| |
| |||||||
Log-Analyse und Auswertung: Spyhunter 4 löschenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.08.2014, 13:43
| #1 |
| |  Spyhunter 4 löschen Als ich gestern meinen Browser(Firefox) gestartet habe, nachdem ich das Programm "JDownloader 2" runtergeladen und installiert habe, ist mir aufgefallen, dass irgendein Programm nervige Anzeigen auf meinen Bildschirm setzt. Nach näherer Betrachtung steckte das Programm "ClearThink" dahinter. Laut einer Internetseite, sollte ich dies mit der Software "Spyhunter 4" entfernen. Als ich diese dann gedownloadet hatte konnte sie mir allerdings nicht bei meinem Problem helfen, weshalb ich dann den "adwcleaner", welchen ich zuvor vergessen hatte, verwendete, um "ClearThink" zu entfernen. Nachdem ich das Programm "Spyhunter 4" nun über die Systemsteuerung deinstalliert hatte, stellte ich fest, dass es immer noch auf meinem Computer drauf war. Ich befolgte dann also die Schritte, welche ich auf einer Internetseite fand, um das Programm zu entfernen, doch brachte dies nichts. Laut der Seite sollte ich auch nur einen Suchlauf mit MBAM durchführen und dann wärs das gewesen, da ich das dann hätte entfernen können... Schön wär's gewesen... Daraufhin ließ ich dann den Quick Scan von "Oldtimer" ausführen, welcher mir persönlich allerdings keine allzu genaue Info gab. Ich hoffe, dass mir jemand bei diesem Problem helfen kann und bedanke mich schonmal im Vorraus für die Zeit, welche aufgewandt wird. MBAM-LOG Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.08.2014 Suchlauf-Zeit: 11:43:21 Logdatei: Mbam-LOG2.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.15.03 Rootkit Datenbank: v2014.08.04.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Lukas Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 289080 Verstrichene Zeit: 7 Min, 32 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 1 PUP.Optional.ClearThink.A, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\extensions\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.xpi, In Quarantäne, [9946ac1af08b171f13d8a833f210827e], Physische Sektoren: 0 (No malicious items detected) (end) MBAM-LOG-2 Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 15.08.2014 Suchlauf-Zeit: 11:51:38 Logdatei: Mbam-LOG.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.15.03 Rootkit Datenbank: v2014.08.04.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Lukas Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 289243 Verstrichene Zeit: 11 Min, 19 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) OTL OTL Logfile: Code:
ATTFilter OTL logfile created on: 15.08.2014 12:53:53 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lukas\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17239) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,97 Gb Total Physical Memory | 5,49 Gb Available Physical Memory | 68,92% Memory free 15,93 Gb Paging File | 12,81 Gb Available in Paging File | 80,43% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,17 Gb Total Space | 845,48 Gb Free Space | 90,80% Space Free | Partition Type: NTFS Drive E: | 2794,25 Gb Total Space | 2792,86 Gb Free Space | 99,95% Space Free | Partition Type: FAT32 Computer Name: LUKAS-PC | User Name: Lukas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2014.08.15 12:53:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lukas\Downloads\OTL.exe PRC - [2014.08.06 13:10:40 | 003,600,728 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe PRC - [2014.08.05 10:57:58 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2014.08.05 10:57:43 | 000,751,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2014.08.05 10:57:43 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2014.07.24 11:50:06 | 000,190,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe PRC - [2014.07.24 11:50:04 | 000,141,392 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe PRC - [2014.07.23 01:34:39 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2014.05.07 14:44:30 | 000,511,872 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.10.29 13:43:38 | 000,248,832 | ---- | M] () -- C:\Program Files (x86)\Drakonia Configurator\hid.exe PRC - [2012.12.11 11:14:50 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Drakonia Configurator\trayicon.exe PRC - [2012.06.07 11:22:00 | 001,803,264 | ---- | M] (Game Inc.) -- C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe PRC - [2011.07.12 16:14:26 | 000,331,776 | ---- | M] (VIA Technologies, Inc.) -- C:\Programme\VIA XHCI UASP Utility\usb3Monitor.exe ========== Modules (No Company Name) ========== MOD - [2014.08.06 13:10:39 | 000,962,560 | ---- | M] () -- C:\Program Files (x86)\Origin\platforms\qwindows.dll MOD - [2014.08.06 13:10:39 | 000,302,592 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtiff.dll MOD - [2014.08.06 13:10:39 | 000,261,632 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qmng.dll MOD - [2014.08.06 13:10:39 | 000,217,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qjpeg.dll MOD - [2014.08.06 13:10:39 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qico.dll MOD - [2014.08.06 13:10:39 | 000,024,064 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qgif.dll MOD - [2014.08.06 13:10:39 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qtga.dll MOD - [2014.08.06 13:10:39 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Origin\imageformats\qwbmp.dll MOD - [2014.07.24 11:50:04 | 000,137,296 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll MOD - [2014.07.24 11:50:00 | 000,049,744 | ---- | M] () -- C:\Users\Lukas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll MOD - [2014.07.23 01:34:38 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2014.04.22 19:45:30 | 000,260,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll MOD - [2014.04.22 19:45:05 | 000,806,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll MOD - [2014.04.22 19:45:02 | 019,693,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll MOD - [2014.04.22 19:44:53 | 002,825,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll MOD - [2014.04.22 19:44:50 | 000,147,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll MOD - [2014.04.22 19:44:47 | 002,997,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll MOD - [2014.04.22 19:44:35 | 002,542,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\7e73e63cf4b8efdf41900b9576489e61\System.Data.Linq.ni.dll MOD - [2014.04.22 19:44:17 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll MOD - [2014.04.22 19:44:14 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll MOD - [2014.04.22 19:44:13 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\af02d03484578dbc357d1df8d1b6fd01\PresentationFramework-SystemData.ni.dll MOD - [2014.03.13 17:01:02 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll MOD - [2014.03.13 17:00:58 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll MOD - [2014.03.13 17:00:58 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll MOD - [2014.03.13 17:00:56 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll MOD - [2014.03.13 17:00:51 | 000,223,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll MOD - [2014.03.13 17:00:49 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll MOD - [2014.03.13 17:00:47 | 007,409,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll MOD - [2014.03.13 17:00:45 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll MOD - [2014.03.13 17:00:44 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll MOD - [2014.03.13 17:00:43 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll MOD - [2014.03.13 17:00:41 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll MOD - [2014.03.13 17:00:39 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll MOD - [2014.03.13 17:00:37 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll MOD - [2014.03.13 17:00:32 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll MOD - [2013.11.05 16:31:40 | 000,249,856 | ---- | M] () -- C:\Program Files (x86)\Drakonia Configurator\language.dll MOD - [2013.10.29 13:43:38 | 000,248,832 | ---- | M] () -- C:\Program Files (x86)\Drakonia Configurator\hid.exe MOD - [2013.01.15 17:06:32 | 000,061,952 | ---- | M] () -- C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll MOD - [2012.12.11 11:14:50 | 000,240,640 | ---- | M] () -- C:\Program Files (x86)\Drakonia Configurator\trayicon.exe ========== Services (SafeList) ========== SRV:64bit: - [2014.07.25 15:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService) SRV:64bit: - [2013.09.12 03:46:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2013.09.11 21:57:02 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv) SRV - [2014.08.05 10:57:58 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2014.08.05 10:57:43 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2014.07.24 11:50:04 | 000,141,392 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost) SRV - [2014.07.23 01:34:38 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2014.07.08 22:57:00 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2014.05.29 19:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2014.06.24 12:51:43 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2014.05.22 11:54:55 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2014.02.25 11:41:04 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2013.10.28 10:02:48 | 000,022,240 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger) DRV:64bit: - [2013.10.24 17:29:06 | 000,022,240 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\UsbCharger.sys -- (UsbCharger) DRV:64bit: - [2013.10.02 04:22:44 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2013.09.24 16:53:50 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2013.09.12 04:39:56 | 012,760,576 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2013.09.12 03:13:58 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2013.08.12 11:13:16 | 000,225,792 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB) DRV:64bit: - [2013.08.12 11:13:10 | 000,295,424 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv) DRV:64bit: - [2013.06.27 17:50:46 | 000,042,304 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2013.06.27 17:50:44 | 000,082,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2013.01.21 12:57:14 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2012.08.28 14:27:24 | 000,058,536 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2012.08.23 16:12:16 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.06.05 07:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2012.05.11 15:24:32 | 000,027,648 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GameKB.sys -- (GameKB) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) DRV:64bit: - [2011.09.29 11:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.09.15 08:46:14 | 000,060,288 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MHIKEY10x64.sys -- (MHIKEY10) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor) DRV - [2013.07.31 13:26:24 | 000,042,240 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.2.0) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B}: "URL" = hxxp://www.sm.de/?q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = about:blank IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\..\SearchScopes\{A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B}: "URL" = hxxp://www.sm.de/?q={searchTerms} IE - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.order.1: "SuchMaschine" FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Lukas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.04.22 21:37:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukas\AppData\Roaming\mozilla\Extensions [2014.08.15 12:45:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lukas\AppData\Roaming\mozilla\Firefox\Profiles\3cfhwcgk.default\extensions [2014.07.23 21:57:18 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Lukas\AppData\Roaming\mozilla\firefox\profiles\3cfhwcgk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014.05.09 21:45:30 | 000,001,793 | ---- | M] () -- C:\Users\Lukas\AppData\Roaming\mozilla\firefox\profiles\3cfhwcgk.default\searchplugins\search_engine.xml [2014.07.23 01:34:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2014.07.23 01:34:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Reg Error: Value error.) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe (VIA Technologies, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [GamingKeyboard] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe (Game Inc.) O4 - HKLM..\Run: [GamingMouse] C:\Program Files (x86)\Drakonia Configurator\hid.exe () O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-234909537-4166200705-3081485305-1002..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-234909537-4166200705-3081485305-1002\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62C9C01B-628A-487B-A544-B2B31FFFF7E3}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2014.08.15 10:58:11 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{d2f01a2f-ca43-11e3-b928-74d4359988e1}\Shell - "" = AutoRun O33 - MountPoints2\{d2f01a2f-ca43-11e3-b928-74d4359988e1}\Shell\AutoRun\command - "" = F:\pushinst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014.08.15 11:42:57 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.08.15 11:41:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware [2014.08.15 11:41:55 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014.08.15 11:41:55 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys [2014.08.15 11:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ Malwarebytes Anti-Malware [2014.08.15 11:39:21 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2014.08.15 11:33:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2014.08.15 10:57:50 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2014.08.15 10:57:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2014.08.14 23:46:33 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader [2014.08.14 23:45:28 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\JDownloader v2.0 [2014.08.09 23:57:48 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\RenPy [2014.08.09 22:52:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Katawa Shoujo [2014.08.08 01:21:09 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Unity [2014.08.08 01:03:43 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\Unity [2014.08.06 21:46:53 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Local\Blizzard [2014.08.06 21:37:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone [2014.08.06 21:37:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hearthstone [2014.08.06 21:32:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [2014.08.06 21:32:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net [2014.07.24 23:44:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Riot Games [2014.07.24 02:16:46 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\dvdcss [2014.07.24 02:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2014.07.24 02:08:00 | 000,000,000 | ---D | C] -- C:\Users\Lukas\AppData\Roaming\Canneverbe Limited [2014.07.24 02:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP [2014.07.24 01:23:01 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Training [2014.07.23 22:19:09 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Programmieren [2014.07.23 01:34:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2014.07.21 14:57:12 | 000,000,000 | ---D | C] -- C:\Users\Lukas\Desktop\Mathe [2011.03.30 11:40:32 | 000,095,576 | ---- | C] (Microsoft Corporation) -- C:\Users\Lukas\DSETUP.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2014.08.15 12:35:58 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014.08.15 12:35:58 | 000,698,688 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2014.08.15 12:35:58 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014.08.15 12:35:58 | 000,148,828 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2014.08.15 12:35:58 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014.08.15 11:56:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014.08.15 11:44:10 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014.08.15 11:44:10 | 000,028,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014.08.15 11:43:15 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014.08.15 11:41:58 | 000,001,102 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2014.08.15 11:36:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014.08.15 11:36:14 | 2119,675,903 | -HS- | M] () -- C:\hiberfil.sys [2014.08.15 10:58:11 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2014.08.15 10:47:45 | 000,283,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014.08.14 23:46:33 | 000,002,082 | ---- | M] () -- C:\Users\Lukas\Desktop\JDownloader 2.lnk [2014.08.11 15:58:46 | 000,006,550 | ---- | M] () -- C:\Users\Lukas\Desktop\Mathe-Denis.rtf [2014.08.09 22:53:34 | 000,001,107 | ---- | M] () -- C:\Users\Lukas\Desktop\Katawa Shoujo.lnk [2014.08.06 21:37:43 | 000,001,155 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk [2014.08.06 21:32:36 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk [2014.08.05 17:26:05 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\Avira.lnk [2014.08.03 18:30:28 | 000,008,561 | ---- | M] () -- C:\Users\Lukas\AppData\Local\recently-used.xbel [2014.07.24 14:27:44 | 000,042,040 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2014.07.24 02:08:00 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2014.08.15 10:58:11 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2014.08.14 23:46:33 | 000,002,082 | ---- | C] () -- C:\Users\Lukas\Desktop\JDownloader 2.lnk [2014.08.09 22:53:34 | 000,001,107 | ---- | C] () -- C:\Users\Lukas\Desktop\Katawa Shoujo.lnk [2014.08.06 21:37:43 | 000,001,155 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk [2014.08.06 21:32:36 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk [2014.08.06 00:57:33 | 000,006,550 | ---- | C] () -- C:\Users\Lukas\Desktop\Mathe-Denis.rtf [2014.08.03 18:30:28 | 000,008,561 | ---- | C] () -- C:\Users\Lukas\AppData\Local\recently-used.xbel [2014.07.24 02:08:00 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2014.07.24 02:08:00 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2014.04.22 19:29:54 | 001,192,533 | ---- | C] () -- C:\Windows\unins000.exe [2014.04.22 19:29:54 | 000,017,946 | ---- | C] () -- C:\Windows\unins000.dat [2014.04.17 10:28:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2014.04.17 10:26:16 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe [2014.04.17 10:26:16 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe [2014.04.17 10:26:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2014.04.17 10:26:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2014.04.17 10:26:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2014.04.17 10:17:20 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini [2014.03.13 14:51:26 | 001,591,896 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.09.11 22:32:06 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011.03.30 11:40:34 | 000,517,976 | ---- | C] () -- C:\Users\Lukas\DXSETUP.exe [2011.03.30 11:40:32 | 001,566,040 | ---- | C] () -- C:\Users\Lukas\dsetup32.dll [2011.03.30 11:40:32 | 000,097,152 | ---- | C] () -- C:\Users\Lukas\dxupdate.cab [2011.03.30 11:40:32 | 000,044,624 | ---- | C] () -- C:\Users\Lukas\dxdllreg_x86.cab [2010.06.02 05:22:54 | 001,412,902 | ---- | C] () -- C:\Users\Lukas\OCT2006_d3dx9_31_x64.cab [2010.06.02 05:22:54 | 001,127,217 | ---- | C] () -- C:\Users\Lukas\OCT2006_d3dx9_31_x86.cab [2010.06.02 05:22:54 | 000,273,960 | ---- | C] () -- C:\Users\Lukas\Nov2008_XAudio_x64.cab [2010.06.02 05:22:54 | 000,272,611 | ---- | C] () -- C:\Users\Lukas\Nov2008_XAudio_x86.cab [2010.06.02 05:22:54 | 000,182,361 | ---- | C] () -- C:\Users\Lukas\OCT2006_XACT_x64.cab [2010.06.02 05:22:54 | 000,138,017 | ---- | C] () -- C:\Users\Lukas\OCT2006_XACT_x86.cab [2010.06.02 05:22:54 | 000,086,037 | ---- | C] () -- C:\Users\Lukas\Oct2005_xinput_x64.cab [2010.06.02 05:22:54 | 000,045,359 | ---- | C] () -- C:\Users\Lukas\Oct2005_xinput_x86.cab [2010.06.02 05:22:52 | 001,906,878 | ---- | C] () -- C:\Users\Lukas\Nov2008_d3dx9_40_x64.cab [2010.06.02 05:22:52 | 001,550,796 | ---- | C] () -- C:\Users\Lukas\Nov2008_d3dx9_40_x86.cab [2010.06.02 05:22:52 | 000,965,421 | ---- | C] () -- C:\Users\Lukas\Nov2008_d3dx10_40_x86.cab [2010.06.02 05:22:52 | 000,121,794 | ---- | C] () -- C:\Users\Lukas\Nov2008_XACT_x64.cab [2010.06.02 05:22:52 | 000,092,684 | ---- | C] () -- C:\Users\Lukas\Nov2008_XACT_x86.cab [2010.06.02 05:22:52 | 000,054,522 | ---- | C] () -- C:\Users\Lukas\Nov2008_X3DAudio_x64.cab [2010.06.02 05:22:52 | 000,021,851 | ---- | C] () -- C:\Users\Lukas\Nov2008_X3DAudio_x86.cab [2010.06.02 05:22:50 | 000,994,154 | ---- | C] () -- C:\Users\Lukas\Nov2008_d3dx10_40_x64.cab [2010.06.02 05:22:50 | 000,196,762 | ---- | C] () -- C:\Users\Lukas\NOV2007_XACT_x64.cab [2010.06.02 05:22:50 | 000,148,264 | ---- | C] () -- C:\Users\Lukas\NOV2007_XACT_x86.cab [2010.06.02 05:22:50 | 000,046,144 | ---- | C] () -- C:\Users\Lukas\NOV2007_X3DAudio_x64.cab [2010.06.02 05:22:50 | 000,018,496 | ---- | C] () -- C:\Users\Lukas\NOV2007_X3DAudio_x86.cab [2010.06.02 05:22:48 | 001,802,058 | ---- | C] () -- C:\Users\Lukas\Nov2007_d3dx9_36_x64.cab [2010.06.02 05:22:48 | 001,709,360 | ---- | C] () -- C:\Users\Lukas\Nov2007_d3dx9_36_x86.cab [2010.06.02 05:22:48 | 000,864,600 | ---- | C] () -- C:\Users\Lukas\Nov2007_d3dx10_36_x64.cab [2010.06.02 05:22:48 | 000,803,884 | ---- | C] () -- C:\Users\Lukas\Nov2007_d3dx10_36_x86.cab [2010.06.02 05:22:48 | 000,273,018 | ---- | C] () -- C:\Users\Lukas\Mar2009_XAudio_x86.cab [2010.06.02 05:22:46 | 000,275,044 | ---- | C] () -- C:\Users\Lukas\Mar2009_XAudio_x64.cab [2010.06.02 05:22:46 | 000,121,506 | ---- | C] () -- C:\Users\Lukas\Mar2009_XACT_x64.cab [2010.06.02 05:22:46 | 000,092,740 | ---- | C] () -- C:\Users\Lukas\Mar2009_XACT_x86.cab [2010.06.02 05:22:38 | 000,054,600 | ---- | C] () -- C:\Users\Lukas\Mar2009_X3DAudio_x64.cab [2010.06.02 05:22:38 | 000,021,298 | ---- | C] () -- C:\Users\Lukas\Mar2009_X3DAudio_x86.cab [2010.06.02 05:22:36 | 001,973,702 | ---- | C] () -- C:\Users\Lukas\Mar2009_d3dx9_41_x64.cab [2010.06.02 05:22:36 | 001,612,446 | ---- | C] () -- C:\Users\Lukas\Mar2009_d3dx9_41_x86.cab [2010.06.02 05:22:36 | 001,067,160 | ---- | C] () -- C:\Users\Lukas\Mar2009_d3dx10_41_x64.cab [2010.06.02 05:22:36 | 001,040,745 | ---- | C] () -- C:\Users\Lukas\Mar2009_d3dx10_41_x86.cab [2010.06.02 05:22:36 | 000,251,194 | ---- | C] () -- C:\Users\Lukas\Mar2008_XAudio_x64.cab [2010.06.02 05:22:36 | 000,226,250 | ---- | C] () -- C:\Users\Lukas\Mar2008_XAudio_x86.cab [2010.06.02 05:22:36 | 000,122,336 | ---- | C] () -- C:\Users\Lukas\Mar2008_XACT_x64.cab [2010.06.02 05:22:36 | 000,093,734 | ---- | C] () -- C:\Users\Lukas\Mar2008_XACT_x86.cab [2010.06.02 05:22:34 | 001,769,862 | ---- | C] () -- C:\Users\Lukas\Mar2008_d3dx9_37_x64.cab [2010.06.02 05:22:34 | 001,443,282 | ---- | C] () -- C:\Users\Lukas\Mar2008_d3dx9_37_x86.cab [2010.06.02 05:22:34 | 000,818,260 | ---- | C] () -- C:\Users\Lukas\Mar2008_d3dx10_37_x86.cab [2010.06.02 05:22:34 | 000,055,058 | ---- | C] () -- C:\Users\Lukas\Mar2008_X3DAudio_x64.cab [2010.06.02 05:22:34 | 000,021,867 | ---- | C] () -- C:\Users\Lukas\Mar2008_X3DAudio_x86.cab [2010.06.02 05:22:32 | 000,937,246 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dx9_43_x64.cab [2010.06.02 05:22:32 | 000,844,884 | ---- | C] () -- C:\Users\Lukas\Mar2008_d3dx10_37_x64.cab [2010.06.02 05:22:32 | 000,768,036 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dx9_43_x86.cab [2010.06.02 05:22:32 | 000,278,060 | ---- | C] () -- C:\Users\Lukas\Jun2010_XAudio_x86.cab [2010.06.02 05:22:32 | 000,277,338 | ---- | C] () -- C:\Users\Lukas\Jun2010_XAudio_x64.cab [2010.06.02 05:22:32 | 000,124,596 | ---- | C] () -- C:\Users\Lukas\Jun2010_XACT_x64.cab [2010.06.02 05:22:32 | 000,093,686 | ---- | C] () -- C:\Users\Lukas\Jun2010_XACT_x86.cab [2010.06.02 05:22:30 | 000,762,188 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dcsx_43_x86.cab [2010.06.02 05:22:30 | 000,235,955 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dx10_43_x64.cab [2010.06.02 05:22:30 | 000,197,283 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dx10_43_x86.cab [2010.06.02 05:22:30 | 000,138,205 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dx11_43_x64.cab [2010.06.02 05:22:30 | 000,109,445 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dx11_43_x86.cab [2010.06.02 05:22:28 | 000,944,460 | ---- | C] () -- C:\Users\Lukas\Jun2010_D3DCompiler_43_x64.cab [2010.06.02 05:22:28 | 000,931,471 | ---- | C] () -- C:\Users\Lukas\Jun2010_D3DCompiler_43_x86.cab [2010.06.02 05:22:28 | 000,752,783 | ---- | C] () -- C:\Users\Lukas\Jun2010_d3dcsx_43_x64.cab [2010.06.02 05:22:20 | 000,269,024 | ---- | C] () -- C:\Users\Lukas\JUN2008_XAudio_x86.cab [2010.06.02 05:22:18 | 001,792,608 | ---- | C] () -- C:\Users\Lukas\JUN2008_d3dx9_38_x64.cab [2010.06.02 05:22:18 | 001,463,878 | ---- | C] () -- C:\Users\Lukas\JUN2008_d3dx9_38_x86.cab [2010.06.02 05:22:18 | 000,867,828 | ---- | C] () -- C:\Users\Lukas\JUN2008_d3dx10_38_x64.cab [2010.06.02 05:22:18 | 000,849,919 | ---- | C] () -- C:\Users\Lukas\JUN2008_d3dx10_38_x86.cab [2010.06.02 05:22:18 | 000,269,628 | ---- | C] () -- C:\Users\Lukas\JUN2008_XAudio_x64.cab [2010.06.02 05:22:18 | 000,152,909 | ---- | C] () -- C:\Users\Lukas\JUN2007_XACT_x86.cab [2010.06.02 05:22:18 | 000,121,054 | ---- | C] () -- C:\Users\Lukas\JUN2008_XACT_x64.cab [2010.06.02 05:22:18 | 000,093,128 | ---- | C] () -- C:\Users\Lukas\JUN2008_XACT_x86.cab [2010.06.02 05:22:18 | 000,055,154 | ---- | C] () -- C:\Users\Lukas\JUN2008_X3DAudio_x64.cab [2010.06.02 05:22:18 | 000,021,905 | ---- | C] () -- C:\Users\Lukas\JUN2008_X3DAudio_x86.cab [2010.06.02 05:22:16 | 001,607,774 | ---- | C] () -- C:\Users\Lukas\JUN2007_d3dx9_34_x64.cab [2010.06.02 05:22:16 | 001,607,286 | ---- | C] () -- C:\Users\Lukas\JUN2007_d3dx9_34_x86.cab [2010.06.02 05:22:16 | 001,064,925 | ---- | C] () -- C:\Users\Lukas\Jun2005_d3dx9_26_x86.cab [2010.06.02 05:22:16 | 000,699,044 | ---- | C] () -- C:\Users\Lukas\JUN2007_d3dx10_34_x64.cab [2010.06.02 05:22:16 | 000,698,472 | ---- | C] () -- C:\Users\Lukas\JUN2007_d3dx10_34_x86.cab [2010.06.02 05:22:16 | 000,197,122 | ---- | C] () -- C:\Users\Lukas\JUN2007_XACT_x64.cab [2010.06.02 05:22:16 | 000,180,785 | ---- | C] () -- C:\Users\Lukas\JUN2006_XACT_x64.cab [2010.06.02 05:22:16 | 000,133,671 | ---- | C] () -- C:\Users\Lukas\JUN2006_XACT_x86.cab [2010.06.02 05:22:14 | 001,336,002 | ---- | C] () -- C:\Users\Lukas\Jun2005_d3dx9_26_x64.cab [2010.06.02 05:22:14 | 000,277,191 | ---- | C] () -- C:\Users\Lukas\Feb2010_XAudio_x86.cab [2010.06.02 05:22:14 | 000,276,960 | ---- | C] () -- C:\Users\Lukas\Feb2010_XAudio_x64.cab [2010.06.02 05:22:14 | 000,122,446 | ---- | C] () -- C:\Users\Lukas\Feb2010_XACT_x64.cab [2010.06.02 05:22:14 | 000,093,180 | ---- | C] () -- C:\Users\Lukas\Feb2010_XACT_x86.cab [2010.06.02 05:22:12 | 000,194,675 | ---- | C] () -- C:\Users\Lukas\FEB2007_XACT_x64.cab [2010.06.02 05:22:12 | 000,147,983 | ---- | C] () -- C:\Users\Lukas\FEB2007_XACT_x86.cab [2010.06.02 05:22:12 | 000,054,678 | ---- | C] () -- C:\Users\Lukas\Feb2010_X3DAudio_x64.cab [2010.06.02 05:22:12 | 000,020,713 | ---- | C] () -- C:\Users\Lukas\Feb2010_X3DAudio_x86.cab [2010.06.02 05:22:10 | 000,178,359 | ---- | C] () -- C:\Users\Lukas\Feb2006_XACT_x64.cab [2010.06.02 05:22:10 | 000,132,409 | ---- | C] () -- C:\Users\Lukas\Feb2006_XACT_x86.cab [2010.06.02 05:22:04 | 001,084,720 | ---- | C] () -- C:\Users\Lukas\Feb2006_d3dx9_29_x86.cab [2010.06.02 05:22:02 | 001,574,376 | ---- | C] () -- C:\Users\Lukas\DEC2006_d3dx9_32_x86.cab [2010.06.02 05:22:02 | 001,362,796 | ---- | C] () -- C:\Users\Lukas\Feb2006_d3dx9_29_x64.cab [2010.06.02 05:22:02 | 001,247,499 | ---- | C] () -- C:\Users\Lukas\Feb2005_d3dx9_24_x64.cab [2010.06.02 05:22:02 | 001,013,225 | ---- | C] () -- C:\Users\Lukas\Feb2005_d3dx9_24_x86.cab [2010.06.02 05:22:02 | 000,192,475 | ---- | C] () -- C:\Users\Lukas\DEC2006_XACT_x64.cab [2010.06.02 05:22:02 | 000,145,599 | ---- | C] () -- C:\Users\Lukas\DEC2006_XACT_x86.cab [2010.06.02 05:22:00 | 001,571,154 | ---- | C] () -- C:\Users\Lukas\DEC2006_d3dx9_32_x64.cab [2010.06.02 05:22:00 | 001,357,976 | ---- | C] () -- C:\Users\Lukas\Dec2005_d3dx9_28_x64.cab [2010.06.02 05:22:00 | 001,079,456 | ---- | C] () -- C:\Users\Lukas\Dec2005_d3dx9_28_x86.cab [2010.06.02 05:22:00 | 000,273,264 | ---- | C] () -- C:\Users\Lukas\Aug2009_XAudio_x64.cab [2010.06.02 05:22:00 | 000,272,642 | ---- | C] () -- C:\Users\Lukas\Aug2009_XAudio_x86.cab [2010.06.02 05:22:00 | 000,212,807 | ---- | C] () -- C:\Users\Lukas\DEC2006_d3dx10_00_x64.cab [2010.06.02 05:22:00 | 000,191,720 | ---- | C] () -- C:\Users\Lukas\DEC2006_d3dx10_00_x86.cab [2010.06.02 05:22:00 | 000,122,408 | ---- | C] () -- C:\Users\Lukas\Aug2009_XACT_x64.cab [2010.06.02 05:22:00 | 000,093,106 | ---- | C] () -- C:\Users\Lukas\Aug2009_XACT_x86.cab [2010.06.02 05:21:58 | 000,930,116 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dx9_42_x64.cab [2010.06.02 05:21:58 | 000,728,456 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dx9_42_x86.cab [2010.06.02 05:21:58 | 000,232,635 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dx10_42_x64.cab [2010.06.02 05:21:58 | 000,192,131 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dx10_42_x86.cab [2010.06.02 05:21:58 | 000,136,301 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dx11_42_x64.cab [2010.06.02 05:21:58 | 000,105,044 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dx11_42_x86.cab [2010.06.02 05:21:56 | 003,319,740 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dcsx_42_x86.cab [2010.06.02 05:21:56 | 003,112,111 | ---- | C] () -- C:\Users\Lukas\Aug2009_d3dcsx_42_x64.cab [2010.06.02 05:21:56 | 000,900,598 | ---- | C] () -- C:\Users\Lukas\Aug2009_D3DCompiler_42_x86.cab [2010.06.02 05:21:46 | 000,919,044 | ---- | C] () -- C:\Users\Lukas\Aug2009_D3DCompiler_42_x64.cab [2010.06.02 05:21:46 | 000,271,412 | ---- | C] () -- C:\Users\Lukas\Aug2008_XAudio_x64.cab [2010.06.02 05:21:46 | 000,271,038 | ---- | C] () -- C:\Users\Lukas\Aug2008_XAudio_x86.cab [2010.06.02 05:21:44 | 001,794,084 | ---- | C] () -- C:\Users\Lukas\Aug2008_d3dx9_39_x64.cab [2010.06.02 05:21:44 | 001,464,672 | ---- | C] () -- C:\Users\Lukas\Aug2008_d3dx9_39_x86.cab [2010.06.02 05:21:44 | 000,849,167 | ---- | C] () -- C:\Users\Lukas\Aug2008_d3dx10_39_x86.cab [2010.06.02 05:21:44 | 000,198,096 | ---- | C] () -- C:\Users\Lukas\AUG2007_XACT_x64.cab [2010.06.02 05:21:44 | 000,153,012 | ---- | C] () -- C:\Users\Lukas\AUG2007_XACT_x86.cab [2010.06.02 05:21:44 | 000,121,772 | ---- | C] () -- C:\Users\Lukas\Aug2008_XACT_x64.cab [2010.06.02 05:21:44 | 000,092,996 | ---- | C] () -- C:\Users\Lukas\Aug2008_XACT_x86.cab [2010.06.02 05:21:42 | 001,800,160 | ---- | C] () -- C:\Users\Lukas\AUG2007_d3dx9_35_x64.cab [2010.06.02 05:21:42 | 001,708,152 | ---- | C] () -- C:\Users\Lukas\AUG2007_d3dx9_35_x86.cab [2010.06.02 05:21:42 | 000,867,612 | ---- | C] () -- C:\Users\Lukas\Aug2008_d3dx10_39_x64.cab [2010.06.02 05:21:42 | 000,852,286 | ---- | C] () -- C:\Users\Lukas\AUG2007_d3dx10_35_x64.cab [2010.06.02 05:21:42 | 000,796,867 | ---- | C] () -- C:\Users\Lukas\AUG2007_d3dx10_35_x86.cab [2010.06.02 05:21:40 | 001,350,542 | ---- | C] () -- C:\Users\Lukas\Aug2005_d3dx9_27_x64.cab [2010.06.02 05:21:40 | 001,077,644 | ---- | C] () -- C:\Users\Lukas\Aug2005_d3dx9_27_x86.cab [2010.06.02 05:21:40 | 000,182,903 | ---- | C] () -- C:\Users\Lukas\AUG2006_XACT_x64.cab [2010.06.02 05:21:40 | 000,137,235 | ---- | C] () -- C:\Users\Lukas\AUG2006_XACT_x86.cab [2010.06.02 05:21:40 | 000,087,142 | ---- | C] () -- C:\Users\Lukas\AUG2006_xinput_x64.cab [2010.06.02 05:21:40 | 000,053,302 | ---- | C] () -- C:\Users\Lukas\APR2007_xinput_x86.cab [2010.06.02 05:21:40 | 000,046,058 | ---- | C] () -- C:\Users\Lukas\AUG2006_xinput_x86.cab [2010.06.02 05:21:38 | 001,606,039 | ---- | C] () -- C:\Users\Lukas\APR2007_d3dx9_33_x86.cab [2010.06.02 05:21:38 | 000,195,766 | ---- | C] () -- C:\Users\Lukas\APR2007_XACT_x64.cab [2010.06.02 05:21:38 | 000,151,225 | ---- | C] () -- C:\Users\Lukas\APR2007_XACT_x86.cab [2010.06.02 05:21:38 | 000,096,817 | ---- | C] () -- C:\Users\Lukas\APR2007_xinput_x64.cab [2010.06.02 05:21:36 | 001,607,358 | ---- | C] () -- C:\Users\Lukas\APR2007_d3dx9_33_x64.cab [2010.06.02 05:21:36 | 000,698,612 | ---- | C] () -- C:\Users\Lukas\APR2007_d3dx10_33_x64.cab [2010.06.02 05:21:36 | 000,695,865 | ---- | C] () -- C:\Users\Lukas\APR2007_d3dx10_33_x86.cab [2010.06.02 05:21:34 | 000,046,010 | ---- | C] () -- C:\Users\Lukas\Apr2006_xinput_x86.cab [2010.06.02 05:21:20 | 000,087,101 | ---- | C] () -- C:\Users\Lukas\Apr2006_xinput_x64.cab [2010.06.02 05:21:18 | 004,162,630 | ---- | C] () -- C:\Users\Lukas\Apr2006_MDX1_x86_Archive.cab [2010.06.02 05:21:18 | 000,916,430 | ---- | C] () -- C:\Users\Lukas\Apr2006_MDX1_x86.cab [2010.06.02 05:21:18 | 000,179,133 | ---- | C] () -- C:\Users\Lukas\Apr2006_XACT_x64.cab [2010.06.02 05:21:18 | 000,133,103 | ---- | C] () -- C:\Users\Lukas\Apr2006_XACT_x86.cab [2010.06.02 05:21:16 | 001,397,830 | ---- | C] () -- C:\Users\Lukas\Apr2006_d3dx9_30_x64.cab [2010.06.02 05:21:16 | 001,347,354 | ---- | C] () -- C:\Users\Lukas\Apr2005_d3dx9_25_x64.cab [2010.06.02 05:21:16 | 001,115,221 | ---- | C] () -- C:\Users\Lukas\Apr2006_d3dx9_30_x86.cab [2010.06.02 05:21:16 | 001,078,962 | ---- | C] () -- C:\Users\Lukas\Apr2005_d3dx9_25_x86.cab ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2014.08.05 17:46:07 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\.minecraft [2014.07.04 12:40:15 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Aegisub [2014.08.06 21:37:25 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Battle.net [2014.07.24 02:08:00 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Canneverbe Limited [2014.05.11 17:00:59 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\DVDVideoSoft [2014.07.04 12:13:15 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\fontconfig [2014.05.09 21:24:37 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\JavaEditor [2014.04.26 01:37:08 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\LolClient [2014.04.22 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\MingGuan [2014.04.23 13:40:11 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Origin [2014.08.09 23:57:48 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\RenPy [2014.04.23 15:18:45 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Riot Games [2014.05.06 21:58:48 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\TS3Client [2014.08.08 01:21:09 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\Unity [2014.07.07 16:34:26 | 000,000,000 | ---D | M] -- C:\Users\Lukas\AppData\Roaming\uTorrent ========== Purity Check ========== < End of report > Und hier die LOG-Dateien, welche ich durch Bearbeitung dieser Seite erhalten habe: FRST-Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-08-2014
Ran by Lukas at 2014-08-15 13:52:14
Running from C:\Users\Lukas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31515 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
AMD Accelerated Video Transcoding (Version: 13.20.100.30911 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0911.2154.37488 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{00957033-C081-5235-665A-A014A6E2FF7B}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.0911.2154.37488 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80911.2216 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0911.2153.37488 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0911.2154.37488 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4954 - CDBurnerXP)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 2.1.1381.25 - Infernum Productions AG)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Greenfoot (HKLM-x32\...\{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}) (Version: 2.3.0 - Greenfoot Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 51 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java-Editor 12.3, 2013.10.21 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version: - Gerhard Röhner)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Minecraft1.7.9 (HKLM-x32\...\Minecraft1.7.9) (Version: - )
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.1028.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
03-08-2014 11:54:46 Windows Update
10-08-2014 17:44:08 Geplanter Prüfpunkt
15-08-2014 00:01:58 Windows Update
15-08-2014 08:57:27 Installed SpyHunter
15-08-2014 09:37:44 Removed SpyHunter
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {9DF9727B-952E-4709-82B7-CAEDB248D6BF} - System32\Tasks\{5FE73067-047C-4420-A966-C817E5A69536} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.115.259&LastError=404
Task: {A82C1E08-FE64-48D1-9817-E34F712EF68C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {D2C9982F-26A9-4626-B960-33F6E34E79EE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-09-11 21:57 - 2013-09-11 21:57 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-09-11 21:57 - 2013-09-11 21:57 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-04-22 19:29 - 2013-10-29 13:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-04-22 19:29 - 2012-12-11 11:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2013-09-11 21:57 - 2013-09-11 21:57 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-15 11:40 - 2014-08-15 11:40 - 00040448 ____N () C:\Users\Lukas\AppData\Local\Temp\proxy_vole2223955713841825662.dll
2014-08-15 11:40 - 2014-08-15 11:40 - 00566439 _____ () C:\Users\Lukas\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2014-08-15 11:40 - 2014-08-15 11:40 - 04078962 _____ () C:\Users\Lukas\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-04-23 04:20 - 2014-08-06 13:10 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-04-22 19:29 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-04-22 21:15 - 2014-07-24 11:50 - 00049744 _____ () C:\Users\Lukas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-04-22 19:29 - 2013-11-05 16:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2014-07-23 01:34 - 2014-07-23 01:34 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-08 22:56 - 2014-07-08 22:56 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/15/2014 11:38:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 11:37:35 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/15/2014 10:49:30 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/15/2014 10:48:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2014 11:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xf00
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/14/2014 09:56:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.16.0.105 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 984
Startzeit: 01cfb7f85583e14a
Endzeit: 7
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: 0dfa6031-23ed-11e4-bf2a-74d4359988e1
Error: (08/14/2014 09:47:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2014 09:46:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/14/2014 00:28:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2014 00:28:43 PM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Produkt: Adobe Reader XI (11.0.07) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011008}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
System errors:
=============
Error: (08/15/2014 11:37:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/15/2014 10:48:15 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/14/2014 09:45:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/14/2014 00:27:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/13/2014 09:06:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/13/2014 05:20:34 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/13/2014 01:02:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/12/2014 08:01:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/12/2014 00:41:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error: (08/11/2014 09:29:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Microsoft Office Sessions:
=========================
Error: (08/15/2014 11:38:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 11:37:35 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)
Error: (08/15/2014 10:49:30 AM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)
Error: (08/15/2014 10:48:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2014 11:45:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141bf0001cfb7f9cdf770d4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll564d01a0-23fc-11e4-bf2a-74d4359988e1
Error: (08/14/2014 09:56:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.16.0.10598401cfb7f85583e14a7C:\Program Files (x86)\Skype\Phone\Skype.exe0dfa6031-23ed-11e4-bf2a-74d4359988e1
Error: (08/14/2014 09:47:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2014 09:46:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)
Error: (08/14/2014 00:28:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/14/2014 00:28:43 PM) (Source: MsiInstaller) (EventID: 1024) (User: Lukas-PC)
Description: Adobe Reader XI (11.0.07) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011008}1625(NULL)(NULL)(NULL)
==================== Memory info ===========================
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 8156.64 MB
Available physical RAM: 5350.27 MB
Total Pagefile: 16311.47 MB
Available Pagefile: 12803.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.17 GB) (Free:845.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F3FEE113)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
GMER GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-15 14:10:06
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000061 ST1000DM rev.CC49 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Lukas\AppData\Local\Temp\kgloapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003601000 76 bytes [00, 00, 18, 00, 77, 73, 69, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 607 fffff8000360104f 7 bytes [00, 80, 20, AA, 09, 80, FA]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f61465 2 bytes [F6, 75]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f614bb 2 bytes [F6, 75]
.text ... * 2
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\kernel32.dll!CreateFileW 0000000076c93f1c 5 bytes JMP 00000001625a9740
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000077298e4e 5 bytes JMP 00000001625a8eb0
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!ShowWindow 00000000772a0dfb 5 bytes JMP 00000001625a8e30
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetFocus 00000000772a2175 5 bytes JMP 00000001625a8e80
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetActiveWindow 00000000772a3208 5 bytes JMP 00000001625a8f00
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!BringWindowToTop 00000000772a7b3b 5 bytes JMP 00000001625a8d80
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 00000000772bf170 5 bytes JMP 00000001625a8d50
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SwitchToThisWindow 00000000772d90fc 5 bytes JMP 00000001625a8db0
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!ShowWindowAsync 00000000772f7d97 5 bytes JMP 00000001625a8de0
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\ole32.dll!DoDragDrop 000000007758a827 5 bytes JMP 00000001625a8d30
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f61465 2 bytes [F6, 75]
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f614bb 2 bytes [F6, 75]
.text ... * 2
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[2512] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075f61465 2 bytes [F6, 75]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[2512] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075f614bb 2 bytes [F6, 75]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 0000000140000000
Library C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 0000000180000000
Library C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 000007fef5d50000
Library C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 000007fef0c10000
Library C:\Program Files\Enigma Software Group\SpyHunter\Common.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 00000000001e0000
---- EOF - GMER 2.1 ----
GMER2 [Ich weiß nicht, ob dies notwendig ist, allerdings habe ich beim ersten Suchlauf vergessen mein Anti-Virenprogramm zu deaktivieren. GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-15 14:17:01
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000061 ST1000DM rev.CC49 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Lukas\AppData\Local\Temp\kgloapow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003601000 65 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 594 fffff80003601042 4 bytes [00, 00, 00, 00]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f61465 2 bytes [F6, 75]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[1636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f614bb 2 bytes [F6, 75]
.text ... * 2
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\kernel32.dll!CreateFileW 0000000076c93f1c 5 bytes JMP 00000001625a9740
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetWindowPos 0000000077298e4e 5 bytes JMP 00000001625a8eb0
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!ShowWindow 00000000772a0dfb 5 bytes JMP 00000001625a8e30
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetFocus 00000000772a2175 5 bytes JMP 00000001625a8e80
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetActiveWindow 00000000772a3208 5 bytes JMP 00000001625a8f00
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!BringWindowToTop 00000000772a7b3b 5 bytes JMP 00000001625a8d80
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SetForegroundWindow 00000000772bf170 5 bytes JMP 00000001625a8d50
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!SwitchToThisWindow 00000000772d90fc 5 bytes JMP 00000001625a8db0
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\USER32.dll!ShowWindowAsync 00000000772f7d97 5 bytes JMP 00000001625a8de0
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\ole32.dll!DoDragDrop 000000007758a827 5 bytes JMP 00000001625a8d30
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075f61465 2 bytes [F6, 75]
.text C:\Program Files (x86)\Origin\Origin.exe[2276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075f614bb 2 bytes [F6, 75]
.text ... * 2
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[2512] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075f61465 2 bytes [F6, 75]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[2512] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075f614bb 2 bytes [F6, 75]
.text ... * 2
---- Processes - GMER 2.1 ----
Library C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 0000000140000000
Library C:\Program Files\Enigma Software Group\SpyHunter\ExecutionGuard.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 0000000180000000
Library C:\Program Files\Enigma Software Group\SpyHunter\ShScanner.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 000007fef5d50000
Library C:\Program Files\Enigma Software Group\SpyHunter\Defman.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 000007fef0c10000
Library C:\Program Files\Enigma Software Group\SpyHunter\Common.dll (*** suspicious ***) @ C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [1860] 00000000001e0000
---- EOF - GMER 2.1 ----
Geändert von Samyujas (15.08.2014 um 13:49 Uhr) |
|
15.08.2014, 18:17
| #2 |
| /// the machine /// TB-Ausbilder    | Spyhunter 4 löschen Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
15.08.2014, 21:19
| #3 |
| | Spyhunter 4 löschen Das Problem lag darin, dass es zu viele Zeichen waren, um einen Beitrag zu verfassen und da ich auf dieser Seite gelesen habe, dass das Thema wahrscheinlich nicht mehr bearbeitet wird, wenn man auf seinen eigenen Thread antwortet habe ich es in den Anhang gestellt.
__________________Hier sind dann jetzt die LOG-Dateien: OTL-Extras Code:
ATTFilter OTL Extras logfile created on: 15.08.2014 12:53:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lukas\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,97 Gb Total Physical Memory | 5,49 Gb Available Physical Memory | 68,92% Memory free
15,93 Gb Paging File | 12,81 Gb Available in Paging File | 80,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,17 Gb Total Space | 845,48 Gb Free Space | 90,80% Space Free | Partition Type: NTFS
Drive E: | 2794,25 Gb Total Space | 2792,86 Gb Free Space | 99,95% Space Free | Partition Type: FAT32
Computer Name: LUKAS-PC | User Name: Lukas | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-234909537-4166200705-3081485305-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CEDF130-EA57-4BFF-96CE-579A235E5650}" = lport=138 | protocol=17 | dir=in | app=system |
"{2C8B93BE-044A-4252-96E0-FAC1B14BA552}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6821A312-4037-4571-AFA6-00E6A14BDA62}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{72538D21-5912-4AD7-8D0E-89D51D5AA721}" = rport=138 | protocol=17 | dir=out | app=system |
"{82E80469-43FA-4991-831C-A3C20CD2A01A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A4FAFACE-3757-4BFA-A959-9DBDBF35D3AD}" = lport=445 | protocol=6 | dir=in | app=system |
"{B1C01D86-ADF0-44E9-88A2-7B9FAFBE8012}" = lport=137 | protocol=17 | dir=in | app=system |
"{C20D90A6-7892-4533-9597-23C8DD221AC9}" = rport=137 | protocol=17 | dir=out | app=system |
"{DDCB9F5E-2252-4D1C-B8D4-AD1FD2FBD394}" = lport=139 | protocol=6 | dir=in | app=system |
"{EA008B2B-440C-400F-B92A-14C7354403FC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F3B05A5B-F03C-4142-A957-450A019E7187}" = rport=445 | protocol=6 | dir=out | app=system |
"{FC508BC3-9231-443D-A028-778049898B25}" = rport=139 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{059884B7-8E3F-4B20-A483-F58C9B7D6F14}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0C906491-26B2-4E66-BB5A-602E6CA3336B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0D4B67DB-FA40-4E31-97E1-B6F85566B4F1}" = dir=out | app=c:\program files (x86)\dragon's prophet\dp_x64.exe |
"{175F9219-ED3C-43A0-954E-0237F0FD968E}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\peggle deluxe\peggle.exe |
"{1DB0D264-8CBF-45E8-A178-F5F366A52F22}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{234D56B0-DC87-4135-A1BA-26B687224D4A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{25EDFA80-AB2A-4C9D-9EAD-A8473030BEBF}" = dir=in | app=c:\program files (x86)\dragon's prophet\dp_x64.exe |
"{2C5D60F2-C9C9-4D63-BA11-2A67630233C5}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{397BDAC0-969C-41B8-8531-59C8B56F5F1E}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{3D2DC28D-6F3F-476B-BF6A-1C9B5D6C5218}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{3E41258C-6512-4200-9252-0867DC4F9B01}" = protocol=17 | dir=in | app=c:\users\lukas\appdata\roaming\utorrent\utorrent.exe |
"{40AA680B-B32E-4808-AA93-4A53000CD6B9}" = protocol=17 | dir=in | app=c:\users\lukas\downloads\utorrent.exe |
"{47183080-0FE1-45F5-B254-21D945955C13}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{47A2B741-A15A-4B2C-AEDD-8E7BD8449411}" = dir=in | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"{4A30BFF2-6229-442E-A347-4BBB9D3D99F3}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{517144D3-1B0E-4AA1-BCDA-05350B06F773}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{51B0C936-FB34-4DDB-A06B-9B200E0C5B1A}" = dir=in | app=c:\program files (x86)\dragon's prophet\dp_x86.exe |
"{56AAA173-15B2-4BA9-9638-CBA627F92D02}" = protocol=6 | dir=in | app=c:\users\lukas\appdata\roaming\utorrent\utorrent.exe |
"{62A40FF4-8568-428C-AF2D-8B15E00217B0}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs. zombies\plantsvszombies.exe |
"{638001DE-FA68-4F71-AFE4-AA7E2565E5EA}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{699D1B73-17CA-49B3-AECF-A407A8C41947}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{6FE1576B-A608-45B9-B442-B5DA8B3917CD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{7CF145C1-8422-43D9-A839-F61722E777BE}" = dir=out | app=c:\program files (x86)\dragon's prophet\launcher.exe |
"{7DC0F376-FA98-4F87-9FC6-36DF242BDB8B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{7F343548-8D0C-480B-BD56-374DEB730BF5}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{81D49EA5-19E7-4DF6-B0F1-012453D3BE3F}" = protocol=6 | dir=in | app=c:\users\lukas\downloads\utorrent.exe |
"{86577BFF-C6E2-4F3A-BA88-9199F0EF87A6}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{8D38FD45-D284-4FC7-B974-E799E675A9C1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8F0FB5D0-7582-4E45-8F9B-3E546A79AA19}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"{94F56100-1050-419C-B265-7276382DA7D4}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{967254FD-CA38-4C42-B694-CB656C7D22B9}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"{98427BD0-74AE-4FD4-BBB1-620C214BEAA3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A2E6E855-237D-41DF-BF07-745684832D62}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B160414A-DA38-4F93-B898-C5AB25B099C3}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B7B9CE5C-F9E1-42CA-BA91-1E6E17A4D3D3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BC9E7012-6C54-42B6-9DE1-2DF058571B9F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{BD55DAAC-8397-4A49-BA33-7881290C1032}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"{C39D2E8A-2F0C-4B73-A1C8-ED1FF2227416}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C5F1F440-4C76-42D0-BBAA-5CC6D4A55A2A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D81904BF-5BA4-4AAA-8DFD-461D27BD0B4E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E298C958-E534-4CB6-A917-6C9CE8844FE5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{E39919EF-093A-4079-8175-58C3E647E3F3}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5573045-B84C-4C98-BDAB-40A130F22A75}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\peggle deluxe\peggle.exe |
"{E59D4EC1-8A90-43B8-9E79-9CF817CBC6E7}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{ECC4C27F-C36C-44EC-9089-91025C5C70C0}" = dir=out | app=c:\program files (x86)\dragon's prophet\dp_x86.exe |
"{F2682518-865B-4985-A594-7A445E246A05}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F32FAC48-5FEE-4D71-BB9F-1EEEB8204459}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F3B98D09-2B46-4B25-8621-D565DDE5CCD1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{F6D88502-5DA7-4500-99F4-8817890668BC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{F89DCE57-AD7D-4568-8FB3-6BED525B603F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{063E1F2A-3CFE-43D4-A20E-7CD30CC183C0}C:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe |
"TCP Query User{2090255B-8E06-4118-B58C-A2E4FC214973}C:\program files (x86)\java\jdk1.7.0_51\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_51\bin\javaw.exe |
"TCP Query User{31B809E3-3A89-48C4-8C5D-FFBC28265335}C:\users\lukas\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe" = protocol=6 | dir=in | app=c:\users\lukas\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe |
"TCP Query User{4CA22310-E742-44D8-89F9-73DCF413C35B}C:\users\lukas\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\lukas\downloads\utorrent.exe |
"TCP Query User{5D79BD38-C2DE-45D5-A24B-3DCFBADB8A2D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{615134C7-B384-4F9C-A3D8-921A2B5FCA4F}C:\program files (x86)\greenfoot\greenfoot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\greenfoot\greenfoot.exe |
"TCP Query User{CD44836F-05A3-4C91-A91A-CE28E9131CC7}C:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe |
"TCP Query User{EEA14554-B15A-49E7-9AB2-DCCFE4A872E7}C:\program files (x86)\origin games\dead space\dead space.exe" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"TCP Query User{FDEB0D93-B9AA-477D-8DF4-806DBAFDEFD1}C:\program files (x86)\greenfoot\greenfoot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\greenfoot\greenfoot.exe |
"UDP Query User{07314630-C19D-4992-91F3-E8C64E4AAAD9}C:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe |
"UDP Query User{2178CEA2-5C3A-480B-A9AE-BE3AF69B4F99}C:\program files (x86)\origin games\dead space\dead space.exe" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\dead space\dead space.exe |
"UDP Query User{286AC5B8-CBF0-477A-893B-0C513BBF3DEB}C:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_51\jre\bin\java.exe |
"UDP Query User{8334C867-F944-4522-A758-F02591CE57B6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{8DC039FF-E1D7-483B-84CA-6624223E4724}C:\users\lukas\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe" = protocol=17 | dir=in | app=c:\users\lukas\appdata\local\temp\fritz!wlan repeater 300e\fsetup.exe |
"UDP Query User{D13C47BF-3500-47B2-8B94-2EB3F38F2652}C:\program files (x86)\greenfoot\greenfoot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\greenfoot\greenfoot.exe |
"UDP Query User{D906E9BC-E248-4921-B1D9-5F709E81F68D}C:\program files (x86)\greenfoot\greenfoot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\greenfoot\greenfoot.exe |
"UDP Query User{E3C1BF6E-FE9C-4F0C-8789-1A30FD896BF1}C:\program files (x86)\java\jdk1.7.0_51\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_51\bin\javaw.exe |
"UDP Query User{E8F350D2-D4CB-48AF-B46E-6F231BCEE98D}C:\users\lukas\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\lukas\downloads\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00957033-C081-5235-665A-A014A6E2FF7B}" = AMD Catalyst Install Manager
"{5AD2A7FD-38FA-F9DC-353D-9979C06AD922}" = AMD Media Foundation Decoders
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{7F37261B-D743-58A1-6DF6-47D27163B144}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{9138BCE7-46AD-89C7-A18F-4BF309C57E99}" = AMD Accelerated Video Transcoding
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95B039D1-3406-7AA8-DFE8-605A4F92640F}" = AMD Drag and Drop Transcoding
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C401BE9C-5645-E3C0-3A4D-0F40144EDC0D}" = AMD Fuel
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E0CF7D6C-23B7-FBB2-212D-FFE83E9A70CE}" = AMD Wireless Display v3.0
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.10
"jdownloader2" = JDownloader 2
"VLC media player" = VLC media player 2.1.4
"WinRAR archiver" = WinRAR 5.10 beta 2 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{025A585C-0C66-413D-80D2-4C05CB699771}" = Dead Space
"{08881360-96CB-EC4A-A4E3-F77812CD4773}" = Catalyst Control Center Localization All
"{0A3925EA-5B0E-401B-A189-7419149747B2}" = Adobe AIR
"{0D0852A5-063F-F6DF-3A29-444A0627B5DB}" = CCC Help Polish
"{14FDCDF8-F8C9-7F1A-C5AE-91303CEFCE00}" = CCC Help Japanese
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1EF84FE4-5912-A6BB-673A-139D3A8FFDC6}" = CCC Help Greek
"{1F5BD089-B4DC-4F88-ACAE-342055DF5A0C}" = Avira
"{1FC98A02-6795-B15B-C12D-CFE8B734CCA6}" = CCC Help Thai
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 60
"{290D4B8B-A145-9117-0D9F-2E98EDEA1BB2}" = CCC Help Finnish
"{2B6B4042-E323-1582-E3FD-DF973C3E5891}" = Catalyst Control Center InstallProxy
"{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1" = Drakonia Configurator
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{32A3A4F4-B792-11D6-A78A-00B0D0170510}" = Java SE Development Kit 7 Update 51
"{3F34E8A2-C606-E25F-EF4B-9238F25095A3}" = CCC Help Norwegian
"{4535C931-0203-7AD4-EA89-9A32BC1A0AFB}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{517CC397-B22F-4593-8DCB-DE72CC541E9A}" = League of Legends
"{528EA31F-6F95-CD01-E622-5C163A7CDCBC}" = AMD Catalyst Control Center
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}" = Pflanzen gegen Zombies™
"{6281012B-627F-D065-9163-19BB345D9BC3}" = CCC Help Italian
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 12.3, 2013.10.21
"{6632C7F4-6DD2-93ED-0EED-3FB48FB5AAD9}" = CCC Help English
"{6AC0BBA9-D25C-B6A6-E4D9-9F73352543ED}" = CCC Help Danish
"{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}" = ON_OFF Charge 2 B13.1028.1
"{6DCD782C-D4AE-BA90-24C5-146E83221E9B}" = CCC Help Korean
"{6EA45411-AFDA-7CED-9458-7123FE32602C}" = Catalyst Control Center Graphics Previews Common
"{6FB04104-6C0B-42D4-32E8-A1F5EEE14565}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B33636-98AC-58D9-A935-13D92BCB61A7}" = CCC Help Swedish
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FE81645-60EC-BC70-2AAA-880B421A0202}" = CCC Help Portuguese
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}" = Greenfoot
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{91C25547-9534-41A5-823A-1E54BA16EA3F}" = SHARKOON Skiller
"{9590977b-7b6f-467e-a11a-efa1fae804da}" = Avira
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9FB0FA81-D337-1241-1B5E-97A44A1991B8}" = CCC Help German
"{A9746530-28CA-C202-73DC-FD0E3227B6F7}" = CCC Help Chinese Traditional
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Deutsch
"{B22DAEBD-F945-079D-6BD7-B702A1EAEE72}" = CCC Help Spanish
"{C2B6FCE2-CD2C-5EE8-0E07-8CB5B365E66C}" = CCC Help Chinese Standard
"{C31556D7-F2B9-4787-B223-F7A035067E89}_is1" = Dragon's Prophet
"{C6CD40D5-0EBE-3A1E-D637-797F58800187}" = CCC Help Russian
"{D29AC9D1-7F4E-345E-D0E3-82648D161C3D}" = CCC Help Hungarian
"{D66F03D5-2132-5C27-4509-AA166C5883CA}" = CCC Help Turkish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FFA68087-92B5-1A8A-76B1-6CD38BCB6C61}" = CCC Help French
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battle.net" = Battle.net
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.34.430
"Hearthstone" = Hearthstone
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}" = ON_OFF Charge 2 B13.1028.1
"Katawa Shoujo" = Katawa Shoujo
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware Version 2.0.2.1012
"Minecraft1.7.9" = Minecraft1.7.9
"Mozilla Firefox 31.0 (x86 de)" = Mozilla Firefox 31.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Origin" = Origin
"Steam" = Steam
"Steam App 4000" = Garry's Mod
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-234909537-4166200705-3081485305-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21.07.2014 15:31:26 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.07.2014 05:03:41 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.07.2014 14:26:54 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.07.2014 06:50:11 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.07.2014 15:51:55 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2014 08:24:16 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2014 15:17:41 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.07.2014 08:28:26 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.07.2014 13:52:00 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
Error - 26.07.2014 08:08:53 | Computer Name = Lukas-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 25.07.2014 08:26:57 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 25.07.2014 13:50:40 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 26.07.2014 08:07:25 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 27.07.2014 09:25:00 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 27.07.2014 16:08:40 | Computer Name = Lukas-PC | Source = DCOM | ID = 10010
Description =
Error - 27.07.2014 16:10:40 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 27.07.2014 17:16:49 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 28.07.2014 08:01:32 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 29.07.2014 08:06:02 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
Error - 30.07.2014 08:25:30 | Computer Name = Lukas-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
UsbCharger
< End of report >
FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-08-2014
Ran by Lukas (administrator) on LUKAS-PC on 15-08-2014 13:51:50
Running from C:\Users\Lukas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Enigma Software Group USA, LLC.) C:\Config.Msi\16453.rbf
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AppWork GmbH) C:\Users\Lukas\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\MountPoints2: {d2f01a2f-ca43-11e3-b928-74d4359988e1} - F:\pushinst.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lukas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-22]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-15 13:51 - 2014-08-15 13:52 - 00010502 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-15 13:51 - 2014-08-15 13:51 - 00000000 ____D () C:\FRST
2014-08-15 13:49 - 2014-08-15 13:50 - 02100224 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-15 13:47 - 2014-08-15 13:48 - 00000000 ____D () C:\Users\Lukas\Desktop\Spyhunter 4
2014-08-15 13:47 - 2014-08-15 13:47 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-15 13:27 - 2014-08-15 13:27 - 00090926 _____ () C:\Users\Lukas\Desktop\Trojaner-Bord.txt
2014-08-15 13:12 - 2014-08-15 13:37 - 303789721 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.rar.part
2014-08-15 12:52 - 2014-03-26 10:59 - 303749173 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.mp4
2014-08-15 12:27 - 2014-08-15 12:52 - 303749297 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.rar
2014-08-15 11:42 - 2014-08-15 13:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-15 11:41 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-15 11:33 - 2014-08-15 11:35 - 00000000 ____D () C:\AdwCleaner
2014-08-15 11:31 - 2014-08-15 11:31 - 01101648 _____ () C:\Users\Lukas\Downloads\AdwCleaner - CHIP-Installer.exe
2014-08-15 10:58 - 2014-08-15 10:58 - 00000000 _____ () C:\autoexec.bat
2014-08-15 10:57 - 2014-08-15 11:39 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 10:57 - 2014-08-15 10:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-15 10:53 - 2014-08-15 12:01 - 301496237 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 05 Ger Sub.rar
2014-08-15 02:02 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 02:02 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 02:02 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 02:02 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 02:02 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 02:02 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 02:02 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 02:02 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 01:16 - 2014-08-15 01:40 - 303196347 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 04 Ger Sub.rar
2014-08-15 00:49 - 2014-08-15 01:14 - 303842871 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 03 Ger Sub.rar
2014-08-15 00:25 - 2014-08-15 00:48 - 293160041 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 02 Ger Sub.rar
2014-08-14 23:50 - 2014-08-15 00:20 - 293117020 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 01 Ger Sub.rar
2014-08-14 23:46 - 2014-08-14 23:46 - 00002082 _____ () C:\Users\Lukas\Desktop\JDownloader 2.lnk
2014-08-14 23:46 - 2014-08-14 23:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-08-14 23:45 - 2014-08-15 11:40 - 00000000 ____D () C:\Users\Lukas\AppData\Local\JDownloader v2.0
2014-08-14 23:44 - 2014-08-14 23:44 - 00076440 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_2002.exe
2014-08-14 23:26 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 23:26 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 23:26 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 23:26 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 23:26 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 23:26 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 23:26 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 23:26 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 23:26 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 23:26 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 23:26 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 23:26 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 23:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 23:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 23:25 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 23:25 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 23:25 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 23:25 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 23:25 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 23:25 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 23:25 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 23:25 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 23:25 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 23:25 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 23:25 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 23:25 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 23:25 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 23:25 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 23:25 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 23:25 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 23:25 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 23:25 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 23:25 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 23:25 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 23:25 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 23:25 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 23:25 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 23:25 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 23:25 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 23:25 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 23:25 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 23:25 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 23:25 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 23:25 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 23:25 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 23:25 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 23:25 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 23:25 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 23:25 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 23:25 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 23:25 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 23:25 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 23:25 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 23:25 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 23:25 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 23:25 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 23:25 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 23:25 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 23:25 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 23:25 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 23:25 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 23:25 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 23:25 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 23:25 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 23:25 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 23:25 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 23:25 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 23:25 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 23:25 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 23:25 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 23:25 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 23:25 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 23:25 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 23:25 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-10 21:40 - 2014-08-10 21:40 - 56510422 _____ () C:\Users\Lukas\Downloads\aytee-cyberjunk-ep_tapez.eu.rar
2014-08-09 23:57 - 2014-08-09 23:57 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\RenPy
2014-08-09 22:53 - 2014-08-09 22:53 - 00001107 _____ () C:\Users\Lukas\Desktop\Katawa Shoujo.lnk
2014-08-09 22:52 - 2014-08-09 22:53 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-09 21:46 - 2014-08-09 22:18 - 448764288 _____ () C:\Users\Lukas\Downloads\[4ls]_katawa_shoujo_1.2-[windows][64ECD9F9].exe
2014-08-08 01:21 - 2014-08-08 01:21 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Unity
2014-08-08 01:03 - 2014-08-08 01:03 - 01080480 _____ (Unity Technologies ApS) C:\Users\Lukas\Downloads\UnityWebPlayer.exe
2014-08-08 01:03 - 2014-08-08 01:03 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Unity
2014-08-06 21:46 - 2014-08-06 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Blizzard
2014-08-06 21:37 - 2014-08-06 21:46 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-06 21:37 - 2014-08-06 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-06 21:32 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-06 21:32 - 2014-08-06 21:32 - 00001118 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-06 21:32 - 2014-08-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-06 20:51 - 2014-08-06 20:51 - 44806834 _____ () C:\Users\Lukas\Downloads\Apollo Justice - Ace Attorney.7z
2014-08-03 18:30 - 2014-08-03 18:30 - 00008561 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-03 13:55 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 13:55 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 13:55 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 13:55 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 13:55 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 13:54 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 13:54 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 13:54 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 13:54 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 17:52 - 2014-07-31 17:52 - 00818613 _____ () C:\Users\Lukas\Downloads\PLRBeta1.1.rar
2014-07-29 16:02 - 2014-07-29 16:02 - 00586077 _____ () C:\Users\Lukas\Downloads\Snakewood.zip
2014-07-29 15:51 - 2014-07-29 15:54 - 56840704 _____ () C:\Users\Lukas\Downloads\VizzedRgrPlugin-v2.0.msi
2014-07-24 23:44 - 2014-07-24 23:44 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-24 02:16 - 2014-07-24 02:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\dvdcss
2014-07-24 02:08 - 2014-07-24 02:08 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-24 02:07 - 2014-07-24 02:08 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-24 02:06 - 2014-07-24 02:06 - 05408152 _____ (Canneverbe Limited ) C:\Users\Lukas\Downloads\cdbxp_setup_4.5.4.4954_minimal.exe
2014-07-24 01:23 - 2014-08-01 23:17 - 00000000 ____D () C:\Users\Lukas\Desktop\Training
2014-07-23 22:19 - 2014-07-24 04:00 - 00000000 ____D () C:\Users\Lukas\Desktop\Programmieren
2014-07-23 01:34 - 2014-07-23 01:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 14:57 - 2014-07-21 14:57 - 00000000 ____D () C:\Users\Lukas\Desktop\Mathe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-15 13:52 - 2014-08-15 13:51 - 00010502 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-15 13:51 - 2014-08-15 13:51 - 00000000 ____D () C:\FRST
2014-08-15 13:50 - 2014-08-15 13:49 - 02100224 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-15 13:48 - 2014-08-15 13:47 - 00000000 ____D () C:\Users\Lukas\Desktop\Spyhunter 4
2014-08-15 13:47 - 2014-08-15 13:47 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-15 13:47 - 2014-04-22 19:06 - 00000000 ____D () C:\Users\Lukas
2014-08-15 13:37 - 2014-08-15 13:12 - 303789721 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.rar.part
2014-08-15 13:37 - 2014-04-22 21:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-15 13:37 - 2014-04-17 10:18 - 01072184 _____ () C:\Windows\WindowsUpdate.log
2014-08-15 13:27 - 2014-08-15 13:27 - 00090926 _____ () C:\Users\Lukas\Desktop\Trojaner-Bord.txt
2014-08-15 13:13 - 2014-08-15 11:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 12:56 - 2014-04-23 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-15 12:52 - 2014-08-15 12:27 - 303749297 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.rar
2014-08-15 12:46 - 2014-05-09 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\vlc
2014-08-15 12:35 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-08-15 12:35 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-08-15 12:35 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-15 12:01 - 2014-08-15 10:53 - 301496237 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 05 Ger Sub.rar
2014-08-15 11:44 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-15 11:44 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-04-22 21:55 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Malwarebytes
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-08-15 11:40 - 2014-08-14 23:45 - 00000000 ____D () C:\Users\Lukas\AppData\Local\JDownloader v2.0
2014-08-15 11:39 - 2014-08-15 10:57 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 11:36 - 2014-05-12 08:22 - 00003252 _____ () C:\Windows\PFRO.log
2014-08-15 11:36 - 2014-04-25 16:18 - 00013945 _____ () C:\Windows\setupact.log
2014-08-15 11:36 - 2014-04-22 22:32 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-15 11:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-15 11:35 - 2014-08-15 11:33 - 00000000 ____D () C:\AdwCleaner
2014-08-15 11:34 - 2014-04-23 13:40 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-15 11:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-15 11:31 - 2014-08-15 11:31 - 01101648 _____ () C:\Users\Lukas\Downloads\AdwCleaner - CHIP-Installer.exe
2014-08-15 10:58 - 2014-08-15 10:58 - 00000000 _____ () C:\autoexec.bat
2014-08-15 10:57 - 2014-08-15 10:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-15 10:49 - 2014-04-22 22:32 - 00000000 ____D () C:\ProgramData\Origin
2014-08-15 10:49 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-08-15 10:47 - 2009-07-14 06:45 - 00283728 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-15 10:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 02:07 - 2014-03-13 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 02:06 - 2014-03-13 13:01 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 02:02 - 2014-05-06 13:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 01:40 - 2014-08-15 01:16 - 303196347 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 04 Ger Sub.rar
2014-08-15 01:14 - 2014-08-15 00:49 - 303842871 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 03 Ger Sub.rar
2014-08-15 00:48 - 2014-08-15 00:25 - 293160041 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 02 Ger Sub.rar
2014-08-15 00:20 - 2014-08-14 23:50 - 293117020 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 01 Ger Sub.rar
2014-08-14 23:46 - 2014-08-14 23:46 - 00002082 _____ () C:\Users\Lukas\Desktop\JDownloader 2.lnk
2014-08-14 23:46 - 2014-08-14 23:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-08-14 23:46 - 2014-05-09 21:51 - 00000000 ____D () C:\Users\Lukas\Desktop\Musik
2014-08-14 23:44 - 2014-08-14 23:44 - 00076440 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_2002.exe
2014-08-14 17:21 - 2014-07-04 13:07 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-13 17:21 - 2014-08-06 21:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-10 21:40 - 2014-08-10 21:40 - 56510422 _____ () C:\Users\Lukas\Downloads\aytee-cyberjunk-ep_tapez.eu.rar
2014-08-09 23:57 - 2014-08-09 23:57 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\RenPy
2014-08-09 23:57 - 2014-04-22 19:06 - 00000000 ____D () C:\Users\Lukas\AppData\Local\VirtualStore
2014-08-09 22:53 - 2014-08-09 22:53 - 00001107 _____ () C:\Users\Lukas\Desktop\Katawa Shoujo.lnk
2014-08-09 22:53 - 2014-08-09 22:52 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-09 22:18 - 2014-08-09 21:46 - 448764288 _____ () C:\Users\Lukas\Downloads\[4ls]_katawa_shoujo_1.2-[windows][64ECD9F9].exe
2014-08-08 01:21 - 2014-08-08 01:21 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Unity
2014-08-08 01:03 - 2014-08-08 01:03 - 01080480 _____ (Unity Technologies ApS) C:\Users\Lukas\Downloads\UnityWebPlayer.exe
2014-08-08 01:03 - 2014-08-08 01:03 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Unity
2014-08-07 04:06 - 2014-08-14 23:25 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 23:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:46 - 2014-08-06 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Blizzard
2014-08-06 21:46 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-06 21:37 - 2014-08-06 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-06 21:37 - 2014-07-04 13:07 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Battle.net
2014-08-06 21:32 - 2014-08-06 21:32 - 00001118 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-06 21:32 - 2014-08-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-06 20:51 - 2014-08-06 20:51 - 44806834 _____ () C:\Users\Lukas\Downloads\Apollo Justice - Ace Attorney.7z
2014-08-05 17:46 - 2014-05-31 18:18 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-05 17:26 - 2014-04-28 16:18 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 17:26 - 2014-04-22 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-05 17:26 - 2014-04-22 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 17:26 - 2014-04-17 10:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-05 01:05 - 2014-04-29 21:33 - 00000000 ____D () C:\Users\Lukas\Desktop\Pokémon
2014-08-04 19:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-03 19:02 - 2014-04-28 18:47 - 00000000 ____D () C:\Users\Lukas\.gimp-2.8
2014-08-03 18:30 - 2014-08-03 18:30 - 00008561 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-01 23:17 - 2014-07-24 01:23 - 00000000 ____D () C:\Users\Lukas\Desktop\Training
2014-08-01 01:41 - 2014-08-14 23:25 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 23:25 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 21:08 - 2014-04-28 18:48 - 00000000 ____D () C:\Users\Lukas\AppData\Local\gtk-2.0
2014-07-31 17:52 - 2014-07-31 17:52 - 00818613 _____ () C:\Users\Lukas\Downloads\PLRBeta1.1.rar
2014-07-29 16:02 - 2014-07-29 16:02 - 00586077 _____ () C:\Users\Lukas\Downloads\Snakewood.zip
2014-07-29 15:54 - 2014-07-29 15:51 - 56840704 _____ () C:\Users\Lukas\Downloads\VizzedRgrPlugin-v2.0.msi
2014-07-26 19:59 - 2014-03-18 03:09 - 00000000 ____D () C:\Users\Lukas\Desktop\YGOPro DevPro
2014-07-25 16:52 - 2014-08-14 23:25 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 23:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 23:25 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 23:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 23:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 23:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 23:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 23:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 23:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 23:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 23:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 23:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 23:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 23:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 23:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 23:25 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 23:25 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 23:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 23:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 23:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 23:25 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 23:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 23:25 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 23:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 23:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 23:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 23:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 23:25 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 23:25 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 23:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 23:25 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 23:25 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 23:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 23:25 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 23:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 23:25 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 23:25 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 23:25 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 23:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 23:25 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 23:25 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 23:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 23:25 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 23:25 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 23:25 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 23:25 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 23:25 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 23:25 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 23:25 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 23:25 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 23:25 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 23:44 - 2014-07-24 23:44 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-24 14:27 - 2014-04-22 21:30 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-24 04:00 - 2014-07-23 22:19 - 00000000 ____D () C:\Users\Lukas\Desktop\Programmieren
2014-07-24 02:16 - 2014-07-24 02:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\dvdcss
2014-07-24 02:08 - 2014-07-24 02:08 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:07 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-24 02:06 - 2014-07-24 02:06 - 05408152 _____ (Canneverbe Limited ) C:\Users\Lukas\Downloads\cdbxp_setup_4.5.4.4954_minimal.exe
2014-07-23 21:50 - 2014-04-22 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 01:34 - 2014-07-23 01:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 14:57 - 2014-07-21 14:57 - 00000000 ____D () C:\Users\Lukas\Desktop\Mathe
2014-07-16 05:25 - 2014-08-14 23:26 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-07-16 05:23 - 2014-08-14 23:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-07-16 04:46 - 2014-08-14 23:26 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-07-16 04:46 - 2014-08-14 23:26 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-07-16 04:12 - 2014-08-14 23:26 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
Files to move or delete:
====================
C:\Users\Lukas\DSETUP.dll
C:\Users\Lukas\dsetup32.dll
C:\Users\Lukas\DXSETUP.exe
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\130525262957698816.exe
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Lukas\AppData\Local\Temp\JDSetup130525262947038207.exe
C:\Users\Lukas\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\Lukas\AppData\Local\Temp\PrefJsonCpp.exe
C:\Users\Lukas\AppData\Local\Temp\proxy_vole2223955713841825662.dll
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
C:\Users\Lukas\AppData\Local\Temp\SHSetup.exe
C:\Users\Lukas\AppData\Local\Temp\sqlite3.exe
C:\Users\Lukas\AppData\Local\Temp\tmp100C.exe
C:\Users\Lukas\AppData\Local\Temp\tmp6CB.exe
C:\Users\Lukas\AppData\Local\Temp\YgoUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-09 10:34
==================== End Of Log ============================
|
|
16.08.2014, 14:26
| #4 |
| /// the machine /// TB-Ausbilder | Spyhunter 4 löschen hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2014, 14:48
| #5 |
| | Spyhunter 4 löschen Das Programm scheint auf den ersten Blick weg zu sein, seitdem ich den Computer neugestartet habe. Zumindest ist das Icon aus der Startleiste weg und ich werd nich mehr bei jedem Programm, welches ich öffnen möchte gefragt, ob es wirklich ausgeführt werden soll. Hoffentlich is es dann jetz auch wirklich runter  Hier die LOG-Datei: Code:
ATTFilter ComboFix 14-08-15.01 - Lukas 16.08.2014 15:33:49.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8157.5758 [GMT 2:00]
ausgeführt von:: c:\users\Lukas\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lukas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-16 bis 2014-08-16 ))))))))))))))))))))))))))))))
.
.
2014-08-15 11:51 . 2014-08-15 11:52 -------- d-----w- C:\FRST
2014-08-15 09:42 . 2014-08-15 11:13 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-15 09:41 . 2014-08-15 09:41 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-08-15 09:41 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-15 09:41 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-15 09:33 . 2014-08-15 09:35 -------- d-----w- C:\AdwCleaner
2014-08-15 08:57 . 2014-08-15 08:57 -------- d-----w- c:\program files\Enigma Software Group
2014-08-15 08:57 . 2014-08-15 09:39 -------- d-----w- c:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 08:57 . 2014-08-15 08:57 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-08-15 00:02 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-15 00:02 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-15 00:02 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-15 00:02 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-15 00:02 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-15 00:02 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-15 00:02 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-15 00:02 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-14 21:45 . 2014-08-15 21:20 -------- d-----w- c:\users\Lukas\AppData\Local\JDownloader v2.0
2014-08-14 21:25 . 2014-07-31 23:41 810176 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2014-08-09 21:57 . 2014-08-09 21:57 -------- d-----w- c:\users\Lukas\AppData\Roaming\RenPy
2014-08-09 20:52 . 2014-08-09 20:53 -------- d-----w- c:\program files (x86)\Katawa Shoujo
2014-08-07 23:21 . 2014-08-07 23:21 -------- d-----w- c:\users\Lukas\AppData\Roaming\Unity
2014-08-07 23:03 . 2014-08-07 23:03 -------- d-----w- c:\users\Lukas\AppData\Local\Unity
2014-08-06 19:46 . 2014-08-06 19:46 -------- d-----w- c:\users\Lukas\AppData\Local\Blizzard
2014-08-06 19:37 . 2014-08-06 19:46 -------- d-----w- c:\program files (x86)\Hearthstone
2014-08-06 19:32 . 2014-08-13 15:21 -------- d-----w- c:\program files (x86)\Battle.net
2014-08-03 11:55 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-03 11:55 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-03 11:55 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-03 11:55 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-03 11:55 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-03 11:55 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-03 11:55 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-03 11:55 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-03 11:55 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-03 11:55 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-03 11:54 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-03 11:54 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-03 11:54 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-03 11:54 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-24 21:44 . 2014-07-24 21:44 -------- d-----w- c:\programdata\Riot Games
2014-07-24 00:16 . 2014-07-24 00:16 -------- d-----w- c:\users\Lukas\AppData\Roaming\dvdcss
2014-07-24 00:08 . 2014-07-24 00:08 -------- d-----w- c:\programdata\Canneverbe Limited
2014-07-24 00:08 . 2014-07-24 00:08 -------- d-----w- c:\users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 00:07 . 2014-07-24 00:08 -------- d-----w- c:\program files (x86)\CDBurnerXP
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-15 00:06 . 2014-03-13 11:01 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-07-24 12:27 . 2014-04-22 19:30 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-08 20:57 . 2014-04-23 11:59 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 20:57 . 2014-04-23 11:59 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-24 10:51 . 2014-04-22 19:15 117712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-06-18 02:18 . 2014-07-09 18:55 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-09 18:55 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-09 18:55 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-09 18:55 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-09 18:54 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-09 18:54 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-09 18:54 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-09 18:55 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-09 18:55 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-09 18:55 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-09 18:55 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-09 18:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-09 18:55 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-09 18:55 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-09 18:55 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-09 18:55 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-09 18:55 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-09 18:55 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-09 18:55 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-09 18:55 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-09 18:55 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-09 18:55 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-05-22 09:54 . 2014-04-22 19:15 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-08-06 3600728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-11 766208]
"GamingMouse"="c:\program files (x86)\Drakonia Configurator\hid.exe" [2013-10-29 248832]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-05 751184]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"GamingKeyboard"="c:\program files (x86)\SHARKOON Skiller\GameMon.exe" [2012-06-07 1803264]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-24 190032]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R1 UsbCharger;UsbCharger;c:\windows\system32\DRIVERS\UsbCharger.sys;c:\windows\SYSNATIVE\DRIVERS\UsbCharger.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MHIKEY10;MHIKEY10;c:\windows\system32\Drivers\MHIKEY10x64.sys;c:\windows\SYSNATIVE\Drivers\MHIKEY10x64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AODDriver4.2.0;AODDriver4.2.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 GameKB;SHARKOON Skiller;c:\windows\system32\drivers\GameKB.sys;c:\windows\SYSNATIVE\drivers\GameKB.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-23 20:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\program files\VIA XHCI UASP Utility\usb3Monitor" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-12-13 13662936]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-234909537-4166200705-3081485305-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-234909537-4166200705-3081485305-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-16 15:42:12 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-08-16 13:42
.
Vor Suchlauf: 10 Verzeichnis(se), 904.763.875.328 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 904.619.053.056 Bytes frei
.
- - End Of File - - E6D2AD5F8F2166B32E346B7DE0FED77E
A36C5E4F47E84449FF07ED3517B43A31
|
|
17.08.2014, 07:20
| #6 |
| /// the machine /// TB-Ausbilder | Spyhunter 4 löschen Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Spyhunter 4 löschen |
|
17.08.2014, 15:44
| #7 |
| | Spyhunter 4 löschen MBAM Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 17.08.2014 Suchlauf-Zeit: 15:35:36 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.17.03 Rootkit Datenbank: v2014.08.16.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Lukas Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 300732 Verstrichene Zeit: 7 Min, 53 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) AdwCleaner Code:
ATTFilter # AdwCleaner v3.307 - Bericht erstellt am 17/08/2014 um 16:25:24
# Aktualisiert 17/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Lukas - LUKAS-PC
# Gestartet von : C:\Users\Lukas\Downloads\adwcleaner_3.307.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [3893 octets] - [15/08/2014 11:33:48]
AdwCleaner[R1].txt - [1048 octets] - [17/08/2014 16:24:48]
AdwCleaner[S0].txt - [3609 octets] - [15/08/2014 11:35:24]
AdwCleaner[S1].txt - [925 octets] - [17/08/2014 16:25:24]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [984 octets] ##########
JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Lukas on 17.08.2014 at 16:30:43,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Lukas\AppData\Roaming\mozilla\firefox\profiles\3cfhwcgk.default\minidumps [29 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.08.2014 at 16:34:50,29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Lukas (administrator) on LUKAS-PC on 17-08-2014 16:38:38
Running from C:\Users\Lukas\Desktop\Spyhunter 4
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lukas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-22]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 16:34 - 2014-08-17 16:34 - 00000827 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-08-17 16:30 - 2014-08-17 16:30 - 00000000 ____D () C:\Windows\ERUNT
2014-08-17 16:24 - 2014-08-17 16:24 - 01361671 _____ () C:\Users\Lukas\Downloads\adwcleaner_3.307.exe
2014-08-17 15:25 - 2014-08-17 16:17 - 312411371 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 22 Ger Sub.mp4
2014-08-17 14:33 - 2014-08-17 15:24 - 303923306 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 23 Ger Sub.mp4
2014-08-17 13:51 - 2014-08-17 14:32 - 305981203 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 15 Ger Sub.mp4
2014-08-17 13:09 - 2014-08-17 13:50 - 305674913 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 17 Ger Sub.mp4
2014-08-17 12:27 - 2014-08-17 13:09 - 308880360 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 21 Ger Sub.mp4
2014-08-17 11:56 - 2014-08-17 12:27 - 309084200 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 19 Ger Sub.mp4
2014-08-17 11:25 - 2014-08-17 11:55 - 300442124 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 14 Ger Sub.mp4
2014-08-17 10:59 - 2014-08-17 11:23 - 308115993 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 13 Ger Sub.mp4
2014-08-17 10:30 - 2014-08-17 10:54 - 299486307 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 12 Ger Sub.mp4
2014-08-17 10:04 - 2014-08-17 10:29 - 310637463 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 11 Ger Sub.mp4
2014-08-17 09:38 - 2014-08-17 10:03 - 309532935 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 10 Ger Sub.mp4
2014-08-17 09:13 - 2014-08-17 09:38 - 305881229 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 09 Ger Sub.mp4
2014-08-17 08:52 - 2014-08-17 09:12 - 308255925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 08 Ger Sub.mp4
2014-08-17 08:30 - 2014-08-17 08:51 - 309221925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 07 Ger Sub.mp4
2014-08-17 08:09 - 2014-08-17 08:29 - 297343577 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 06 Ger Sub.mp4
2014-08-17 07:48 - 2014-08-17 08:09 - 310002432 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 05 Ger Sub.mp4
2014-08-17 07:27 - 2014-08-17 07:47 - 305289811 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 04 Ger Sub.mp4
2014-08-17 07:05 - 2014-08-17 07:26 - 309286663 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 03 Ger Sub.mp4
2014-08-17 06:44 - 2014-08-17 07:05 - 302326736 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 02 Ger Sub.mp4
2014-08-17 06:23 - 2014-08-17 06:44 - 307999354 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 01 Ger Sub.mp4
2014-08-16 15:42 - 2014-08-16 15:42 - 00014975 _____ () C:\ComboFix.txt
2014-08-16 15:32 - 2014-08-16 15:42 - 00000000 ____D () C:\Qoobox
2014-08-16 15:32 - 2014-08-16 15:41 - 00000000 ____D () C:\Windows\erdnt
2014-08-16 15:32 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-16 15:32 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-16 15:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-16 15:30 - 2014-08-16 15:31 - 05571320 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-15 16:37 - 2014-03-26 10:58 - 304253734 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 10 Ger Sub.mp4
2014-08-15 16:06 - 2014-08-15 16:37 - 304253858 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 10 Ger Sub.rar
2014-08-15 16:05 - 2014-03-26 11:00 - 303889640 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 09 Ger Sub.mp4
2014-08-15 15:35 - 2014-08-15 16:05 - 303889764 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 09 Ger Sub.rar
2014-08-15 15:34 - 2014-03-26 11:00 - 303609070 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 08 Ger Sub.mp4
2014-08-15 15:03 - 2014-08-15 15:34 - 303609194 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 08 Ger Sub.rar
2014-08-15 14:03 - 2014-03-26 11:00 - 303940243 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.mp4
2014-08-15 13:54 - 2014-08-15 13:54 - 00380416 _____ () C:\Users\Lukas\Downloads\Gmer-19357.exe
2014-08-15 13:51 - 2014-08-17 16:38 - 00000000 ____D () C:\FRST
2014-08-15 13:47 - 2014-08-17 16:38 - 00000000 ____D () C:\Users\Lukas\Desktop\Spyhunter 4
2014-08-15 13:47 - 2014-08-15 13:47 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-15 13:12 - 2014-08-15 14:03 - 303940367 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.rar
2014-08-15 12:52 - 2014-03-26 10:59 - 303749173 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.mp4
2014-08-15 12:27 - 2014-08-15 12:52 - 303749297 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.rar
2014-08-15 11:42 - 2014-08-17 15:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-15 11:41 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-15 11:33 - 2014-08-17 16:25 - 00000000 ____D () C:\AdwCleaner
2014-08-15 11:31 - 2014-08-15 11:31 - 01101648 _____ () C:\Users\Lukas\Downloads\AdwCleaner - CHIP-Installer.exe
2014-08-15 10:58 - 2014-08-15 10:58 - 00000000 _____ () C:\autoexec.bat
2014-08-15 10:57 - 2014-08-15 11:39 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 10:57 - 2014-08-15 10:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-15 10:53 - 2014-08-15 12:01 - 301496237 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 05 Ger Sub.rar
2014-08-15 02:02 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 02:02 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 02:02 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 02:02 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 02:02 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 02:02 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 02:02 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 02:02 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 01:16 - 2014-08-15 01:40 - 303196347 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 04 Ger Sub.rar
2014-08-15 00:49 - 2014-08-15 01:14 - 303842871 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 03 Ger Sub.rar
2014-08-15 00:25 - 2014-08-15 00:48 - 293160041 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 02 Ger Sub.rar
2014-08-14 23:50 - 2014-08-15 00:20 - 293117020 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 01 Ger Sub.rar
2014-08-14 23:46 - 2014-08-14 23:46 - 00002082 _____ () C:\Users\Lukas\Desktop\JDownloader 2.lnk
2014-08-14 23:46 - 2014-08-14 23:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-08-14 23:45 - 2014-08-17 16:22 - 00000000 ____D () C:\Users\Lukas\AppData\Local\JDownloader v2.0
2014-08-14 23:44 - 2014-08-14 23:44 - 00076440 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_2002.exe
2014-08-14 23:26 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 23:26 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 23:26 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 23:26 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 23:26 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 23:26 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 23:26 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 23:26 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 23:26 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 23:26 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 23:26 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 23:26 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 23:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 23:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 23:25 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 23:25 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 23:25 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 23:25 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 23:25 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 23:25 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 23:25 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 23:25 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 23:25 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 23:25 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 23:25 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 23:25 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 23:25 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 23:25 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 23:25 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 23:25 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 23:25 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 23:25 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 23:25 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 23:25 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 23:25 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 23:25 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 23:25 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 23:25 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 23:25 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 23:25 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 23:25 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 23:25 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 23:25 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 23:25 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 23:25 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 23:25 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 23:25 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 23:25 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 23:25 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 23:25 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 23:25 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 23:25 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 23:25 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 23:25 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 23:25 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 23:25 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 23:25 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 23:25 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 23:25 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 23:25 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 23:25 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 23:25 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 23:25 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 23:25 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 23:25 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 23:25 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 23:25 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 23:25 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 23:25 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 23:25 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 23:25 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 23:25 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 23:25 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 23:25 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-10 21:40 - 2014-08-10 21:40 - 56510422 _____ () C:\Users\Lukas\Downloads\aytee-cyberjunk-ep_tapez.eu.rar
2014-08-09 23:57 - 2014-08-09 23:57 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\RenPy
2014-08-09 22:53 - 2014-08-09 22:53 - 00001107 _____ () C:\Users\Lukas\Desktop\Katawa Shoujo.lnk
2014-08-09 22:52 - 2014-08-09 22:53 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-09 21:46 - 2014-08-09 22:18 - 448764288 _____ () C:\Users\Lukas\Downloads\[4ls]_katawa_shoujo_1.2-[windows][64ECD9F9].exe
2014-08-08 01:21 - 2014-08-08 01:21 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Unity
2014-08-08 01:03 - 2014-08-08 01:03 - 01080480 _____ (Unity Technologies ApS) C:\Users\Lukas\Downloads\UnityWebPlayer.exe
2014-08-08 01:03 - 2014-08-08 01:03 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Unity
2014-08-06 21:46 - 2014-08-06 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Blizzard
2014-08-06 21:37 - 2014-08-06 21:46 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-06 21:37 - 2014-08-06 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-06 21:32 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-06 21:32 - 2014-08-06 21:32 - 00001118 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-06 21:32 - 2014-08-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-06 20:51 - 2014-08-06 20:51 - 44806834 _____ () C:\Users\Lukas\Downloads\Apollo Justice - Ace Attorney.7z
2014-08-03 18:30 - 2014-08-03 18:30 - 00008561 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-03 13:55 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 13:55 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 13:55 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 13:55 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 13:55 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 13:54 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 13:54 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 13:54 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 13:54 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 17:52 - 2014-07-31 17:52 - 00818613 _____ () C:\Users\Lukas\Downloads\PLRBeta1.1.rar
2014-07-29 16:02 - 2014-07-29 16:02 - 00586077 _____ () C:\Users\Lukas\Downloads\Snakewood.zip
2014-07-29 15:51 - 2014-07-29 15:54 - 56840704 _____ () C:\Users\Lukas\Downloads\VizzedRgrPlugin-v2.0.msi
2014-07-24 23:44 - 2014-07-24 23:44 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-24 02:16 - 2014-07-24 02:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\dvdcss
2014-07-24 02:08 - 2014-07-24 02:08 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-24 02:07 - 2014-07-24 02:08 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-24 02:06 - 2014-07-24 02:06 - 05408152 _____ (Canneverbe Limited ) C:\Users\Lukas\Downloads\cdbxp_setup_4.5.4.4954_minimal.exe
2014-07-24 01:23 - 2014-08-01 23:17 - 00000000 ____D () C:\Users\Lukas\Desktop\Training
2014-07-23 22:19 - 2014-08-15 17:07 - 00000000 ____D () C:\Users\Lukas\Desktop\Programmieren
2014-07-23 01:34 - 2014-07-23 01:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 14:57 - 2014-07-21 14:57 - 00000000 ____D () C:\Users\Lukas\Desktop\Mathe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 16:38 - 2014-08-15 13:51 - 00000000 ____D () C:\FRST
2014-08-17 16:38 - 2014-08-15 13:47 - 00000000 ____D () C:\Users\Lukas\Desktop\Spyhunter 4
2014-08-17 16:36 - 2014-04-22 21:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-17 16:34 - 2014-08-17 16:34 - 00000827 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-08-17 16:34 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 16:34 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 16:31 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-08-17 16:31 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-08-17 16:31 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 16:30 - 2014-08-17 16:30 - 00000000 ____D () C:\Windows\ERUNT
2014-08-17 16:30 - 2014-04-22 22:32 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-17 16:26 - 2014-05-12 08:22 - 00004478 _____ () C:\Windows\PFRO.log
2014-08-17 16:26 - 2014-04-25 16:18 - 00014281 _____ () C:\Windows\setupact.log
2014-08-17 16:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 16:25 - 2014-08-15 11:33 - 00000000 ____D () C:\AdwCleaner
2014-08-17 16:25 - 2014-04-17 10:18 - 01162113 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 16:24 - 2014-08-17 16:24 - 01361671 _____ () C:\Users\Lukas\Downloads\adwcleaner_3.307.exe
2014-08-17 16:22 - 2014-08-14 23:45 - 00000000 ____D () C:\Users\Lukas\AppData\Local\JDownloader v2.0
2014-08-17 16:17 - 2014-08-17 15:25 - 312411371 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 22 Ger Sub.mp4
2014-08-17 15:56 - 2014-04-23 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-17 15:35 - 2014-08-15 11:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 15:24 - 2014-08-17 14:33 - 303923306 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 23 Ger Sub.mp4
2014-08-17 14:32 - 2014-08-17 13:51 - 305981203 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 15 Ger Sub.mp4
2014-08-17 13:50 - 2014-08-17 13:09 - 305674913 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 17 Ger Sub.mp4
2014-08-17 13:09 - 2014-08-17 12:27 - 308880360 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 21 Ger Sub.mp4
2014-08-17 12:27 - 2014-08-17 11:56 - 309084200 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 19 Ger Sub.mp4
2014-08-17 11:55 - 2014-08-17 11:25 - 300442124 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 14 Ger Sub.mp4
2014-08-17 11:23 - 2014-08-17 10:59 - 308115993 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 13 Ger Sub.mp4
2014-08-17 10:54 - 2014-08-17 10:30 - 299486307 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 12 Ger Sub.mp4
2014-08-17 10:29 - 2014-08-17 10:04 - 310637463 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 11 Ger Sub.mp4
2014-08-17 10:03 - 2014-08-17 09:38 - 309532935 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 10 Ger Sub.mp4
2014-08-17 09:38 - 2014-08-17 09:13 - 305881229 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 09 Ger Sub.mp4
2014-08-17 09:12 - 2014-08-17 08:52 - 308255925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 08 Ger Sub.mp4
2014-08-17 08:51 - 2014-08-17 08:30 - 309221925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 07 Ger Sub.mp4
2014-08-17 08:29 - 2014-08-17 08:09 - 297343577 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 06 Ger Sub.mp4
2014-08-17 08:09 - 2014-08-17 07:48 - 310002432 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 05 Ger Sub.mp4
2014-08-17 07:47 - 2014-08-17 07:27 - 305289811 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 04 Ger Sub.mp4
2014-08-17 07:26 - 2014-08-17 07:05 - 309286663 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 03 Ger Sub.mp4
2014-08-17 07:05 - 2014-08-17 06:44 - 302326736 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 02 Ger Sub.mp4
2014-08-17 06:44 - 2014-08-17 06:23 - 307999354 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 01 Ger Sub.mp4
2014-08-17 06:07 - 2014-07-04 13:07 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-17 03:32 - 2014-04-22 22:32 - 00000000 ____D () C:\ProgramData\Origin
2014-08-17 03:30 - 2009-07-14 06:45 - 00283728 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-16 16:54 - 2014-05-09 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\vlc
2014-08-16 15:42 - 2014-08-16 15:42 - 00014975 _____ () C:\ComboFix.txt
2014-08-16 15:42 - 2014-08-16 15:32 - 00000000 ____D () C:\Qoobox
2014-08-16 15:42 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-16 15:41 - 2014-08-16 15:32 - 00000000 ____D () C:\Windows\erdnt
2014-08-16 15:39 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-16 15:31 - 2014-08-16 15:30 - 05571320 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-15 18:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 17:07 - 2014-07-23 22:19 - 00000000 ____D () C:\Users\Lukas\Desktop\Programmieren
2014-08-15 16:37 - 2014-08-15 16:06 - 304253858 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 10 Ger Sub.rar
2014-08-15 16:05 - 2014-08-15 15:35 - 303889764 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 09 Ger Sub.rar
2014-08-15 15:34 - 2014-08-15 15:03 - 303609194 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 08 Ger Sub.rar
2014-08-15 14:03 - 2014-08-15 13:12 - 303940367 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.rar
2014-08-15 13:54 - 2014-08-15 13:54 - 00380416 _____ () C:\Users\Lukas\Downloads\Gmer-19357.exe
2014-08-15 13:47 - 2014-08-15 13:47 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-15 13:47 - 2014-04-22 19:06 - 00000000 ____D () C:\Users\Lukas
2014-08-15 12:52 - 2014-08-15 12:27 - 303749297 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.rar
2014-08-15 12:01 - 2014-08-15 10:53 - 301496237 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 05 Ger Sub.rar
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-04-22 21:55 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Malwarebytes
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-15 11:39 - 2014-08-15 10:57 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 11:34 - 2014-04-23 13:40 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-15 11:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-15 11:31 - 2014-08-15 11:31 - 01101648 _____ () C:\Users\Lukas\Downloads\AdwCleaner - CHIP-Installer.exe
2014-08-15 10:58 - 2014-08-15 10:58 - 00000000 _____ () C:\autoexec.bat
2014-08-15 10:57 - 2014-08-15 10:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-15 10:49 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-08-15 10:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 02:07 - 2014-03-13 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 02:06 - 2014-03-13 13:01 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 02:02 - 2014-05-06 13:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 01:40 - 2014-08-15 01:16 - 303196347 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 04 Ger Sub.rar
2014-08-15 01:14 - 2014-08-15 00:49 - 303842871 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 03 Ger Sub.rar
2014-08-15 00:48 - 2014-08-15 00:25 - 293160041 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 02 Ger Sub.rar
2014-08-15 00:20 - 2014-08-14 23:50 - 293117020 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 01 Ger Sub.rar
2014-08-14 23:46 - 2014-08-14 23:46 - 00002082 _____ () C:\Users\Lukas\Desktop\JDownloader 2.lnk
2014-08-14 23:46 - 2014-08-14 23:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-08-14 23:46 - 2014-05-09 21:51 - 00000000 ____D () C:\Users\Lukas\Desktop\Musik
2014-08-14 23:44 - 2014-08-14 23:44 - 00076440 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_2002.exe
2014-08-13 17:21 - 2014-08-06 21:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-10 21:40 - 2014-08-10 21:40 - 56510422 _____ () C:\Users\Lukas\Downloads\aytee-cyberjunk-ep_tapez.eu.rar
2014-08-09 23:57 - 2014-08-09 23:57 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\RenPy
2014-08-09 23:57 - 2014-04-22 19:06 - 00000000 ____D () C:\Users\Lukas\AppData\Local\VirtualStore
2014-08-09 22:53 - 2014-08-09 22:53 - 00001107 _____ () C:\Users\Lukas\Desktop\Katawa Shoujo.lnk
2014-08-09 22:53 - 2014-08-09 22:52 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-09 22:18 - 2014-08-09 21:46 - 448764288 _____ () C:\Users\Lukas\Downloads\[4ls]_katawa_shoujo_1.2-[windows][64ECD9F9].exe
2014-08-08 01:21 - 2014-08-08 01:21 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Unity
2014-08-08 01:03 - 2014-08-08 01:03 - 01080480 _____ (Unity Technologies ApS) C:\Users\Lukas\Downloads\UnityWebPlayer.exe
2014-08-08 01:03 - 2014-08-08 01:03 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Unity
2014-08-07 04:06 - 2014-08-14 23:25 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 23:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:46 - 2014-08-06 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Blizzard
2014-08-06 21:46 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-06 21:37 - 2014-08-06 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-06 21:37 - 2014-07-04 13:07 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Battle.net
2014-08-06 21:32 - 2014-08-06 21:32 - 00001118 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-06 21:32 - 2014-08-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-06 20:51 - 2014-08-06 20:51 - 44806834 _____ () C:\Users\Lukas\Downloads\Apollo Justice - Ace Attorney.7z
2014-08-05 17:46 - 2014-05-31 18:18 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-05 17:26 - 2014-04-28 16:18 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 17:26 - 2014-04-22 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-05 17:26 - 2014-04-22 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 17:26 - 2014-04-17 10:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-05 01:05 - 2014-04-29 21:33 - 00000000 ____D () C:\Users\Lukas\Desktop\Pokémon
2014-08-03 19:02 - 2014-04-28 18:47 - 00000000 ____D () C:\Users\Lukas\.gimp-2.8
2014-08-03 18:30 - 2014-08-03 18:30 - 00008561 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-01 23:17 - 2014-07-24 01:23 - 00000000 ____D () C:\Users\Lukas\Desktop\Training
2014-08-01 01:41 - 2014-08-14 23:25 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 23:25 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 21:08 - 2014-04-28 18:48 - 00000000 ____D () C:\Users\Lukas\AppData\Local\gtk-2.0
2014-07-31 17:52 - 2014-07-31 17:52 - 00818613 _____ () C:\Users\Lukas\Downloads\PLRBeta1.1.rar
2014-07-29 16:02 - 2014-07-29 16:02 - 00586077 _____ () C:\Users\Lukas\Downloads\Snakewood.zip
2014-07-29 15:54 - 2014-07-29 15:51 - 56840704 _____ () C:\Users\Lukas\Downloads\VizzedRgrPlugin-v2.0.msi
2014-07-26 19:59 - 2014-03-18 03:09 - 00000000 ____D () C:\Users\Lukas\Desktop\YGOPro DevPro
2014-07-25 16:52 - 2014-08-14 23:25 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 23:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 23:25 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 23:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 23:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 23:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 23:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 23:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 23:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 23:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 23:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 23:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 23:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 23:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 23:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 23:25 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 23:25 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 23:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 23:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 23:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 23:25 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 23:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 23:25 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 23:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 23:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 23:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 23:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 23:25 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 23:25 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 23:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 23:25 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 23:25 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 23:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 23:25 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 23:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 23:25 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 23:25 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 23:25 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 23:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 23:25 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 23:25 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 23:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 23:25 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 23:25 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 23:25 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 23:25 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 23:25 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 23:25 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 23:25 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 23:25 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 23:25 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 23:44 - 2014-07-24 23:44 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-24 14:27 - 2014-04-22 21:30 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-24 02:16 - 2014-07-24 02:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\dvdcss
2014-07-24 02:08 - 2014-07-24 02:08 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:07 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-24 02:06 - 2014-07-24 02:06 - 05408152 _____ (Canneverbe Limited ) C:\Users\Lukas\Downloads\cdbxp_setup_4.5.4.4954_minimal.exe
2014-07-23 21:50 - 2014-04-22 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 01:34 - 2014-07-23 01:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 14:57 - 2014-07-21 14:57 - 00000000 ____D () C:\Users\Lukas\Desktop\Mathe
Files to move or delete:
====================
C:\Users\Lukas\DSETUP.dll
C:\Users\Lukas\dsetup32.dll
C:\Users\Lukas\DXSETUP.exe
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\proxy_vole6383329770845907313.dll
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 09:32
==================== End Of Log ============================
|
|
18.08.2014, 20:36
| #8 |
| /// the machine /// TB-Ausbilder | Spyhunter 4 löschenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.08.2014, 06:57
| #9 |
| | Spyhunter 4 löschen ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0056398b32e4bd4bbf9c170518d0e009
# engine=19724
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-19 05:47:56
# local_time=2014-08-19 07:47:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 3940 15109612 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10233120 160057126 0 0
# scanned=26913
# found=16
# cleaned=0
# scan_time=208
sh=D8E27C7FFB77E60CDED3B880F465F67B6276CE70 ft=1 fh=8367e7507ecf75f6 vn="Variante von Win32/BrowseFox.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\ClearThinkBHO.dll.vir"
sh=48870AFAB69339D4A867E19CF7F5D1223F13A075 ft=1 fh=331983bd8372f5b7 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\updateClearThink.exe.vir"
sh=1E9CC2C845DF1193FA0B2ABD8FBD73BD75D5B9FE ft=1 fh=286c553010c0a107 vn="Variante von Win32/BrowseFox.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\ClearThink.BrowserAdapter.exe.vir"
sh=377E4F6D03DB8D823EDFBA485E56BEEAA62A8802 ft=1 fh=9d7c2e898c2e4c80 vn="Variante von Win64/BrowseFox.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\ClearThink.PurBrowse64.exe.vir"
sh=7C14232AE9E9BBCB1CF9351E620F8C001ED6E07C ft=1 fh=7fea23a1e7a63478 vn="Win32/BrowseFox.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\ClearThinkBAApp.dll.vir"
sh=48870AFAB69339D4A867E19CF7F5D1223F13A075 ft=1 fh=331983bd8372f5b7 vn="Variante von Win32/BrowseFox.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\utilClearThink.exe.vir"
sh=9E2E384D109CD9B8FE4B4DA741A02D4113460CCA ft=1 fh=4044a38c86e381a6 vn="Variante von Win32/BrowseFox.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}.dll.vir"
sh=C314516260FE92B58D2397EA600F51E277B0FFC3 ft=1 fh=58f8d3b71f956391 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.Bromon.dll.vir"
sh=B159173BC588E8A4931BF1EEA354A353064B6148 ft=1 fh=030775f4c778a4e1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.BroStats.dll.vir"
sh=CB423AB6EBCA8D2C0FAB78EE5974886B65881E80 ft=1 fh=e51cc21b1388fe04 vn="möglicherweise Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.BrowserAdapterS.dll.vir"
sh=C277C69B71F1B889D825DC7B72C96440B50164C6 ft=1 fh=22b3308d702cb7d6 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.CompatibilityChecker.dll.vir"
sh=99D257C9431DFF22566A2AC1A157B84B967224AC ft=1 fh=1416b50b85953967 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.FeSvc.dll.vir"
sh=5696EAA03F9BFAD9E396886F00A8E54897558B29 ft=1 fh=14ce09967ad7cd7f vn="Variante von MSIL/BrowseFox.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.FFUpdate.dll.vir"
sh=A83A06D4F88736B2C085658646246927931744CC ft=1 fh=9c4d79181b49e9a1 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.IEUpdate.dll.vir"
sh=4BB2A2D51D1E570D6CF2A4624D3DF432DE0D3EAB ft=1 fh=a1d96cfc95f318a0 vn="Variante von MSIL/BrowseFox.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ClearThink\bin\plugins\ClearThink.PurBrowseG.dll.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lukas\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
SecurityCheck Code:
ATTFilter Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Java SE Development Kit 7 Update 51
Java-Editor 12.3, 2013.10.21
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Lukas (administrator) on LUKAS-PC on 19-08-2014 07:54:19
Running from C:\Users\Lukas\Desktop\Spyhunter 4
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-12-13] (Realtek Semiconductor)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monito
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-234909537-4166200705-3081485305-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600728 2014-08-06] (Electronic Arts)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {A81FFC7C-8ACB-4A7D-B6EA-BC221481DC3B} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default
FF SearchEngineOrder.1: SuchMaschine
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lukas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\searchplugins\search_engine.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\3cfhwcgk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-22]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-11] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [42240 2013-07-31] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
S3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-29] ()
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2013-08-12] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 07:39 - 2014-08-19 07:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-19 06:50 - 2014-08-19 06:51 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_deu.exe
2014-08-18 15:43 - 2014-08-18 16:14 - 262706623 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 21 Ger Sub.mp4
2014-08-18 15:11 - 2014-08-18 15:42 - 262712400 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 20 Ger Sub.mp4
2014-08-18 14:00 - 2014-08-18 14:21 - 262709663 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 19 Ger Sub.mp4
2014-08-18 13:37 - 2014-08-18 13:59 - 262795661 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 18 Ger Sub.mp4
2014-08-18 13:14 - 2014-08-18 13:36 - 262773842 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 17 Ger Sub.mp4
2014-08-18 12:53 - 2014-08-18 13:13 - 262661843 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 16 Ger Sub.mp4
2014-08-18 12:31 - 2014-08-18 12:53 - 262907827 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 15 Ger Sub.mp4
2014-08-18 12:10 - 2014-08-18 12:30 - 262748402 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 14 Ger Sub.mp4
2014-08-18 11:47 - 2014-08-18 12:10 - 262787148 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 13 Ger Sub.mp4
2014-08-18 11:23 - 2014-08-18 11:46 - 262931362 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 12 Ger Sub.mp4
2014-08-18 10:56 - 2014-08-18 11:22 - 262830359 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 11 Ger Sub.mp4
2014-08-18 10:38 - 2014-08-18 10:55 - 262767707 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 10 Ger Sub.mp4
2014-08-18 10:19 - 2014-08-18 10:37 - 262800735 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 09 Ger Sub.mp4
2014-08-18 09:51 - 2014-08-18 10:18 - 262853586 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 08 Ger Sub.mp4
2014-08-18 09:21 - 2014-08-18 09:51 - 262826898 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 07 Ger Sub.mp4
2014-08-18 09:01 - 2014-08-18 09:20 - 262695546 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 06 Ger Sub.mp4
2014-08-18 08:43 - 2014-08-18 09:00 - 262520693 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 05 Ger Sub.mp4
2014-08-18 08:24 - 2014-08-18 08:42 - 262703567 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 04 Ger Sub.mp4
2014-08-18 08:06 - 2014-08-18 08:24 - 263761490 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 03 Ger Sub.mp4
2014-08-18 07:48 - 2014-08-18 08:05 - 263783946 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 02 Ger Sub.mp4
2014-08-18 07:29 - 2014-08-18 07:47 - 264010732 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 01 Ger Sub.mp4
2014-08-18 06:55 - 2014-08-18 07:08 - 184777671 _____ () C:\Users\Lukas\Downloads\[Pure-Anime.biz]Gekijouban Toaru Majutsu no Index Endymion no Kiseki - Special.mp4
2014-08-18 06:31 - 2014-08-18 06:51 - 309273369 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 16 Ger Sub.mp4
2014-08-18 06:09 - 2014-08-18 06:30 - 310304889 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 20 Ger Sub.mp4
2014-08-18 05:54 - 2014-08-18 06:08 - 291897545 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 24 Ger Sub.mp4
2014-08-18 05:20 - 2014-08-18 05:53 - 307615468 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 18 Ger Sub.mp4
2014-08-17 16:34 - 2014-08-17 16:34 - 00000827 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-08-17 16:30 - 2014-08-17 16:30 - 00000000 ____D () C:\Windows\ERUNT
2014-08-17 16:24 - 2014-08-17 16:24 - 01361671 _____ () C:\Users\Lukas\Downloads\adwcleaner_3.307.exe
2014-08-17 15:25 - 2014-08-17 16:17 - 312411371 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 22 Ger Sub.mp4
2014-08-17 14:33 - 2014-08-17 15:24 - 303923306 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 23 Ger Sub.mp4
2014-08-17 13:51 - 2014-08-17 14:32 - 305981203 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 15 Ger Sub.mp4
2014-08-17 13:09 - 2014-08-17 13:50 - 305674913 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 17 Ger Sub.mp4
2014-08-17 12:27 - 2014-08-17 13:09 - 308880360 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 21 Ger Sub.mp4
2014-08-17 11:56 - 2014-08-17 12:27 - 309084200 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 19 Ger Sub.mp4
2014-08-17 11:25 - 2014-08-17 11:55 - 300442124 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 14 Ger Sub.mp4
2014-08-17 10:59 - 2014-08-17 11:23 - 308115993 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 13 Ger Sub.mp4
2014-08-17 10:30 - 2014-08-17 10:54 - 299486307 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 12 Ger Sub.mp4
2014-08-17 10:04 - 2014-08-17 10:29 - 310637463 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 11 Ger Sub.mp4
2014-08-17 09:38 - 2014-08-17 10:03 - 309532935 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 10 Ger Sub.mp4
2014-08-17 09:13 - 2014-08-17 09:38 - 305881229 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 09 Ger Sub.mp4
2014-08-17 08:52 - 2014-08-17 09:12 - 308255925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 08 Ger Sub.mp4
2014-08-17 08:30 - 2014-08-17 08:51 - 309221925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 07 Ger Sub.mp4
2014-08-17 08:09 - 2014-08-17 08:29 - 297343577 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 06 Ger Sub.mp4
2014-08-17 07:48 - 2014-08-17 08:09 - 310002432 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 05 Ger Sub.mp4
2014-08-17 07:27 - 2014-08-17 07:47 - 305289811 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 04 Ger Sub.mp4
2014-08-17 07:05 - 2014-08-17 07:26 - 309286663 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 03 Ger Sub.mp4
2014-08-17 06:44 - 2014-08-17 07:05 - 302326736 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 02 Ger Sub.mp4
2014-08-17 06:23 - 2014-08-17 06:44 - 307999354 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 01 Ger Sub.mp4
2014-08-16 15:42 - 2014-08-16 15:42 - 00014975 _____ () C:\ComboFix.txt
2014-08-16 15:32 - 2014-08-16 15:42 - 00000000 ____D () C:\Qoobox
2014-08-16 15:32 - 2014-08-16 15:41 - 00000000 ____D () C:\Windows\erdnt
2014-08-16 15:32 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-16 15:32 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-16 15:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-16 15:32 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-16 15:30 - 2014-08-16 15:31 - 05571320 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-15 16:37 - 2014-03-26 10:58 - 304253734 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 10 Ger Sub.mp4
2014-08-15 16:06 - 2014-08-15 16:37 - 304253858 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 10 Ger Sub.rar
2014-08-15 16:05 - 2014-03-26 11:00 - 303889640 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 09 Ger Sub.mp4
2014-08-15 15:35 - 2014-08-15 16:05 - 303889764 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 09 Ger Sub.rar
2014-08-15 15:34 - 2014-03-26 11:00 - 303609070 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 08 Ger Sub.mp4
2014-08-15 15:03 - 2014-08-15 15:34 - 303609194 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 08 Ger Sub.rar
2014-08-15 14:03 - 2014-03-26 11:00 - 303940243 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.mp4
2014-08-15 13:54 - 2014-08-15 13:54 - 00380416 _____ () C:\Users\Lukas\Downloads\Gmer-19357.exe
2014-08-15 13:51 - 2014-08-19 07:54 - 00000000 ____D () C:\FRST
2014-08-15 13:47 - 2014-08-19 07:54 - 00000000 ____D () C:\Users\Lukas\Desktop\Spyhunter 4
2014-08-15 13:47 - 2014-08-15 13:47 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-15 13:12 - 2014-08-15 14:03 - 303940367 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.rar
2014-08-15 12:52 - 2014-03-26 10:59 - 303749173 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.mp4
2014-08-15 12:27 - 2014-08-15 12:52 - 303749297 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.rar
2014-08-15 11:42 - 2014-08-17 15:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-15 11:41 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-15 11:33 - 2014-08-17 16:25 - 00000000 ____D () C:\AdwCleaner
2014-08-15 11:31 - 2014-08-15 11:31 - 01101648 _____ () C:\Users\Lukas\Downloads\AdwCleaner - CHIP-Installer.exe
2014-08-15 10:58 - 2014-08-15 10:58 - 00000000 _____ () C:\autoexec.bat
2014-08-15 10:57 - 2014-08-15 11:39 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 10:57 - 2014-08-15 10:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-15 10:53 - 2014-08-15 12:01 - 301496237 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 05 Ger Sub.rar
2014-08-15 02:02 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 02:02 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 02:02 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 02:02 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 02:02 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 02:02 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 02:02 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 02:02 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 01:16 - 2014-08-15 01:40 - 303196347 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 04 Ger Sub.rar
2014-08-15 00:49 - 2014-08-15 01:14 - 303842871 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 03 Ger Sub.rar
2014-08-15 00:25 - 2014-08-15 00:48 - 293160041 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 02 Ger Sub.rar
2014-08-14 23:50 - 2014-08-15 00:20 - 293117020 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 01 Ger Sub.rar
2014-08-14 23:46 - 2014-08-14 23:46 - 00002082 _____ () C:\Users\Lukas\Desktop\JDownloader 2.lnk
2014-08-14 23:46 - 2014-08-14 23:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-08-14 23:45 - 2014-08-19 07:38 - 00000000 ____D () C:\Users\Lukas\AppData\Local\JDownloader v2.0
2014-08-14 23:44 - 2014-08-14 23:44 - 00076440 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_2002.exe
2014-08-14 23:26 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 23:26 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 23:26 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 23:26 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 23:26 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 23:26 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 23:26 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 23:26 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 23:26 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 23:26 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 23:26 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 23:26 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 23:26 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 23:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 23:26 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 23:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 23:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 23:25 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 23:25 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 23:25 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 23:25 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 23:25 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 23:25 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 23:25 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 23:25 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 23:25 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 23:25 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 23:25 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 23:25 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 23:25 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 23:25 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 23:25 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 23:25 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 23:25 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 23:25 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 23:25 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 23:25 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 23:25 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 23:25 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 23:25 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 23:25 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 23:25 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 23:25 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 23:25 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 23:25 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 23:25 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 23:25 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 23:25 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 23:25 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 23:25 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 23:25 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 23:25 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 23:25 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 23:25 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 23:25 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 23:25 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 23:25 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 23:25 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 23:25 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 23:25 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 23:25 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 23:25 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 23:25 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 23:25 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 23:25 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 23:25 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 23:25 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 23:25 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 23:25 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 23:25 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 23:25 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 23:25 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 23:25 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 23:25 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 23:25 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 23:25 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 23:25 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-10 21:40 - 2014-08-10 21:40 - 56510422 _____ () C:\Users\Lukas\Downloads\aytee-cyberjunk-ep_tapez.eu.rar
2014-08-09 23:57 - 2014-08-09 23:57 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\RenPy
2014-08-09 22:53 - 2014-08-09 22:53 - 00001107 _____ () C:\Users\Lukas\Desktop\Katawa Shoujo.lnk
2014-08-09 22:52 - 2014-08-09 22:53 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-09 21:46 - 2014-08-09 22:18 - 448764288 _____ () C:\Users\Lukas\Downloads\[4ls]_katawa_shoujo_1.2-[windows][64ECD9F9].exe
2014-08-08 01:21 - 2014-08-08 01:21 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Unity
2014-08-08 01:03 - 2014-08-08 01:03 - 01080480 _____ (Unity Technologies ApS) C:\Users\Lukas\Downloads\UnityWebPlayer.exe
2014-08-08 01:03 - 2014-08-08 01:03 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Unity
2014-08-06 21:46 - 2014-08-06 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Blizzard
2014-08-06 21:37 - 2014-08-19 06:41 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-06 21:37 - 2014-08-06 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-06 21:32 - 2014-08-13 17:21 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-06 21:32 - 2014-08-06 21:32 - 00001118 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-06 21:32 - 2014-08-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-06 20:51 - 2014-08-06 20:51 - 44806834 _____ () C:\Users\Lukas\Downloads\Apollo Justice - Ace Attorney.7z
2014-08-03 18:30 - 2014-08-03 18:30 - 00008561 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-03 13:55 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-03 13:55 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-03 13:55 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-03 13:55 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 13:55 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 13:55 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 13:54 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-03 13:54 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-03 13:54 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-03 13:54 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 17:52 - 2014-07-31 17:52 - 00818613 _____ () C:\Users\Lukas\Downloads\PLRBeta1.1.rar
2014-07-29 16:02 - 2014-07-29 16:02 - 00586077 _____ () C:\Users\Lukas\Downloads\Snakewood.zip
2014-07-29 15:51 - 2014-07-29 15:54 - 56840704 _____ () C:\Users\Lukas\Downloads\VizzedRgrPlugin-v2.0.msi
2014-07-24 23:44 - 2014-07-24 23:44 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-24 02:16 - 2014-07-24 02:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\dvdcss
2014-07-24 02:08 - 2014-07-24 02:08 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-24 02:07 - 2014-07-24 02:08 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-24 02:06 - 2014-07-24 02:06 - 05408152 _____ (Canneverbe Limited ) C:\Users\Lukas\Downloads\cdbxp_setup_4.5.4.4954_minimal.exe
2014-07-24 01:23 - 2014-08-01 23:17 - 00000000 ____D () C:\Users\Lukas\Desktop\Training
2014-07-23 22:19 - 2014-08-15 17:07 - 00000000 ____D () C:\Users\Lukas\Desktop\Programmieren
2014-07-23 01:34 - 2014-07-23 01:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 14:57 - 2014-07-21 14:57 - 00000000 ____D () C:\Users\Lukas\Desktop\Mathe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 07:54 - 2014-08-15 13:51 - 00000000 ____D () C:\FRST
2014-08-19 07:54 - 2014-08-15 13:47 - 00000000 ____D () C:\Users\Lukas\Desktop\Spyhunter 4
2014-08-19 07:39 - 2014-08-19 07:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-19 07:39 - 2014-04-22 21:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-19 07:39 - 2014-04-17 10:18 - 01208601 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 07:38 - 2014-08-14 23:45 - 00000000 ____D () C:\Users\Lukas\AppData\Local\JDownloader v2.0
2014-08-19 06:56 - 2014-04-23 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-19 06:51 - 2014-08-19 06:50 - 02347384 _____ (ESET) C:\Users\Lukas\Downloads\esetsmartinstaller_deu.exe
2014-08-19 06:50 - 2014-07-04 13:07 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-19 06:50 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 06:50 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 06:50 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 06:45 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 06:45 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 06:41 - 2014-08-06 21:37 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-19 06:38 - 2014-04-22 22:32 - 00000000 ____D () C:\ProgramData\Origin
2014-08-19 06:36 - 2014-04-25 16:18 - 00014393 _____ () C:\Windows\setupact.log
2014-08-19 06:36 - 2014-04-22 22:32 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-19 06:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-18 16:14 - 2014-08-18 15:43 - 262706623 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 21 Ger Sub.mp4
2014-08-18 16:05 - 2014-05-09 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\vlc
2014-08-18 15:42 - 2014-08-18 15:11 - 262712400 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 20 Ger Sub.mp4
2014-08-18 14:21 - 2014-08-18 14:00 - 262709663 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 19 Ger Sub.mp4
2014-08-18 13:59 - 2014-08-18 13:37 - 262795661 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 18 Ger Sub.mp4
2014-08-18 13:36 - 2014-08-18 13:14 - 262773842 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 17 Ger Sub.mp4
2014-08-18 13:13 - 2014-08-18 12:53 - 262661843 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 16 Ger Sub.mp4
2014-08-18 12:53 - 2014-08-18 12:31 - 262907827 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 15 Ger Sub.mp4
2014-08-18 12:30 - 2014-08-18 12:10 - 262748402 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 14 Ger Sub.mp4
2014-08-18 12:10 - 2014-08-18 11:47 - 262787148 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 13 Ger Sub.mp4
2014-08-18 11:46 - 2014-08-18 11:23 - 262931362 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 12 Ger Sub.mp4
2014-08-18 11:22 - 2014-08-18 10:56 - 262830359 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 11 Ger Sub.mp4
2014-08-18 10:55 - 2014-08-18 10:38 - 262767707 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 10 Ger Sub.mp4
2014-08-18 10:37 - 2014-08-18 10:19 - 262800735 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 09 Ger Sub.mp4
2014-08-18 10:18 - 2014-08-18 09:51 - 262853586 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 08 Ger Sub.mp4
2014-08-18 09:51 - 2014-08-18 09:21 - 262826898 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 07 Ger Sub.mp4
2014-08-18 09:20 - 2014-08-18 09:01 - 262695546 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 06 Ger Sub.mp4
2014-08-18 09:00 - 2014-08-18 08:43 - 262520693 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 05 Ger Sub.mp4
2014-08-18 08:42 - 2014-08-18 08:24 - 262703567 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 04 Ger Sub.mp4
2014-08-18 08:24 - 2014-08-18 08:06 - 263761490 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 03 Ger Sub.mp4
2014-08-18 08:05 - 2014-08-18 07:48 - 263783946 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 02 Ger Sub.mp4
2014-08-18 07:47 - 2014-08-18 07:29 - 264010732 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index II 01 Ger Sub.mp4
2014-08-18 07:08 - 2014-08-18 06:55 - 184777671 _____ () C:\Users\Lukas\Downloads\[Pure-Anime.biz]Gekijouban Toaru Majutsu no Index Endymion no Kiseki - Special.mp4
2014-08-18 06:51 - 2014-08-18 06:31 - 309273369 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 16 Ger Sub.mp4
2014-08-18 06:30 - 2014-08-18 06:09 - 310304889 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 20 Ger Sub.mp4
2014-08-18 06:08 - 2014-08-18 05:54 - 291897545 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 24 Ger Sub.mp4
2014-08-18 05:53 - 2014-08-18 05:20 - 307615468 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 18 Ger Sub.mp4
2014-08-18 05:16 - 2009-07-14 06:45 - 00283728 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 16:34 - 2014-08-17 16:34 - 00000827 _____ () C:\Users\Lukas\Desktop\JRT.txt
2014-08-17 16:30 - 2014-08-17 16:30 - 00000000 ____D () C:\Windows\ERUNT
2014-08-17 16:26 - 2014-05-12 08:22 - 00004478 _____ () C:\Windows\PFRO.log
2014-08-17 16:25 - 2014-08-15 11:33 - 00000000 ____D () C:\AdwCleaner
2014-08-17 16:24 - 2014-08-17 16:24 - 01361671 _____ () C:\Users\Lukas\Downloads\adwcleaner_3.307.exe
2014-08-17 16:17 - 2014-08-17 15:25 - 312411371 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 22 Ger Sub.mp4
2014-08-17 15:35 - 2014-08-15 11:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 15:24 - 2014-08-17 14:33 - 303923306 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 23 Ger Sub.mp4
2014-08-17 14:32 - 2014-08-17 13:51 - 305981203 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 15 Ger Sub.mp4
2014-08-17 13:50 - 2014-08-17 13:09 - 305674913 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 17 Ger Sub.mp4
2014-08-17 13:09 - 2014-08-17 12:27 - 308880360 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 21 Ger Sub.mp4
2014-08-17 12:27 - 2014-08-17 11:56 - 309084200 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 19 Ger Sub.mp4
2014-08-17 11:55 - 2014-08-17 11:25 - 300442124 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 14 Ger Sub.mp4
2014-08-17 11:23 - 2014-08-17 10:59 - 308115993 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 13 Ger Sub.mp4
2014-08-17 10:54 - 2014-08-17 10:30 - 299486307 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 12 Ger Sub.mp4
2014-08-17 10:29 - 2014-08-17 10:04 - 310637463 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 11 Ger Sub.mp4
2014-08-17 10:03 - 2014-08-17 09:38 - 309532935 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 10 Ger Sub.mp4
2014-08-17 09:38 - 2014-08-17 09:13 - 305881229 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 09 Ger Sub.mp4
2014-08-17 09:12 - 2014-08-17 08:52 - 308255925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 08 Ger Sub.mp4
2014-08-17 08:51 - 2014-08-17 08:30 - 309221925 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 07 Ger Sub.mp4
2014-08-17 08:29 - 2014-08-17 08:09 - 297343577 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 06 Ger Sub.mp4
2014-08-17 08:09 - 2014-08-17 07:48 - 310002432 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 05 Ger Sub.mp4
2014-08-17 07:47 - 2014-08-17 07:27 - 305289811 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 04 Ger Sub.mp4
2014-08-17 07:26 - 2014-08-17 07:05 - 309286663 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 03 Ger Sub.mp4
2014-08-17 07:05 - 2014-08-17 06:44 - 302326736 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 02 Ger Sub.mp4
2014-08-17 06:44 - 2014-08-17 06:23 - 307999354 _____ () C:\Users\Lukas\Downloads\Toaru Majutsu no Index 01 Ger Sub.mp4
2014-08-16 15:42 - 2014-08-16 15:42 - 00014975 _____ () C:\ComboFix.txt
2014-08-16 15:42 - 2014-08-16 15:32 - 00000000 ____D () C:\Qoobox
2014-08-16 15:42 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-16 15:41 - 2014-08-16 15:32 - 00000000 ____D () C:\Windows\erdnt
2014-08-16 15:39 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-16 15:31 - 2014-08-16 15:30 - 05571320 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-15 18:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 17:07 - 2014-07-23 22:19 - 00000000 ____D () C:\Users\Lukas\Desktop\Programmieren
2014-08-15 16:37 - 2014-08-15 16:06 - 304253858 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 10 Ger Sub.rar
2014-08-15 16:05 - 2014-08-15 15:35 - 303889764 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 09 Ger Sub.rar
2014-08-15 15:34 - 2014-08-15 15:03 - 303609194 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 08 Ger Sub.rar
2014-08-15 14:03 - 2014-08-15 13:12 - 303940367 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 07 Ger Sub.rar
2014-08-15 13:54 - 2014-08-15 13:54 - 00380416 _____ () C:\Users\Lukas\Downloads\Gmer-19357.exe
2014-08-15 13:47 - 2014-08-15 13:47 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-15 13:47 - 2014-04-22 19:06 - 00000000 ____D () C:\Users\Lukas
2014-08-15 12:52 - 2014-08-15 12:27 - 303749297 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 06 Ger Sub.rar
2014-08-15 12:01 - 2014-08-15 10:53 - 301496237 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 05 Ger Sub.rar
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-08-15 11:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-15 11:41 - 2014-04-22 21:55 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Malwarebytes
2014-08-15 11:41 - 2014-04-22 21:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-15 11:39 - 2014-08-15 10:57 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-15 11:34 - 2014-04-23 13:40 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-15 11:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-15 11:31 - 2014-08-15 11:31 - 01101648 _____ () C:\Users\Lukas\Downloads\AdwCleaner - CHIP-Installer.exe
2014-08-15 10:58 - 2014-08-15 10:58 - 00000000 _____ () C:\autoexec.bat
2014-08-15 10:57 - 2014-08-15 10:57 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-15 10:49 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-08-15 10:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 02:07 - 2014-03-13 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 02:06 - 2014-03-13 13:01 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 02:02 - 2014-05-06 13:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 01:40 - 2014-08-15 01:16 - 303196347 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 04 Ger Sub.rar
2014-08-15 01:14 - 2014-08-15 00:49 - 303842871 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 03 Ger Sub.rar
2014-08-15 00:48 - 2014-08-15 00:25 - 293160041 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 02 Ger Sub.rar
2014-08-15 00:20 - 2014-08-14 23:50 - 293117020 _____ () C:\Users\Lukas\Downloads\Mondaijitachi ga Isekai Kara Kuru Sou Desu yo 01 Ger Sub.rar
2014-08-14 23:46 - 2014-08-14 23:46 - 00002082 _____ () C:\Users\Lukas\Desktop\JDownloader 2.lnk
2014-08-14 23:46 - 2014-08-14 23:46 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-08-14 23:46 - 2014-05-09 21:51 - 00000000 ____D () C:\Users\Lukas\Desktop\Musik
2014-08-14 23:44 - 2014-08-14 23:44 - 00076440 _____ (AppWork GmbH) C:\Users\Lukas\Downloads\WebInstaller_2002.exe
2014-08-13 17:21 - 2014-08-06 21:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-10 21:40 - 2014-08-10 21:40 - 56510422 _____ () C:\Users\Lukas\Downloads\aytee-cyberjunk-ep_tapez.eu.rar
2014-08-09 23:57 - 2014-08-09 23:57 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\RenPy
2014-08-09 23:57 - 2014-04-22 19:06 - 00000000 ____D () C:\Users\Lukas\AppData\Local\VirtualStore
2014-08-09 22:53 - 2014-08-09 22:53 - 00001107 _____ () C:\Users\Lukas\Desktop\Katawa Shoujo.lnk
2014-08-09 22:53 - 2014-08-09 22:52 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-09 22:18 - 2014-08-09 21:46 - 448764288 _____ () C:\Users\Lukas\Downloads\[4ls]_katawa_shoujo_1.2-[windows][64ECD9F9].exe
2014-08-08 01:21 - 2014-08-08 01:21 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Unity
2014-08-08 01:03 - 2014-08-08 01:03 - 01080480 _____ (Unity Technologies ApS) C:\Users\Lukas\Downloads\UnityWebPlayer.exe
2014-08-08 01:03 - 2014-08-08 01:03 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Unity
2014-08-07 04:06 - 2014-08-14 23:25 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 23:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:46 - 2014-08-06 21:46 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Blizzard
2014-08-06 21:37 - 2014-08-06 21:37 - 00001155 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-08-06 21:37 - 2014-08-06 21:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-06 21:37 - 2014-07-04 13:07 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Battle.net
2014-08-06 21:32 - 2014-08-06 21:32 - 00001118 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-08-06 21:32 - 2014-08-06 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-06 20:51 - 2014-08-06 20:51 - 44806834 _____ () C:\Users\Lukas\Downloads\Apollo Justice - Ace Attorney.7z
2014-08-05 17:46 - 2014-05-31 18:18 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-05 17:26 - 2014-04-28 16:18 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 17:26 - 2014-04-22 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-05 17:26 - 2014-04-22 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 17:26 - 2014-04-17 10:20 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-05 01:05 - 2014-04-29 21:33 - 00000000 ____D () C:\Users\Lukas\Desktop\Pokémon
2014-08-03 19:02 - 2014-04-28 18:47 - 00000000 ____D () C:\Users\Lukas\.gimp-2.8
2014-08-03 18:30 - 2014-08-03 18:30 - 00008561 _____ () C:\Users\Lukas\AppData\Local\recently-used.xbel
2014-08-01 23:17 - 2014-07-24 01:23 - 00000000 ____D () C:\Users\Lukas\Desktop\Training
2014-08-01 01:41 - 2014-08-14 23:25 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 23:25 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 21:08 - 2014-04-28 18:48 - 00000000 ____D () C:\Users\Lukas\AppData\Local\gtk-2.0
2014-07-31 17:52 - 2014-07-31 17:52 - 00818613 _____ () C:\Users\Lukas\Downloads\PLRBeta1.1.rar
2014-07-29 16:02 - 2014-07-29 16:02 - 00586077 _____ () C:\Users\Lukas\Downloads\Snakewood.zip
2014-07-29 15:54 - 2014-07-29 15:51 - 56840704 _____ () C:\Users\Lukas\Downloads\VizzedRgrPlugin-v2.0.msi
2014-07-25 16:52 - 2014-08-14 23:25 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 23:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 23:25 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 23:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 23:25 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 23:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 23:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 23:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 23:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 23:25 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 23:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 23:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 23:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 23:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 23:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 23:25 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 23:25 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 23:25 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 23:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 23:25 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 23:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 23:25 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 23:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 23:25 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 23:25 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 23:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 23:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 23:25 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 23:25 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 23:25 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 23:25 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 23:25 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 23:25 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 23:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 23:25 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 23:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 23:25 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 23:25 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 23:25 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 23:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 23:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 23:25 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 23:25 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 23:25 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 23:25 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 23:25 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 23:25 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 23:25 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 23:25 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 23:25 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 23:25 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 23:25 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 23:25 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 23:44 - 2014-07-24 23:44 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-24 14:27 - 2014-04-22 21:30 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-24 02:16 - 2014-07-24 02:16 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\dvdcss
2014-07-24 02:08 - 2014-07-24 02:08 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00001899 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:08 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-24 02:08 - 2014-07-24 02:07 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-24 02:06 - 2014-07-24 02:06 - 05408152 _____ (Canneverbe Limited ) C:\Users\Lukas\Downloads\cdbxp_setup_4.5.4.4954_minimal.exe
2014-07-23 21:50 - 2014-04-22 21:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 01:34 - 2014-07-23 01:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 14:57 - 2014-07-21 14:57 - 00000000 ____D () C:\Users\Lukas\Desktop\Mathe
Files to move or delete:
====================
C:\Users\Lukas\DSETUP.dll
C:\Users\Lukas\dsetup32.dll
C:\Users\Lukas\DXSETUP.exe
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\proxy_vole9056390870555751607.dll
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 09:32
==================== End Of Log ============================
Probleme sind, wie bereits geschrieben, schon keine mehr spürbar, aber scheinbar sind ja immer noch ein paar Dateien mit iwas befallen. |
|
19.08.2014, 20:41
| #10 |
| /// the machine /// TB-Ausbilder | Spyhunter 4 löschen Java udpaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2014, 16:28
| #11 |
| | Spyhunter 4 löschen Fixlog.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-08-2014 04
Ran by Lukas at 2014-08-20 13:41:55 Run:1
Running from C:\Users\Lukas\Desktop\Spyhunter 4
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
*****************
esgiguard => Service deleted successfully.
==== End of Fixlog ====
 |
|
21.08.2014, 17:00
| #12 |
| /// the machine /// TB-Ausbilder | Spyhunter 4 löschen Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
