwcleaner_3.304.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Florian\Downloads\revosetup95.exe
2014-08-12 00:28 - 2014-08-12 00:28 - 00001280 _____ () C:\Users\Florian\Desktop\Revo Uninstaller.lnk
2014-08-12 00:28 - 2014-08-12 00:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-12 00:22 - 2014-07-04 19:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-12 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-11 22:49 - 2014-05-01 00:38 - 01164524 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 22:11 - 2014-07-11 22:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\ftblauncher
2014-08-11 20:29 - 2014-08-06 12:17 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\.minecraft
2014-08-11 19:52 - 2014-08-11 19:52 - 00035498 _____ () C:\Users\Florian\Downloads\Addition.txt
2014-08-11 19:48 - 2014-08-11 19:48 - 02099712 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2014-08-11 18:53 - 2014-08-11 18:30 - 149922450 _____ (Norman Shark AS) C:\Users\Florian\Downloads\Norman_Malware_Cleaner.exe.part
2014-08-11 18:39 - 2014-08-11 18:39 - 02347384 _____ (ESET) C:\Users\Florian\Downloads\esetsmartinstaller_deu.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-11 18:29 - 2014-08-11 18:29 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-11 18:29 - 2014-08-11 18:29 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-11 18:29 - 2014-08-11 18:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-11 18:29 - 2014-08-11 18:29 - 00001982 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AVAST Software
2014-08-11 18:29 - 2014-08-11 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:28 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-11 18:28 - 2014-08-11 18:27 - 91906368 _____ (AVAST Software) C:\Users\Florian\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-11 18:25 - 2014-08-11 18:25 - 00000000 ____D () C:\Users\Florian\Desktop\Alte Firefox-Daten
2014-08-11 18:21 - 2014-08-11 18:15 - 00000000 ____D () C:\Users\Florian\AppData\Local\ContextFree
2014-08-11 18:21 - 2014-07-15 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-08-11 18:21 - 2013-08-22 22:59 - 00000000 ____D () C:\Windows\ShellNew
2014-08-11 18:11 - 2014-08-11 18:11 - 00257752 _____ () C:\Users\Florian\Downloads\Minecraft Force Op.rar
2014-08-11 18:03 - 2014-08-11 18:03 - 00356864 _____ () C:\Users\Florian\Downloads\Minecraft.exe
2014-08-11 11:09 - 2014-08-11 11:09 - 04980105 _____ () C:\Users\Florian\Desktop\launcher^FTB_Launcher(1).exe
2014-08-11 00:52 - 2014-08-04 23:56 - 00000000 ____D () C:\Users\Florian\AppData\Local\wf-launcher
2014-08-11 00:31 - 2014-08-04 23:56 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-10 19:22 - 2014-08-10 19:21 - 00000000 ____D () C:\Users\Florian\Desktop\Modxray
2014-08-10 11:35 - 2014-07-29 18:05 - 00000000 ____D () C:\Users\Florian\AppData\Local\paul.bv96@yahoo.com
2014-08-09 22:27 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-08-08 17:34 - 2014-08-06 20:12 - 00000000 ___RD () C:\Users\Florian\Desktop\ä
2014-08-07 15:08 - 2014-08-07 13:00 - 00000000 ____D () C:\Users\Florian\Desktop\Grand Theft Auto San Andreas
2014-08-07 15:07 - 2014-08-07 13:00 - 00000000 ____D () C:\Users\Florian\Desktop\FSX(1)
2014-08-07 10:57 - 2014-08-07 10:23 - 701897648 _____ () C:\Users\Florian\Desktop\FSX(1).rar
2014-08-06 21:20 - 2014-08-06 21:19 - 00033426 _____ () C:\Users\Florian\Downloads\FSX.rar
2014-08-06 20:58 - 2014-08-06 20:58 - 00675988 _____ () C:\Users\Florian\Desktop\Minecraft.exe
2014-08-06 20:50 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\Florian\AppData\Local\Packages
2014-08-06 20:49 - 2014-08-06 20:48 - 11990847 _____ () C:\Users\Florian\Downloads\sa-mp-0.3z-R1-install.exe
2014-08-06 20:15 - 2014-08-06 20:15 - 00000000 ___RD () C:\Users\Florian\Documents\Notes
2014-08-06 20:13 - 2014-08-06 20:13 - 00001474 _____ () C:\Users\Florian\Desktop\Windows Live Mail.lnk
2014-08-06 20:13 - 2014-08-06 20:13 - 00000453 _____ () C:\Users\Florian\Desktop\Minecraft - Verknüpfung.lnk
2014-08-06 17:49 - 2014-06-26 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-06 17:06 - 2014-05-29 13:48 - 00000000 ____D () C:\Users\Florian\AppData\Local\Spotify
2014-08-06 12:13 - 2014-08-06 12:13 - 02632153 _____ () C:\Users\Florian\Downloads\forge-1.7.2-10.12.0.1024-installer.jar
2014-08-06 12:10 - 2014-08-01 17:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Craften Terminal
2014-08-05 00:03 - 2014-08-05 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashRpt
2014-08-03 23:57 - 2014-08-03 20:42 - 00000000 ____D () C:\Users\Florian\Documents\FIFA World
2014-08-03 20:42 - 2014-06-04 17:51 - 00000000 ____D () C:\ProgramData\Origin
2014-08-03 20:23 - 2014-08-03 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-08-03 20:23 - 2014-05-02 17:34 - 00133208 _____ () C:\Windows\DirectX.log
2014-08-03 20:04 - 2014-06-04 17:52 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-03 17:42 - 2014-08-03 17:41 - 23516512 _____ (Electronic Arts, Inc.) C:\Users\Florian\Downloads\EASportsFIFAWorld.exe
2014-08-03 17:42 - 2014-06-04 17:51 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-01 17:23 - 2014-08-01 17:23 - 00000609 _____ () C:\Users\Florian\Documents\Standard.mvc
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
2014-08-01 17:19 - 2014-08-01 17:18 - 23178493 _____ (Craften.de ) C:\Users\Florian\Downloads\craftenterminal.exe
2014-08-01 00:35 - 2014-08-01 00:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3
2014-08-01 00:35 - 2014-08-01 00:33 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.3
2014-08-01 00:33 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\MTA San Andreas All
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.4
2014-08-01 00:32 - 2014-08-01 00:32 - 00000000 ____D () C:\Program Files (x86)\MTA San Andreas 1.4
2014-08-01 00:31 - 2014-08-01 00:31 - 21830784 _____ (Multi Theft Auto) C:\Users\Florian\Downloads\mtasa-1.4.exe
2014-07-30 14:45 - 2014-07-30 14:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\FileZilla
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-30 14:35 - 2014-07-30 14:35 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-30 14:32 - 2014-07-30 14:32 - 05981830 _____ (Tim Kosse) C:\Users\Florian\Downloads\FileZilla_3.9.0.1_win32-setup.exe
2014-07-30 00:25 - 2014-06-26 16:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 00:06 - 2014-07-29 23:56 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Winamp
2014-07-29 23:59 - 2014-07-29 23:59 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-07-29 23:59 - 2014-07-29 23:59 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-07-29 23:59 - 2013-08-22 16:46 - 00015110 _____ () C:\Windows\setupact.log
2014-07-29 23:56 - 2014-07-29 23:56 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-07-29 23:53 - 2014-07-29 23:53 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Winamp Installer.exe
2014-07-29 23:51 - 2014-07-29 23:51 - 00826192 _____ (Chip Digital GmbH) C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe
2014-07-29 21:11 - 2014-05-01 14:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-29 18:05 - 2014-07-29 18:05 - 00029718 _____ () C:\Users\Florian\Downloads\SAMP_KeyBinder.zip
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-29 16:43 - 2014-07-29 16:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-28 19:16 - 2014-07-28 19:16 - 00000880 _____ () C:\Users\Florian\Downloads\Dokumente - Verknüpfung.lnk
2014-07-28 15:33 - 2014-05-19 13:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\ftblauncher
2014-07-26 20:55 - 2014-07-26 20:55 - 04873530 _____ () C:\Users\Florian\Downloads\Cops.rar
2014-07-25 22:08 - 2014-07-25 22:08 - 00270848 _____ (Secure By Design Inc.) C:\Users\Florian\Downloads\Ninite Avast Installer.exe
2014-07-25 21:56 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Origin
2014-07-25 21:56 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Origin
2014-07-24 20:27 - 2014-07-24 20:13 - 00004841 _____ () C:\Users\Florian\Documents\TombRaider.log
2014-07-24 16:52 - 2014-05-09 16:15 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Windows Live Writer
2014-07-21 18:08 - 2014-07-21 18:08 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-07-21 16:11 - 2014-06-30 19:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\SpinTires
2014-07-17 18:36 - 2014-07-17 18:36 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-17 18:36 - 2014-07-17 18:36 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-07-15 16:21 - 2014-07-15 16:21 - 00000000 ____D () C:\Users\Florian\AppData\Local\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00169004 _____ () C:\Users\Florian\Downloads\KeyCommander-1.3.1-setup.exe
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fabi.me
2014-07-15 15:43 - 2014-07-15 15:43 - 00000000 ____D () C:\Program Files (x86)\fabi.me
2014-07-15 15:39 - 2014-07-15 15:39 - 11878040 _____ (AutoIt Team) C:\Users\Florian\Downloads\autoit-v3-setup.exe
2014-07-15 15:36 - 2014-07-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-15 15:36 - 2014-07-15 15:35 - 00000000 ____D () C:\Program Files (x86)\MacroX
2014-07-15 15:36 - 2014-05-01 00:42 - 00000000 ____D () C:\Users\Florian\AppData\Local\VirtualStore
2014-07-15 15:35 - 2014-07-15 15:35 - 02480915 _____ () C:\Users\Florian\Downloads\macrox!.exe
2014-07-15 15:35 - 2014-07-15 15:35 - 00000971 _____ () C:\Users\UpdatusUser\Desktop\MacroX.lnk
2014-07-15 15:35 - 2014-07-15 15:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MacroX
2014-07-13 15:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-06 17:17
==================== End Of Log ============================
|
|
12.08.2014, 09:56
| #7 |
| /// TB-Ausbilder | inetstat.exe - Was ist das ? Ok, schaut schon nicht schlecht aus. Downloade Dir bitte  SecurityCheck und:
ESET Scan dauert länger ! ESET Online Scanner
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
12.08.2014, 17:24
| #8 |
| | inetstat.exe - Was ist das ? Moin. Vorab : Ich sollte weiter oben genannt Java deinstallieren. Mittlerweile benötige ich aber wieder Java und hab es wieder installiert. Ist das denn ok, oder muss es deinstalliert sein ? Checkup-Textdatei Code:
ATTFilter Results of screen317's Security Check version 0.99.86
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
E-Set Text Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8c67875b3ed2c64c9d5713746cceae84
# engine=19614
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-12 10:32:27
# local_time=2014-08-12 12:32:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 42873 65036 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 92860 12223068 0 0
# scanned=322317
# found=22
# cleaned=0
# scan_time=3189
sh=A0CC42880584BCB1BCAB581AD41B2D3F0014F85C ft=1 fh=6e47b0cd47011c9f vn="Variante von Win32/RiskWare.Astori.B Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3253947246-835676800-3242475936-1001\$R499NFZ\inetstat.exe"
sh=15ED5B6C5946E85E7A5C77F4A7689E4E76CCBAFB ft=1 fh=c71c0011fe889422 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=8FF07C7F0E7320A1EB53CADD4D30D3154FF33BBA ft=1 fh=f622fe8cae001c0b vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=532A232C336AB1E5D65E829DFA191A71B96E2CC6 ft=1 fh=c71c001152b88659 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir"
sh=12EBF6FC8AD543662053CA101C2D5DA175137EB2 ft=1 fh=c71c00119e5c1a87 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir"
sh=8F0ABE23DDA3F9DC04497B1A4F455AF8CE9D45B8 ft=1 fh=787e176d56997de7 vn="Win64/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir"
sh=9E99BBE4E9F6026A66DB442D589FF049D44E43E9 ft=1 fh=c71c001149569c6f vn="Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=55B49E6175EC153F5F6D595F7E36CF04D61C70AC ft=1 fh=c71c0011122aac36 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=B1740CE6528491D6914E0015C836A3A8E31A28E9 ft=1 fh=667e6cf17acea18e vn="Win64/Thinknice.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=6148DAB05D76E4FCEF4B394B0F60D9ADB2E2AB1E ft=1 fh=c71c0011346812ac vn="Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe.vir"
sh=03DBFA1572019E6B0A7745CA443E74CCA8FEEFFD ft=1 fh=c71c0011e74d8dee vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=E9BEAFD5EF09360852ECDCC4312188064742E51A ft=1 fh=c71c0011421e8e27 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir"
sh=E3C659B9CAA4B5CFF2906CA02EB3F178906A2416 ft=1 fh=c71c00117f5fd915 vn="Win32/Thinknice.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll32.dll.vir"
sh=8B488C388E304F78CA88312A651D07494469D292 ft=1 fh=8013085d4e45f122 vn="Win64/Thinknice.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir"
sh=6148DAB05D76E4FCEF4B394B0F60D9ADB2E2AB1E ft=1 fh=c71c0011346812ac vn="Win32/ELEX.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=FED7CAA2E24771B66065C8D30131FC8037B6BD2A ft=1 fh=b41296876ed186e5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Florian\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Florian\AppData\Roaming\OpenCandy\17998B03125143609D64C1FB0597025B\sp-downloader.exe.vir"
sh=29E42A61A6BE387A24C035693D509D873C02D916 ft=1 fh=b326822ef8b4edbf vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Florian\AppData\Roaming\OpenCandy\C9EBEDC19B9A4D4B830C913404A4CCEC\speedupmypcDE.exe.vir"
sh=7CB328F54F9B0D48C93A1B13FE019CC6B77781BF ft=1 fh=9c7699a6b3492a19 vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Florian\AppData\Local\Temp\is-44N02.tmp\SpeedUpMyPC-standalone-setup.exe"
sh=D950AFE3B96F9CCA2165C88D7F3040876E535533 ft=1 fh=8c4ba47f28aa86e3 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Florian\Downloads\AutoHotkey - CHIP-Installer.exe"
sh=B5BBDD5908970846DDF0DB3C7EAB4A9F847DB60B ft=0 fh=0000000000000000 vn="MSIL/Hoax.FakeHack.DU Anwendung" ac=I fn="C:\Users\Florian\Downloads\Minecraft Force Op.rar"
sh=4DDAFF5EED865E435CCD04E24F216B309225BA5F ft=1 fh=07a25ec245b44529 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Florian\Downloads\Virtual Audio Cable - CHIP-Installer.exe"
Florian |
|
12.08.2014, 17:40
| #9 |
| /// TB-Ausbilder | inetstat.exe - Was ist das ? Nö das mit Java passt, ich wollts nur deinstalliert haben damit die aktuelle Version aufgespielt werden kann. Leider ist der SecurityCheck noch nicht up-to-date. Code:
ATTFilter C:\Users\Florian\Downloads\Minecraft Force Op.rar
Die Inetstat.exe ist im Papierkorb, den am besten leeren. Der Rest im ESET fliegt gleich automatisch raus durch Delfix. Die Chip Downloader sind AdWare/DownloadSponsor, hier mein Tipp: Chip Downloader:Bei Chip.de gibt es beim Download zwei Möglichkeiten: einmal den Chip Downloader mit DownloadSponsor, der Werbung mitbringt und gern versucht, den User dazu zu überreden, noch diese und jene Toolbar zu installieren. Und es gibt immer den alternativen Download, das ist die eigentliche Anwendung als Setup, so wie sie vom Hersteller kommt. Der Alternativlink ist genau unter der Chip Download-Schaltfläche. Ansonsten sind die Logs sauber  Die Reihenfolge ist hier entscheidend.
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems. Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti-Viren-Programm und zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden. Mozilla Firefox
Performance
Was du vermeiden solltest:
Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
13.08.2014, 15:51
| #10 |
| | inetstat.exe - Was ist das ? Moin, Sofern die Logs nun sauber aussehen, hätte ich dann keine Fragen mehr. Ich finde es echt schön, dass es so eine Seite wie Trojaner-Board gibt. Fettes Lob! Nun auch ein ganz dickes Dankeschön an Dich, Timo! Mit freundlichen Grüßen, Florian |
|
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
Linear-Darstellung
