| |
| |||||||
Log-Analyse und Auswertung: Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - MalwareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.08.2014, 21:06
| #1 |
| |  Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Seit ein paar Monaten kämpfe ich gegen Download Protect 2.2.1 und dachte auch, ich wäre erfolgreich, aber es taucht immer wieder auf, jetzt als Version 2.2.5. Daher bitte ich hier um Hilfe zur Bereinigung. Entsprechend der Anleitung habe ich verschiedene Scans durchgeführt und auch die bisherigen Logs nach Funden durchsucht. FRST txt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by bieni2 (administrator) on BIENI2-PC on 28-08-2014 20:50:41
Running from C:\Users\bieni2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\System32\mfc100ud.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(BitTorrent Inc.) C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [uTorrent] => C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
BootExecute: autocheck autochk /k:C *
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}\{0D7A2C21-0378-4936-9A95-A8998DF16BE6}.bin (Download Protect)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}\{DC9BEE3D-5D7C-465C-B106-37545D94A2C5}.bin (Download Protect)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.214 80.69.100.110
FireFox:
========
FF ProfilePath: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\user.js
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}] - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi [2014-08-27]
Chrome:
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\bieni2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9306928 2013-12-13] (DisplayLink Corp.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 sdbinstd; C:\Windows\system32\mfc100ud.exe [118784 2014-03-01] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.4.53134.0.sys [46384 2014-01-09] ()
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [202128 2013-12-13] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 20:50 - 2014-08-28 20:50 - 00018297 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-27 21:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 22:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 22:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 22:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 22:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 22:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-16 20:35 - 2014-08-16 20:46 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 21:59 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:23 - 2014-08-17 21:39 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:53 - 2014-08-24 16:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-13 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 22:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:33 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:33 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:33 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:19 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 20:19 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-09 20:18 - 2014-08-09 20:19 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-03 08:55 - 2014-08-03 08:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 20:51 - 2014-08-28 20:50 - 00018297 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-28 20:51 - 2012-08-18 19:35 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\uTorrent
2014-08-28 20:50 - 2014-07-06 21:33 - 00000000 ____D () C:\FRST
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-28 20:30 - 2012-08-28 07:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-28 20:26 - 2012-06-25 15:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 18:04 - 2012-06-25 15:02 - 01837126 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 16:46 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-28 16:46 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-28 16:42 - 2012-06-25 15:12 - 00000000 ____D () C:\Users\bieni2\Documents\Youcam
2014-08-28 16:41 - 2013-06-07 20:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-28 16:41 - 2013-06-03 17:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-28 16:41 - 2012-06-25 15:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 16:38 - 2009-07-14 06:45 - 00555424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 16:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 16:37 - 2009-07-14 06:51 - 00277423 _____ () C:\Windows\setupact.log
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-27 21:08 - 2014-03-26 16:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-26 19:33 - 2012-08-18 11:36 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\vlc
2014-08-25 22:55 - 2010-11-21 05:47 - 00118352 _____ () C:\Windows\PFRO.log
2014-08-25 22:23 - 2014-07-09 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-25 21:04 - 2012-08-28 07:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 21:04 - 2012-08-18 21:05 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 21:04 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 22:29 - 2012-09-03 22:20 - 00000000 ____D () C:\Users\bieni2\Documents\Calibre Bibliothek
2014-08-24 22:13 - 2011-05-16 16:04 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 22:13 - 2011-05-16 16:04 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 22:13 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:08 - 2012-08-20 21:44 - 00000000 ____D () C:\Users\bieni2\Downloads\ebooks
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:52 - 2012-09-03 22:19 - 00000964 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 21:19 - 2013-01-02 19:59 - 00000000 ___RD () C:\Users\bieni2\Google Drive
2014-08-24 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 16:36 - 2014-08-14 13:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 04:07 - 2014-08-27 21:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 21:53 - 2014-04-09 13:44 - 00000000 ____D () C:\Users\bieni2\Downloads\Filme
2014-08-20 21:34 - 2011-07-18 22:56 - 00000000 ____D () C:\Windows\nl
2014-08-19 20:27 - 2013-01-02 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-17 21:39 - 2014-08-16 20:23 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 21:59 - 2014-08-16 20:34 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:46 - 2014-08-16 20:35 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:54 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 13:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:16 - 2012-08-24 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 22:11 - 2013-09-01 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:08 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 21:14 - 2013-09-11 17:05 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:21 - 2013-10-18 22:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:19 - 2014-08-09 20:18 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-09 20:19 - 2013-08-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 13:22 - 2014-02-04 14:36 - 00000000 ____D () C:\Program Files (x86)\Steuer 2013
2014-08-07 13:22 - 2013-05-11 10:50 - 00000688 _____ () C:\Windows\wiso.ini
2014-08-07 13:22 - 2013-05-11 10:45 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-05 15:55 - 2014-02-22 13:07 - 00000000 ____D () C:\Windows\Minidump
2014-08-05 15:55 - 2014-02-22 13:06 - 375355670 _____ () C:\Windows\MEMORY.DMP
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 12:54 - 2012-08-18 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-03 22:38 - 2012-11-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-03 17:07 - 2014-07-10 19:42 - 00147525 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_45282BA1.dat
2014-08-03 16:01 - 2012-08-19 20:04 - 00000000 ____D () C:\ANDREA
2014-08-03 08:56 - 2014-08-03 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 07:53 - 2013-05-07 11:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-01 01:41 - 2014-08-13 20:33 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:33 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
Some content of TEMP:
====================
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-27 21:44
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-28 21:07:27
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 HITACHI_ rev.JF4Z 698,64GB
Running: Gmer-19357.exe; Driver: C:\Users\bieni2\AppData\Local\Temp\pwriipog.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80003bb4000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80003bb402f 23 bytes [00, 00, 00, 00, 00, 00, 00, ...]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[2564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000749b1465 2 bytes [9B, 74]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe[2564] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000749b14bb 2 bytes [9B, 74]
.text ... * 2
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4260] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000749b1465 2 bytes [9B, 74]
.text C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe[4260] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000749b14bb 2 bytes [9B, 74]
.text ... * 2
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000749b1465 2 bytes [9B, 74]
.text C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[4480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000749b14bb 2 bytes [9B, 74]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [2316:5392] 000007fef1599688
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\685d43034057
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\685d4314adc4
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\685d43034057 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\685d4314adc4 (not active ControlSet)
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 28.08.2014 Scan Time: 21:07:56 Logfile: MBAM.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.25.05 Rootkit Database: v2014.08.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: bieni2 Scan Type: Threat Scan Result: Completed Objects Scanned: 334682 Time Elapsed: 14 min, 24 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 13 PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BF74EE-9106-4113-B216-2F980BA29141}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect.1, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\DPBHO.DownloadProtect, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DPBHO.DownloadProtect, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DPBHO.DownloadProtect.1, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}\INPROCSERVER32, , [7d4c12b881faa5917233f75621dfb54b], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 PUP.Optional.DownloadProtect.A, C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}\{0D7A2C21-0378-4936-9A95-A8998DF16BE6}.bin, , [7d4c12b881faa5917233f75621dfb54b], PUP.Optional.DownloadProtect.A, C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}\{DC9BEE3D-5D7C-465C-B106-37545D94A2C5}.bin, , [7d4c12b881faa5917233f75621dfb54b], Physical Sectors: 0 (No malicious items detected) (end) Über Eure Unterstützung zur Beseitigung aller Infektionen würde ich mich sehr freuen. |
|
28.08.2014, 21:07
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Hi und
__________________ Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
29.08.2014, 08:31
| #3 |
| | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Oh, hatte mich an den automatisch erstellten Hinweis von der Webseite gehalten, in dem ich zum Anhängen aufgefordert wurde. Vielleicht könnte dieser Hinweis geändert werden?
__________________Wie verteilt man notfalls über mehrere Beiträge? Hier ungezippt die Antivir-Virenscaner-Logs in chronologischer Reihenfolge: Code:
ATTFilter
Avira Free Antivirus
Report file date: Samstag, 16. August 2014 13:23
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BIENI2-PC
Version information:
BUILD.DAT : 14.0.6.552 92022 Bytes 23.07.2014 13:29:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 12.08.2014 06:28:37
AVSCANRC.DLL : 14.0.6.522 52816 Bytes 12.08.2014 06:28:37
LUKE.DLL : 14.0.6.522 57936 Bytes 12.08.2014 06:28:42
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 12.08.2014 06:28:37
AVREG.DLL : 14.0.6.522 262224 Bytes 12.08.2014 06:28:37
avlode.dll : 14.0.6.526 603728 Bytes 12.08.2014 06:28:36
avlode.rdf : 14.0.4.42 65114 Bytes 03.08.2014 05:53:00
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00106.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00107.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00108.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00109.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00110.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00111.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00112.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00113.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:06
XBV00114.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00115.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00116.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00117.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00118.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00119.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00120.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00121.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00122.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00123.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00124.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00125.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00126.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00127.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00128.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00129.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00130.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00131.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00132.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00133.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00134.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00135.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00136.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00137.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00138.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00139.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:07
XBV00140.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00141.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00142.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00143.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00144.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00145.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00146.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00147.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00148.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00149.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00150.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00151.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00152.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00153.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00154.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00155.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00156.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00157.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00158.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00159.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00160.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00161.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00162.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00163.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00164.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00165.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00166.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00167.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00168.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00169.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00170.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00171.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00172.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00173.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00174.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00175.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00176.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00177.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:08
XBV00178.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00179.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00180.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00181.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00182.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00183.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00184.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00185.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00186.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00187.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00188.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00189.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00190.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00191.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00192.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00193.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00194.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00195.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00196.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00197.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00198.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00199.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00200.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00201.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00202.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00203.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00204.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00205.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00206.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00207.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00208.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00209.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00210.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00211.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00212.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00213.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00214.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00215.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00216.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:09
XBV00217.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00218.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00219.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00220.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00221.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00222.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00223.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00224.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00225.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00226.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00227.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00228.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00229.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00230.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00231.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00232.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00233.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00234.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00235.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00236.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00237.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00238.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00239.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00240.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00241.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00242.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00243.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00244.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00245.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00246.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00247.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00248.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00249.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00250.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00251.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00252.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00253.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00254.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00255.VDF : 8.11.165.192 2048 Bytes 07.08.2014 11:24:10
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 13:59:55
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 14:31:20
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 12:56:52
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:46:32
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 11:05:34
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:57:52
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 18:43:00
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:07:23
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 11:24:03
XBV00042.VDF : 8.11.165.218 217600 Bytes 07.08.2014 17:23:48
XBV00043.VDF : 8.11.165.246 262656 Bytes 07.08.2014 17:23:48
XBV00044.VDF : 8.11.165.250 20480 Bytes 07.08.2014 13:47:20
XBV00045.VDF : 8.11.165.252 2048 Bytes 07.08.2014 13:47:20
XBV00046.VDF : 8.11.165.254 7168 Bytes 07.08.2014 13:47:20
XBV00047.VDF : 8.11.166.4 5120 Bytes 08.08.2014 13:47:20
XBV00048.VDF : 8.11.166.16 6144 Bytes 08.08.2014 13:47:20
XBV00049.VDF : 8.11.166.20 28160 Bytes 08.08.2014 13:47:20
XBV00050.VDF : 8.11.166.22 2048 Bytes 08.08.2014 13:47:21
XBV00051.VDF : 8.11.166.24 20480 Bytes 08.08.2014 13:47:21
XBV00052.VDF : 8.11.166.28 33280 Bytes 08.08.2014 19:47:25
XBV00053.VDF : 8.11.166.32 214016 Bytes 08.08.2014 07:15:40
XBV00054.VDF : 8.11.166.34 5120 Bytes 08.08.2014 07:15:40
XBV00055.VDF : 8.11.166.58 216576 Bytes 09.08.2014 17:57:46
XBV00056.VDF : 8.11.166.78 15872 Bytes 09.08.2014 17:57:46
XBV00057.VDF : 8.11.166.98 37888 Bytes 10.08.2014 11:59:29
XBV00058.VDF : 8.11.166.100 2048 Bytes 10.08.2014 11:59:29
XBV00059.VDF : 8.11.166.102 45568 Bytes 10.08.2014 18:26:55
XBV00060.VDF : 8.11.166.104 2048 Bytes 10.08.2014 18:26:56
XBV00061.VDF : 8.11.166.106 16384 Bytes 11.08.2014 10:38:45
XBV00062.VDF : 8.11.166.108 3072 Bytes 11.08.2014 10:38:45
XBV00063.VDF : 8.11.166.110 8192 Bytes 11.08.2014 16:38:30
XBV00064.VDF : 8.11.166.112 10240 Bytes 11.08.2014 16:38:30
XBV00065.VDF : 8.11.166.114 24576 Bytes 11.08.2014 16:38:31
XBV00066.VDF : 8.11.166.118 215552 Bytes 11.08.2014 04:22:53
XBV00067.VDF : 8.11.166.138 2048 Bytes 11.08.2014 04:22:53
XBV00068.VDF : 8.11.166.158 2048 Bytes 11.08.2014 04:22:53
XBV00069.VDF : 8.11.166.180 8704 Bytes 11.08.2014 04:22:53
XBV00070.VDF : 8.11.166.202 11264 Bytes 12.08.2014 06:28:43
XBV00071.VDF : 8.11.166.206 4096 Bytes 12.08.2014 12:34:23
XBV00072.VDF : 8.11.166.208 5632 Bytes 12.08.2014 12:34:23
XBV00073.VDF : 8.11.166.210 6656 Bytes 12.08.2014 18:34:18
XBV00074.VDF : 8.11.166.212 215040 Bytes 12.08.2014 18:34:18
XBV00075.VDF : 8.11.166.216 29184 Bytes 12.08.2014 18:34:18
XBV00076.VDF : 8.11.166.222 22528 Bytes 12.08.2014 17:28:15
XBV00077.VDF : 8.11.166.226 10752 Bytes 13.08.2014 17:28:15
XBV00078.VDF : 8.11.166.228 2048 Bytes 13.08.2014 17:28:15
XBV00079.VDF : 8.11.166.230 12288 Bytes 13.08.2014 17:28:15
XBV00080.VDF : 8.11.166.232 223232 Bytes 13.08.2014 17:28:16
XBV00081.VDF : 8.11.166.234 10752 Bytes 13.08.2014 17:28:16
XBV00082.VDF : 8.11.166.236 2048 Bytes 13.08.2014 17:28:16
XBV00083.VDF : 8.11.166.238 224256 Bytes 13.08.2014 17:28:16
XBV00084.VDF : 8.11.166.240 11264 Bytes 13.08.2014 17:28:16
XBV00085.VDF : 8.11.166.242 2048 Bytes 13.08.2014 17:28:16
XBV00086.VDF : 8.11.166.244 41472 Bytes 13.08.2014 11:56:55
XBV00087.VDF : 8.11.166.250 8704 Bytes 13.08.2014 11:56:55
XBV00088.VDF : 8.11.167.16 209920 Bytes 14.08.2014 11:56:55
XBV00089.VDF : 8.11.167.34 203776 Bytes 14.08.2014 11:56:55
XBV00090.VDF : 8.11.167.54 5632 Bytes 14.08.2014 11:56:55
XBV00091.VDF : 8.11.167.76 2048 Bytes 14.08.2014 11:56:55
XBV00092.VDF : 8.11.167.96 35840 Bytes 14.08.2014 17:56:23
XBV00093.VDF : 8.11.167.98 204800 Bytes 14.08.2014 17:56:23
XBV00094.VDF : 8.11.167.100 2048 Bytes 14.08.2014 17:56:23
XBV00095.VDF : 8.11.167.102 2048 Bytes 14.08.2014 17:56:23
XBV00096.VDF : 8.11.167.106 19456 Bytes 14.08.2014 06:49:01
XBV00097.VDF : 8.11.167.108 2048 Bytes 14.08.2014 06:49:01
XBV00098.VDF : 8.11.167.110 2048 Bytes 14.08.2014 06:49:01
XBV00099.VDF : 8.11.167.116 207360 Bytes 15.08.2014 06:49:01
XBV00100.VDF : 8.11.167.118 13312 Bytes 15.08.2014 15:25:18
XBV00101.VDF : 8.11.167.120 28672 Bytes 15.08.2014 15:25:18
XBV00102.VDF : 8.11.167.122 2048 Bytes 15.08.2014 15:25:18
XBV00103.VDF : 8.11.167.124 2048 Bytes 15.08.2014 15:25:18
XBV00104.VDF : 8.11.167.126 2048 Bytes 15.08.2014 15:25:18
XBV00105.VDF : 8.11.167.130 251904 Bytes 15.08.2014 06:34:26
LOCAL001.VDF : 8.11.167.130 108654080 Bytes 15.08.2014 06:34:39
Engine version : 8.3.24.12
AEVDF.DLL : 8.3.1.4 133992 Bytes 14.08.2014 17:56:23
AESCRIPT.DLL : 8.2.0.16 428912 Bytes 14.08.2014 17:56:23
AESCN.DLL : 8.3.2.2 139456 Bytes 03.08.2014 05:52:58
AESBX.DLL : 8.2.20.24 1409224 Bytes 08.05.2014 13:16:19
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 16:53:59
AEPACK.DLL : 8.4.0.50 792488 Bytes 07.08.2014 17:23:48
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 17:56:23
AEHEUR.DLL : 8.1.4.1226 7388016 Bytes 14.08.2014 17:56:23
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:19:18
AEGEN.DLL : 8.1.7.28 450752 Bytes 06.06.2014 10:38:42
AEEXP.DLL : 8.4.2.22 244584 Bytes 03.08.2014 05:52:59
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 17:23:46
AEDROID.DLL : 8.4.2.24 442568 Bytes 04.06.2014 18:27:28
AECORE.DLL : 8.3.2.6 243712 Bytes 07.08.2014 17:23:46
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 17:23:46
AVWINLL.DLL : 14.0.6.522 24144 Bytes 12.08.2014 06:28:36
AVPREF.DLL : 14.0.6.522 50256 Bytes 12.08.2014 06:28:37
AVREP.DLL : 14.0.6.522 219216 Bytes 12.08.2014 06:28:37
AVARKT.DLL : 14.0.5.368 226384 Bytes 01.07.2014 11:30:18
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 12.08.2014 06:28:36
SQLITE3.DLL : 14.0.6.522 452176 Bytes 12.08.2014 06:28:43
AVSMTP.DLL : 14.0.6.522 76368 Bytes 12.08.2014 06:28:37
NETNT.DLL : 14.0.6.522 13392 Bytes 12.08.2014 06:28:42
RCIMAGE.DLL : 14.0.6.522 4864080 Bytes 12.08.2014 06:28:36
RCTEXT.DLL : 14.0.6.526 73808 Bytes 12.08.2014 06:28:36
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Delete
Secondary action....................: Delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Samstag, 16. August 2014 13:23
Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '79' Module(s) have been scanned
Scan process 'svchost.exe' - '86' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '150' Module(s) have been scanned
Scan process 'DisplayLinkManager.exe' - '56' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'DisplayLinkUserAgent.exe' - '36' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'avguard.exe' - '133' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '44' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '38' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'mfc100ud.exe' - '69' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '71' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '52' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'obexsrv.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '54' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '20' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '44' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '55' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'PMBDeviceInfoProvider.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '119' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'UNS.exe' - '64' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '36' Module(s) have been scanned
Scan process 'taskhost.exe' - '60' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'Explorer.EXE' - '161' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'BleServicesCtrl.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '42' Module(s) have been scanned
Scan process 'ipoint.exe' - '66' Module(s) have been scanned
Scan process 'uTorrent.exe' - '95' Module(s) have been scanned
Scan process 'iusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'pcee4.exe' - '88' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '40' Module(s) have been scanned
Scan process 'DisplayLinkUI.exe' - '31' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '40' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '58' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'jusched.exe' - '36' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '122' Module(s) have been scanned
Scan process 'mediasrv.exe' - '41' Module(s) have been scanned
Scan process 'PHotkey.exe' - '65' Module(s) have been scanned
Scan process 'GPMTray.exe' - '39' Module(s) have been scanned
Scan process 'MsgTranAgt.exe' - '22' Module(s) have been scanned
Scan process 'MsgTranAgt64.exe' - '16' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'HCSynApi.exe' - '36' Module(s) have been scanned
Scan process 'PVDesktop.exe' - '28' Module(s) have been scanned
Scan process 'PVDAgent.exe' - '16' Module(s) have been scanned
Scan process 'POSD.exe' - '28' Module(s) have been scanned
Scan process 'BTPlayerCtrl.exe' - '39' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'YouCamService.exe' - '78' Module(s) have been scanned
Scan process 'avscan.exe' - '119' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'iTunes.exe' - '164' Module(s) have been scanned
Scan process 'firefox.exe' - '127' Module(s) have been scanned
Scan process 'iPodService.exe' - '33' Module(s) have been scanned
Scan process 'AppleMobileDeviceHelper.exe' - '75' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'distnoted.exe' - '37' Module(s) have been scanned
Scan process 'conhost.exe' - '15' Module(s) have been scanned
Scan process 'plugin-container.exe' - '83' Module(s) have been scanned
Scan process 'FlashPlayerPlugin_14_0_0_145.exe' - '54' Module(s) have been scanned
Scan process 'FlashPlayerPlugin_14_0_0_145.exe' - '73' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '69' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
Signed -> 'C:\Windows\system32\winlogon.exe'
Signed -> 'C:\Windows\explorer.exe'
Signed -> 'C:\Windows\system32\smss.exe'
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
Signed -> 'C:\Windows\system32\services.exe'
Signed -> 'C:\Windows\system32\lsass.exe'
Signed -> 'C:\Windows\system32\csrss.exe'
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)
Starting to scan executable files (registry):
The registry was scanned ( '10142' files ).
Starting the file scan:
Begin scan in 'C:\' <Boot>
[0] Archive type: Runtime Packed
--> C:\Users\bieni2\Downloads\pdfsam-win-v2_2_1.exe
[1] Archive type: NSIS
--> ProgramFilesDir/[TempDir]/AVG_toolbar.exe
[2] Archive type: RSRC
--> C:\Users\bieni2\Downloads\Software\jxpiinstall.exe
[3] Archive type: Runtime Packed
--> C:\Windows\Installer\{467404D0-B489-494F-9A84-A21A838E2F7B}\{597FF948-BD70-4285-A910-755B895FD79D}.xpi
[4] Archive type: ZIP
--> chrome/content/dp.js
[DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
[WARNING] Infected files in archives cannot be repaired
C:\Windows\Installer\{467404D0-B489-494F-9A84-A21A838E2F7B}\{597FF948-BD70-4285-A910-755B895FD79D}.xpi
[DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
[NOTE] The file was deleted.
--> C:\Windows\Installer\{72EC1C9D-EE9A-44A4-B4C0-805B97F3AE7B}\cekkjdnjimhfiabhibnimkgcnpbbiebjfrx
[4] Archive type: ZIP
--> dp.js
[DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
[WARNING] Infected files in archives cannot be repaired
C:\Windows\Installer\{72EC1C9D-EE9A-44A4-B4C0-805B97F3AE7B}\cekkjdnjimhfiabhibnimkgcnpbbiebjfrx
[DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
[NOTE] The file was deleted.
Begin scan in 'D:\' <Recover>
End of the scan: Samstag, 16. August 2014 17:35
Used time: 4:11:27 Hour(s)
The scan has been done completely.
73767 Scanned directories
2492593 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
2 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2492589 Files not concerned
46897 Archives were scanned
2 Warnings
2 Notes
1300986 Objects were scanned with rootkit scan
0 Hidden objects were found
Code:
ATTFilter
Avira Free Antivirus
Report file date: Freitag, 22. August 2014 20:21
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BIENI2-PC
Version information:
BUILD.DAT : 14.0.6.552 92022 Bytes 23.07.2014 13:29:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 12.08.2014 06:28:37
AVSCANRC.DLL : 14.0.6.522 52816 Bytes 12.08.2014 06:28:37
LUKE.DLL : 14.0.6.522 57936 Bytes 12.08.2014 06:28:42
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 12.08.2014 06:28:37
AVREG.DLL : 14.0.6.522 262224 Bytes 12.08.2014 06:28:37
avlode.dll : 14.0.6.526 603728 Bytes 12.08.2014 06:28:36
avlode.rdf : 14.0.4.42 65114 Bytes 03.08.2014 05:53:00
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00068.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00069.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00070.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00071.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00072.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00073.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00074.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00075.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00076.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00077.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00078.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:45
XBV00079.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00080.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00081.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00082.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00083.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00084.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00085.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00086.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00087.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00088.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00089.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00090.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00091.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00092.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00093.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00094.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00095.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00096.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00097.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00098.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00099.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00100.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00101.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00102.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00103.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00104.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00105.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00106.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00107.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00108.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00109.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00110.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00111.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00112.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00113.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00114.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00115.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00116.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00117.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00118.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00119.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00120.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00121.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00122.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00123.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00124.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00125.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00126.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00127.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00128.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00129.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00130.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00131.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00132.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00133.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00134.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00135.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00136.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00137.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00138.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00139.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00140.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00141.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00142.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00143.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00144.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00145.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00146.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00147.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00148.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00149.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00150.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00151.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00152.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00153.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00154.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00155.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00156.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00157.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00158.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00159.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00160.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00161.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00162.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00163.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00164.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00165.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00166.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00167.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00168.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00169.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00170.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00171.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00172.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00173.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00174.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00175.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00176.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00177.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00178.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00179.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00180.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00181.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00182.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00183.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00184.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00185.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00186.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00187.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00188.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00189.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00190.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00191.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00192.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00193.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00194.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00195.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00196.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00197.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00198.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00199.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00200.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00201.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00202.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00203.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00204.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00205.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00206.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00207.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00208.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00209.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00210.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00211.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00212.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00213.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00214.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00215.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00216.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00217.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00218.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00219.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00220.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00221.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00222.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00223.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00224.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00225.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00226.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00227.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00228.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00229.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00230.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00231.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00232.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00233.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00234.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00235.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00236.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00237.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00238.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00239.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00240.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00241.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00242.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00243.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00244.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00245.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00246.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00247.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00248.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00249.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00250.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00251.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00252.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00253.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00254.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00255.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 13:59:55
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 14:31:20
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 12:56:52
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:46:32
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 11:05:34
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:57:52
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 18:43:00
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:07:23
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 11:24:03
XBV00042.VDF : 8.11.167.234 1073152 Bytes 19.08.2014 18:22:42
XBV00043.VDF : 8.11.167.236 3584 Bytes 19.08.2014 18:22:42
XBV00044.VDF : 8.11.167.238 17408 Bytes 19.08.2014 18:22:42
XBV00045.VDF : 8.11.167.242 7168 Bytes 19.08.2014 18:22:43
XBV00046.VDF : 8.11.167.248 2048 Bytes 19.08.2014 18:22:43
XBV00047.VDF : 8.11.168.26 19968 Bytes 19.08.2014 18:22:43
XBV00048.VDF : 8.11.168.44 10240 Bytes 19.08.2014 13:59:41
XBV00049.VDF : 8.11.168.60 2048 Bytes 19.08.2014 13:59:41
XBV00050.VDF : 8.11.168.78 27136 Bytes 20.08.2014 13:59:41
XBV00051.VDF : 8.11.168.80 2048 Bytes 20.08.2014 13:59:41
XBV00052.VDF : 8.11.168.98 15360 Bytes 20.08.2014 13:59:41
XBV00053.VDF : 8.11.168.100 2048 Bytes 20.08.2014 13:59:41
XBV00054.VDF : 8.11.168.116 28160 Bytes 20.08.2014 19:59:34
XBV00055.VDF : 8.11.168.118 9216 Bytes 20.08.2014 07:06:59
XBV00056.VDF : 8.11.168.120 4096 Bytes 20.08.2014 07:06:59
XBV00057.VDF : 8.11.168.124 12800 Bytes 21.08.2014 07:06:59
XBV00058.VDF : 8.11.168.126 25088 Bytes 21.08.2014 13:43:06
XBV00059.VDF : 8.11.168.132 33280 Bytes 21.08.2014 19:43:08
XBV00060.VDF : 8.11.168.134 2048 Bytes 21.08.2014 19:43:08
XBV00061.VDF : 8.11.168.138 11776 Bytes 21.08.2014 15:25:46
XBV00062.VDF : 8.11.168.140 3584 Bytes 21.08.2014 15:25:46
XBV00063.VDF : 8.11.168.158 3584 Bytes 22.08.2014 15:25:46
XBV00064.VDF : 8.11.168.174 2048 Bytes 22.08.2014 15:25:46
XBV00065.VDF : 8.11.168.180 5120 Bytes 22.08.2014 15:25:46
XBV00066.VDF : 8.11.168.220 7168 Bytes 22.08.2014 15:25:46
XBV00067.VDF : 8.11.168.222 20480 Bytes 22.08.2014 15:25:46
LOCAL000.VDF : 8.11.168.222 109041664 Bytes 22.08.2014 15:26:35
Engine version : 8.3.24.18
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:59:41
AESCRIPT.DLL : 8.2.0.18 437104 Bytes 22.08.2014 15:25:46
AESCN.DLL : 8.3.2.2 139456 Bytes 03.08.2014 05:52:58
AESBX.DLL : 8.2.20.24 1409224 Bytes 08.05.2014 13:16:19
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 16:53:59
AEPACK.DLL : 8.4.0.50 792488 Bytes 07.08.2014 17:23:48
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 17:56:23
AEHEUR.DLL : 8.1.4.1240 7433072 Bytes 22.08.2014 15:25:45
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:19:18
AEGEN.DLL : 8.1.7.28 450752 Bytes 06.06.2014 10:38:42
AEEXP.DLL : 8.4.2.30 247712 Bytes 22.08.2014 15:25:46
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 17:23:46
AEDROID.DLL : 8.4.2.24 442568 Bytes 04.06.2014 18:27:28
AECORE.DLL : 8.3.2.6 243712 Bytes 07.08.2014 17:23:46
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 17:23:46
AVWINLL.DLL : 14.0.6.522 24144 Bytes 12.08.2014 06:28:36
AVPREF.DLL : 14.0.6.522 50256 Bytes 12.08.2014 06:28:37
AVREP.DLL : 14.0.6.522 219216 Bytes 12.08.2014 06:28:37
AVARKT.DLL : 14.0.5.368 226384 Bytes 01.07.2014 11:30:18
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 12.08.2014 06:28:36
SQLITE3.DLL : 14.0.6.522 452176 Bytes 12.08.2014 06:28:43
AVSMTP.DLL : 14.0.6.522 76368 Bytes 12.08.2014 06:28:37
NETNT.DLL : 14.0.6.522 13392 Bytes 12.08.2014 06:28:42
RCIMAGE.DLL : 14.0.6.522 4864080 Bytes 12.08.2014 06:28:36
RCTEXT.DLL : 14.0.6.526 73808 Bytes 12.08.2014 06:28:36
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Delete
Secondary action....................: Delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Freitag, 22. August 2014 20:21
Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '43' Module(s) have been scanned
Scan process 'svchost.exe' - '89' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '154' Module(s) have been scanned
Scan process 'DisplayLinkManager.exe' - '56' Module(s) have been scanned
Scan process 'DisplayLinkUserAgent.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '78' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'avguard.exe' - '133' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '44' Module(s) have been scanned
Scan process 'MemeoBackgroundService.exe' - '65' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '38' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'mfc100ud.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '76' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '71' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '52' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'obexsrv.exe' - '39' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'taskhost.exe' - '63' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'Explorer.EXE' - '170' Module(s) have been scanned
Scan process 'DisplayLinkUI.exe' - '31' Module(s) have been scanned
Scan process 'PHotkey.exe' - '65' Module(s) have been scanned
Scan process 'GPMTray.exe' - '39' Module(s) have been scanned
Scan process 'MsgTranAgt.exe' - '22' Module(s) have been scanned
Scan process 'MsgTranAgt64.exe' - '16' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'ATouch64.exe' - '25' Module(s) have been scanned
Scan process 'svchost.exe' - '48' Module(s) have been scanned
Scan process 'PVDesktop.exe' - '29' Module(s) have been scanned
Scan process 'PVDAgent.exe' - '16' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'BleServicesCtrl.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '42' Module(s) have been scanned
Scan process 'ipoint.exe' - '66' Module(s) have been scanned
Scan process 'POSD.exe' - '28' Module(s) have been scanned
Scan process 'HCSynApi.exe' - '36' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'uTorrent.exe' - '97' Module(s) have been scanned
Scan process 'iusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'pcee4.exe' - '74' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '40' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '59' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'jusched.exe' - '37' Module(s) have been scanned
Scan process 'Avira.OE.Systray.exe' - '122' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '57' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'YouCamService.exe' - '77' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '40' Module(s) have been scanned
Scan process 'mediasrv.exe' - '41' Module(s) have been scanned
Scan process 'BTPlayerCtrl.exe' - '39' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '20' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '44' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '55' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'PMBDeviceInfoProvider.exe' - '33' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '119' Module(s) have been scanned
Scan process 'UNS.exe' - '64' Module(s) have been scanned
Scan process 'avscan.exe' - '119' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'taskhost.exe' - '31' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '29' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '71' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
Signed -> 'C:\Windows\system32\winlogon.exe'
Signed -> 'C:\Windows\explorer.exe'
Signed -> 'C:\Windows\system32\smss.exe'
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
Signed -> 'C:\Windows\system32\services.exe'
Signed -> 'C:\Windows\system32\lsass.exe'
Signed -> 'C:\Windows\system32\csrss.exe'
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)
Starting to scan executable files (registry):
The registry was scanned ( '10140' files ).
Starting the file scan:
Begin scan in 'C:\' <Boot>
[0] Archive type: Runtime Packed
--> C:\Users\bieni2\Downloads\pdfsam-win-v2_2_1.exe
[1] Archive type: NSIS
--> ProgramFilesDir/[TempDir]/AVG_toolbar.exe
[2] Archive type: RSRC
--> C:\Users\bieni2\Downloads\Software\jxpiinstall.exe
[3] Archive type: Runtime Packed
--> C:\Windows\Installer\{2D684F5E-DAA7-4FDA-9343-6578AFFDB4F2}\ckogggjiflbkidckdamfkillakaejmbjarx
[4] Archive type: ZIP
--> dp.js
[DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
[WARNING] Infected files in archives cannot be repaired
C:\Windows\Installer\{2D684F5E-DAA7-4FDA-9343-6578AFFDB4F2}\ckogggjiflbkidckdamfkillakaejmbjarx
[DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
[NOTE] The file was deleted.
--> C:\Windows\Installer\{E733C20B-7995-4E0A-A09E-FDB7C7003A57}\{1CF5D753-E587-4D0A-B498-AB1D9A234392}.xpi
[4] Archive type: ZIP
--> chrome/content/dp.js
[DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
[WARNING] Infected files in archives cannot be repaired
C:\Windows\Installer\{E733C20B-7995-4E0A-A09E-FDB7C7003A57}\{1CF5D753-E587-4D0A-B498-AB1D9A234392}.xpi
[DETECTION] Contains virus patterns of Adware ADWARE/Lintrane.AV
[NOTE] The file was deleted.
Begin scan in 'D:\' <Recover>
End of the scan: Samstag, 23. August 2014 01:58
Used time: 5:37:16 Hour(s)
The scan has been done completely.
72415 Scanned directories
2493620 Files were scanned
4 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
2 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2493616 Files not concerned
46563 Archives were scanned
2 Warnings
2 Notes
1299957 Objects were scanned with rootkit scan
0 Hidden objects were found
Code:
ATTFilter
Avira Free Antivirus
Report file date: Montag, 25. August 2014 22:59
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Antivirus Free
Serial number : 0000149996-AVHOE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : SYSTEM
Computer name : BIENI2-PC
Version information:
BUILD.DAT : 14.0.6.552 92022 Bytes 23.07.2014 13:29:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 12.08.2014 06:28:37
AVSCANRC.DLL : 14.0.6.522 52816 Bytes 12.08.2014 06:28:37
LUKE.DLL : 14.0.6.522 57936 Bytes 12.08.2014 06:28:42
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 12.08.2014 06:28:37
AVREG.DLL : 14.0.6.522 262224 Bytes 12.08.2014 06:28:37
avlode.dll : 14.0.6.526 603728 Bytes 12.08.2014 06:28:36
avlode.rdf : 14.0.4.42 65114 Bytes 03.08.2014 05:53:00
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 11:24:04
XBV00088.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:46
XBV00089.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00090.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00091.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00092.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00093.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00094.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00095.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00096.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00097.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00098.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00099.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00100.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00101.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00102.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00103.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00104.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00105.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00106.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00107.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00108.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00109.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00110.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00111.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00112.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00113.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00114.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00115.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00116.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00117.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00118.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00119.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00120.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00121.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00122.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00123.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:47
XBV00124.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00125.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00126.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00127.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00128.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00129.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00130.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00131.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00132.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00133.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00134.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00135.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00136.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00137.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00138.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00139.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00140.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00141.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00142.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00143.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00144.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00145.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00146.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00147.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00148.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00149.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00150.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00151.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00152.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00153.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00154.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:48
XBV00155.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00156.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00157.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00158.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00159.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00160.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00161.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00162.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00163.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00164.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00165.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00166.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00167.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00168.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00169.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:57
XBV00170.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00171.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00172.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00173.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00174.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00175.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00176.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00177.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00178.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00179.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00180.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00181.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00182.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00183.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00184.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:58
XBV00185.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00186.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00187.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00188.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00189.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00190.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00191.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00192.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00193.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00194.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00195.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00196.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00197.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00198.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00199.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00200.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00201.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00202.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:22:59
XBV00203.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00204.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00205.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00206.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00207.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00208.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00209.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00210.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00211.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00212.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00213.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00214.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00215.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00216.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00217.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00218.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00219.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00220.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00221.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00222.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00223.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00224.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00225.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:00
XBV00226.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00227.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00228.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00229.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00230.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00231.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00232.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00233.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00234.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00235.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00236.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00237.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00238.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00239.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00240.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:01
XBV00241.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00242.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00243.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00244.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00245.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00246.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00247.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00248.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00249.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00250.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00251.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00252.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00253.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00254.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00255.VDF : 8.11.167.234 2048 Bytes 19.08.2014 18:23:02
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 13:59:55
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 14:31:20
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 12:56:52
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:46:32
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 11:05:34
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:57:52
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 18:43:00
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 13:07:23
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 11:24:03
XBV00042.VDF : 8.11.167.234 1073152 Bytes 19.08.2014 18:22:42
XBV00043.VDF : 8.11.167.236 3584 Bytes 19.08.2014 18:22:42
XBV00044.VDF : 8.11.167.238 17408 Bytes 19.08.2014 18:22:42
XBV00045.VDF : 8.11.167.242 7168 Bytes 19.08.2014 18:22:43
XBV00046.VDF : 8.11.167.248 2048 Bytes 19.08.2014 18:22:43
XBV00047.VDF : 8.11.168.26 19968 Bytes 19.08.2014 18:22:43
XBV00048.VDF : 8.11.168.44 10240 Bytes 19.08.2014 13:59:41
XBV00049.VDF : 8.11.168.60 2048 Bytes 19.08.2014 13:59:41
XBV00050.VDF : 8.11.168.78 27136 Bytes 20.08.2014 13:59:41
XBV00051.VDF : 8.11.168.80 2048 Bytes 20.08.2014 13:59:41
XBV00052.VDF : 8.11.168.98 15360 Bytes 20.08.2014 13:59:41
XBV00053.VDF : 8.11.168.100 2048 Bytes 20.08.2014 13:59:41
XBV00054.VDF : 8.11.168.116 28160 Bytes 20.08.2014 19:59:34
XBV00055.VDF : 8.11.168.118 9216 Bytes 20.08.2014 07:06:59
XBV00056.VDF : 8.11.168.120 4096 Bytes 20.08.2014 07:06:59
XBV00057.VDF : 8.11.168.124 12800 Bytes 21.08.2014 07:06:59
XBV00058.VDF : 8.11.168.126 25088 Bytes 21.08.2014 13:43:06
XBV00059.VDF : 8.11.168.132 33280 Bytes 21.08.2014 19:43:08
XBV00060.VDF : 8.11.168.134 2048 Bytes 21.08.2014 19:43:08
XBV00061.VDF : 8.11.168.138 11776 Bytes 21.08.2014 15:25:46
XBV00062.VDF : 8.11.168.140 3584 Bytes 21.08.2014 15:25:46
XBV00063.VDF : 8.11.168.158 3584 Bytes 22.08.2014 15:25:46
XBV00064.VDF : 8.11.168.174 2048 Bytes 22.08.2014 15:25:46
XBV00065.VDF : 8.11.168.180 5120 Bytes 22.08.2014 15:25:46
XBV00066.VDF : 8.11.168.220 7168 Bytes 22.08.2014 15:25:46
XBV00067.VDF : 8.11.168.222 20480 Bytes 22.08.2014 15:25:46
XBV00068.VDF : 8.11.168.226 17920 Bytes 22.08.2014 21:26:19
XBV00069.VDF : 8.11.168.230 8704 Bytes 22.08.2014 06:48:42
XBV00070.VDF : 8.11.168.234 4608 Bytes 23.08.2014 06:48:42
XBV00071.VDF : 8.11.168.236 4608 Bytes 23.08.2014 06:48:42
XBV00072.VDF : 8.11.168.238 4608 Bytes 23.08.2014 06:48:42
XBV00073.VDF : 8.11.168.240 37376 Bytes 23.08.2014 06:48:42
XBV00074.VDF : 8.11.168.242 2048 Bytes 23.08.2014 06:48:42
XBV00075.VDF : 8.11.168.244 38400 Bytes 24.08.2014 14:34:35
XBV00076.VDF : 8.11.168.246 2048 Bytes 24.08.2014 14:34:35
XBV00077.VDF : 8.11.168.248 14848 Bytes 24.08.2014 14:34:35
XBV00078.VDF : 8.11.168.252 2048 Bytes 24.08.2014 14:34:36
XBV00079.VDF : 8.11.168.254 24576 Bytes 24.08.2014 14:34:36
XBV00080.VDF : 8.11.169.2 2048 Bytes 24.08.2014 15:34:35
XBV00081.VDF : 8.11.169.4 22528 Bytes 25.08.2014 15:34:35
XBV00082.VDF : 8.11.169.20 6656 Bytes 25.08.2014 15:34:35
XBV00083.VDF : 8.11.169.36 4608 Bytes 25.08.2014 15:34:35
XBV00084.VDF : 8.11.169.38 11264 Bytes 25.08.2014 15:34:35
XBV00085.VDF : 8.11.169.40 2048 Bytes 25.08.2014 15:34:35
XBV00086.VDF : 8.11.169.54 8192 Bytes 25.08.2014 15:34:35
XBV00087.VDF : 8.11.169.62 28672 Bytes 25.08.2014 19:03:29
LOCAL001.VDF : 8.11.169.62 109239808 Bytes 25.08.2014 19:03:44
Engine version : 8.3.24.18
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:59:41
AESCRIPT.DLL : 8.2.0.18 437104 Bytes 22.08.2014 15:25:46
AESCN.DLL : 8.3.2.2 139456 Bytes 03.08.2014 05:52:58
AESBX.DLL : 8.2.20.24 1409224 Bytes 08.05.2014 13:16:19
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 16:53:59
AEPACK.DLL : 8.4.0.50 792488 Bytes 07.08.2014 17:23:48
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 17:56:23
AEHEUR.DLL : 8.1.4.1240 7433072 Bytes 22.08.2014 15:25:45
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:19:18
AEGEN.DLL : 8.1.7.28 450752 Bytes 06.06.2014 10:38:42
AEEXP.DLL : 8.4.2.30 247712 Bytes 22.08.2014 15:25:46
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 17:23:46
AEDROID.DLL : 8.4.2.24 442568 Bytes 04.06.2014 18:27:28
AECORE.DLL : 8.3.2.6 243712 Bytes 07.08.2014 17:23:46
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 17:23:46
AVWINLL.DLL : 14.0.6.522 24144 Bytes 12.08.2014 06:28:36
AVPREF.DLL : 14.0.6.522 50256 Bytes 12.08.2014 06:28:37
AVREP.DLL : 14.0.6.522 219216 Bytes 12.08.2014 06:28:37
AVARKT.DLL : 14.0.5.368 226384 Bytes 01.07.2014 11:30:18
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 12.08.2014 06:28:36
SQLITE3.DLL : 14.0.6.522 452176 Bytes 12.08.2014 06:28:43
AVSMTP.DLL : 14.0.6.522 76368 Bytes 12.08.2014 06:28:37
NETNT.DLL : 14.0.6.522 13392 Bytes 12.08.2014 06:28:42
RCIMAGE.DLL : 14.0.6.522 4864080 Bytes 12.08.2014 06:28:36
RCTEXT.DLL : 14.0.6.526 73808 Bytes 12.08.2014 06:28:36
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Delete
Secondary action....................: Delete
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: on
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Montag, 25. August 2014 22:59
Start scanning boot sectors:
Boot sector 'HDD0(C:, D:)'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'svchost.exe' - '52' Module(s) have been scanned
Scan process 'svchost.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '79' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'svchost.exe' - '60' Module(s) have been scanned
Scan process 'svchost.exe' - '141' Module(s) have been scanned
Scan process 'DisplayLinkManager.exe' - '56' Module(s) have been scanned
Scan process 'DisplayLinkUserAgent.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '74' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '25' Module(s) have been scanned
Scan process 'GFNEXSrv.exe' - '34' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'sched.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '61' Module(s) have been scanned
Scan process 'avguard.exe' - '134' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '35' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'EvtEng.exe' - '62' Module(s) have been scanned
Scan process 'HeciServer.exe' - '27' Module(s) have been scanned
Scan process 'jhi_service.exe' - '44' Module(s) have been scanned
Scan process 'MemeoBackgroundService.exe' - '51' Module(s) have been scanned
Scan process 'PsiService_2.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '38' Module(s) have been scanned
Scan process 'RichVideo64.exe' - '24' Module(s) have been scanned
Scan process 'mfc100ud.exe' - '57' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'WLIDSVC.EXE' - '76' Module(s) have been scanned
Scan process 'ZeroConfigService.exe' - '71' Module(s) have been scanned
Scan process 'WLIDSvcM.exe' - '17' Module(s) have been scanned
Scan process 'Avira.OE.ServiceHost.exe' - '127' Module(s) have been scanned
Scan process 'unsecapp.exe' - '27' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '52' Module(s) have been scanned
Scan process 'obexsrv.exe' - '39' Module(s) have been scanned
Scan process 'avshadow.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'taskhost.exe' - '73' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'Explorer.EXE' - '169' Module(s) have been scanned
Scan process 'DisplayLinkUI.exe' - '31' Module(s) have been scanned
Scan process 'PHotkey.exe' - '65' Module(s) have been scanned
Scan process 'GPMTray.exe' - '39' Module(s) have been scanned
Scan process 'MsgTranAgt.exe' - '22' Module(s) have been scanned
Scan process 'MsgTranAgt64.exe' - '16' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'ATouch64.exe' - '25' Module(s) have been scanned
Scan process 'PVDesktop.exe' - '28' Module(s) have been scanned
Scan process 'PVDAgent.exe' - '16' Module(s) have been scanned
Scan process 'POSD.exe' - '28' Module(s) have been scanned
Scan process 'hkcmd.exe' - '28' Module(s) have been scanned
Scan process 'igfxpers.exe' - '38' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '48' Module(s) have been scanned
Scan process 'BleServicesCtrl.exe' - '34' Module(s) have been scanned
Scan process 'rundll32.exe' - '42' Module(s) have been scanned
Scan process 'ipoint.exe' - '66' Module(s) have been scanned
Scan process 'uTorrent.exe' - '97' Module(s) have been scanned
Scan process 'HCSynApi.exe' - '36' Module(s) have been scanned
Scan process 'iusb3mon.exe' - '36' Module(s) have been scanned
Scan process 'pcee4.exe' - '74' Module(s) have been scanned
Scan process 'CLMLSvc.exe' - '40' Module(s) have been scanned
Scan process 'PDVD10Serv.exe' - '58' Module(s) have been scanned
Scan process 'SYNTPHELPER.EXE' - '17' Module(s) have been scanned
Scan process 'avgnt.exe' - '99' Module(s) have been scanned
Scan process 'jusched.exe' - '36' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '54' Module(s) have been scanned
Scan process 'YouCamService.exe' - '78' Module(s) have been scanned
Scan process 'devmonsrv.exe' - '40' Module(s) have been scanned
Scan process 'mediasrv.exe' - '41' Module(s) have been scanned
Scan process 'BTPlayerCtrl.exe' - '39' Module(s) have been scanned
Scan process 'BTHSAmpPalService.exe' - '20' Module(s) have been scanned
Scan process 'BTHSSecurityMgr.exe' - '44' Module(s) have been scanned
Scan process 'avscan.exe' - '120' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '55' Module(s) have been scanned
Scan process 'LMS.exe' - '33' Module(s) have been scanned
Scan process 'PMBDeviceInfoProvider.exe' - '33' Module(s) have been scanned
Scan process 'vssvc.exe' - '47' Module(s) have been scanned
Scan process 'svchost.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '62' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '119' Module(s) have been scanned
Scan process 'svchost.exe' - '49' Module(s) have been scanned
Scan process 'UNS.exe' - '64' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '36' Module(s) have been scanned
Scan process 'SearchProtocolHost.exe' - '29' Module(s) have been scanned
Scan process 'SearchFilterHost.exe' - '27' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '18' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '16' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'lsass.exe' - '69' Module(s) have been scanned
Scan process 'lsm.exe' - '16' Module(s) have been scanned
Scan process 'winlogon.exe' - '31' Module(s) have been scanned
Initiating scan of system files:
Signed -> 'C:\Windows\system32\svchost.exe'
Signed -> 'C:\Windows\system32\winlogon.exe'
Signed -> 'C:\Windows\explorer.exe'
Signed -> 'C:\Windows\system32\smss.exe'
Signed -> 'C:\Windows\system32\wininet.DLL'
Signed -> 'C:\Windows\system32\wsock32.DLL'
Signed -> 'C:\Windows\system32\ws2_32.DLL'
Signed -> 'C:\Windows\system32\services.exe'
Signed -> 'C:\Windows\system32\lsass.exe'
Signed -> 'C:\Windows\system32\csrss.exe'
Signed -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signed -> 'C:\Windows\system32\spoolsv.exe'
Signed -> 'C:\Windows\system32\alg.exe'
Signed -> 'C:\Windows\system32\wuauclt.exe'
Signed -> 'C:\Windows\system32\advapi32.DLL'
Signed -> 'C:\Windows\system32\user32.DLL'
Signed -> 'C:\Windows\system32\gdi32.DLL'
Signed -> 'C:\Windows\system32\kernel32.DLL'
Signed -> 'C:\Windows\system32\ntdll.DLL'
Signed -> 'C:\Windows\system32\ntoskrnl.exe'
Signed -> 'C:\Windows\system32\drivers\beep.sys'
Signed -> 'C:\Windows\system32\ctfmon.exe'
Signed -> 'C:\Windows\system32\imm32.dll'
Signed -> 'C:\Windows\system32\dsound.dll'
Signed -> 'C:\Windows\system32\aclui.dll'
Signed -> 'C:\Windows\system32\msvcrt.dll'
Signed -> 'C:\Windows\system32\d3d9.dll'
Signed -> 'C:\Windows\system32\dnsapi.dll'
Signed -> 'C:\Windows\system32\mshtml.dll'
Signed -> 'C:\Windows\system32\regsvr32.exe'
Signed -> 'C:\Windows\system32\rundll32.exe'
Signed -> 'C:\Windows\system32\userinit.exe'
Signed -> 'C:\Windows\system32\reg.exe'
Signed -> 'C:\Windows\regedit.exe'
The system files were scanned ('34' files)
Starting to scan executable files (registry):
The registry was scanned ( '10148' files ).
Starting the file scan:
Begin scan in 'C:\' <Boot>
[0] Archive type: Runtime Packed
--> C:\Users\bieni2\Downloads\pdfsam-win-v2_2_1.exe
[1] Archive type: NSIS
--> ProgramFilesDir/[TempDir]/AVG_toolbar.exe
[2] Archive type: RSRC
--> C:\Users\bieni2\Downloads\Software\jxpiinstall.exe
[3] Archive type: Runtime Packed
--> C:\Windows\Installer\{A2549B58-0538-4957-9D69-296C167B6B07}\cgoeoagpliggelbifcanmkcjahlnahbbjrx
[4] Archive type: ZIP
--> dp.js
[DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
[WARNING] Infected files in archives cannot be repaired
C:\Windows\Installer\{A2549B58-0538-4957-9D69-296C167B6B07}\cgoeoagpliggelbifcanmkcjahlnahbbjrx
[DETECTION] Contains recognition pattern of the JS/GFilter.BA Java script virus
[NOTE] The file was deleted.
Begin scan in 'D:\' <Recover>
End of the scan: Dienstag, 26. August 2014 02:42
Used time: 3:43:02 Hour(s)
The scan has been done completely.
72860 Scanned directories
2480053 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
1 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2480051 Files not concerned
46613 Archives were scanned
1 Warnings
1 Notes
1299696 Objects were scanned with rootkit scan
0 Hidden objects were found
|
|
29.08.2014, 08:59
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Das Addition Log von FRST fehlt
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.08.2014, 11:13
| #5 |
| | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Oh, hatte ich glatt überlesen. Sorry. Gerade nochmal gescannt und diesmal bei Addition.txt das Häkchen gesetzt. Hier also der aktuelle FRST scan: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by bieni2 (administrator) on BIENI2-PC on 29-08-2014 12:08:38
Running from C:\Users\bieni2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Windows\System32\mfc100ud.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [uTorrent] => C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
BootExecute: autocheck autochk /k:C *
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.214 80.69.100.110
FireFox:
========
FF ProfilePath: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\user.js
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}] - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}\{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}.xpi [2014-08-27]
Chrome:
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\bieni2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9306928 2013-12-13] (DisplayLink Corp.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 sdbinstd; C:\Windows\system32\mfc100ud.exe [118784 2014-03-01] () [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.4.53134.0.sys [46384 2014-01-09] ()
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [202128 2013-12-13] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:34 - 2014-08-28 21:35 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM.txt
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:50 - 2014-08-29 12:09 - 00017820 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-27 21:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 21:08 - 2014-08-28 21:23 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 22:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 22:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 22:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 22:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 22:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-16 20:35 - 2014-08-16 20:46 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 21:59 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:23 - 2014-08-17 21:39 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:53 - 2014-08-24 16:36 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-13 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 22:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:33 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:33 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:33 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:19 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 20:19 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-09 20:18 - 2014-08-09 20:19 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-03 08:55 - 2014-08-03 08:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 12:09 - 2014-08-28 20:50 - 00017820 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-29 12:08 - 2014-07-06 21:33 - 00000000 ____D () C:\FRST
2014-08-29 12:08 - 2012-08-18 19:35 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\uTorrent
2014-08-29 11:30 - 2012-08-28 07:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-29 11:26 - 2012-06-25 15:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-29 09:48 - 2012-06-25 15:12 - 00000000 ____D () C:\Users\bieni2\Documents\Youcam
2014-08-29 09:47 - 2013-06-07 20:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-29 09:47 - 2013-06-03 17:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-29 09:47 - 2012-06-25 15:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 09:44 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 09:44 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 09:41 - 2012-06-25 15:02 - 01859019 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 09:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 09:36 - 2009-07-14 06:51 - 00277591 _____ () C:\Windows\setupact.log
2014-08-29 09:32 - 2014-07-09 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-29 08:19 - 2010-11-21 05:47 - 00119496 _____ () C:\Windows\PFRO.log
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:35 - 2014-08-28 21:34 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:34 - 2014-02-22 13:07 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 21:34 - 2014-02-22 13:06 - 756738886 _____ () C:\Windows\MEMORY.DMP
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM.txt
2014-08-28 21:23 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-28 16:38 - 2009-07-14 06:45 - 00555424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:08 - 2014-08-27 21:08 - 00000000 ____D () C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
2014-08-27 21:08 - 2014-03-26 16:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-26 19:33 - 2012-08-18 11:36 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\vlc
2014-08-25 21:04 - 2012-08-28 07:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 21:04 - 2012-08-18 21:05 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 21:04 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 22:29 - 2012-09-03 22:20 - 00000000 ____D () C:\Users\bieni2\Documents\Calibre Bibliothek
2014-08-24 22:13 - 2011-05-16 16:04 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 22:13 - 2011-05-16 16:04 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 22:13 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:08 - 2012-08-20 21:44 - 00000000 ____D () C:\Users\bieni2\Downloads\ebooks
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:52 - 2012-09-03 22:19 - 00000964 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-24 21:50 - 2014-08-24 21:50 - 61825024 _____ () C:\Users\bieni2\Downloads\calibre-2.0.0.msi
2014-08-24 21:19 - 2013-01-02 19:59 - 00000000 ___RD () C:\Users\bieni2\Google Drive
2014-08-24 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 16:36 - 2014-08-14 13:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-24 16:35 - 2014-08-24 16:35 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-24 16:35 - 2012-11-14 22:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-24 08:49 - 2014-08-24 08:49 - 38678632 _____ () C:\Users\bieni2\Downloads\MuseScore-1.3.exe
2014-08-23 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 04:07 - 2014-08-27 21:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 21:53 - 2014-04-09 13:44 - 00000000 ____D () C:\Users\bieni2\Downloads\Filme
2014-08-20 21:34 - 2011-07-18 22:56 - 00000000 ____D () C:\Windows\nl
2014-08-19 20:27 - 2013-01-02 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-17 21:39 - 2014-08-16 20:23 - 06420972 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_103E7A0627.dat
2014-08-16 21:59 - 2014-08-16 20:34 - 33919240 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_12604140FF.dat
2014-08-16 20:46 - 2014-08-16 20:35 - 07512319 ____R () C:\Users\bieni2\Downloads\~uTorrentPartFile_13FFEFA13F.dat
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:23 - 2014-08-15 13:23 - 17747416 _____ (DisplayLink Corp.) C:\Users\bieni2\Downloads\DisplayLink_6.3M1(1).exe
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:54 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-14 13:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:16 - 2012-08-24 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 22:11 - 2013-09-01 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:08 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 21:14 - 2013-09-11 17:05 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:21 - 2013-10-18 22:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:19 - 2014-08-09 20:18 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-09 20:19 - 2013-08-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 13:22 - 2014-02-04 14:36 - 00000000 ____D () C:\Program Files (x86)\Steuer 2013
2014-08-07 13:22 - 2013-05-11 10:50 - 00000688 _____ () C:\Windows\wiso.ini
2014-08-07 13:22 - 2013-05-11 10:45 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 12:54 - 2012-08-18 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-03 22:38 - 2012-11-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-03 17:07 - 2014-07-10 19:42 - 00147525 _____ () C:\Users\bieni2\Downloads\~uTorrentPartFile_45282BA1.dat
2014-08-03 16:01 - 2012-08-19 20:04 - 00000000 ____D () C:\ANDREA
2014-08-03 08:56 - 2014-08-03 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 07:53 - 2013-05-07 11:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-01 01:41 - 2014-08-13 20:33 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:33 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
Some content of TEMP:
====================
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-27 21:44
==================== End Of Log ============================
--- --- --- Und diesmal auch das Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by bieni2 at 2014-08-29 12:09:29
Running from C:\Users\bieni2\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
ActiveState ActivePython 2.7.2.5 (32-bit) (HKLM-x32\...\{49351FE8-DB8F-4C56-9DA6-B2D6CE3F7BF8}) (Version: 2.7.5 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004106478.48.56.11741954 - Audible, Inc.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{59E75C53-7980-45AD-ADAA-733198B4BF7F}) (Version: 2.0.0 - Kovid Goyal)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version: - )
CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version: - )
CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
DisplayLink Core Software (HKLM\...\{97E1E152-139C-496B-8876-8884AA18DE73}) (Version: 7.4.53134.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{ACA8E43C-8EAC-4F5B-8ECA-705361F4E183}) (Version: 6.3.40662.0 - DisplayLink Corp.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version: - )
ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - )
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Ich sehe was ... die große Schatzsuche (HKLM-x32\...\{3170BDC4-4BF9-42AE-81BC-14D4F60569C0}) (Version: 1.00.0000 - )
ImageJ 1.47v (HKLM\...\ImageJ_is1) (Version: - NIH)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 3.3.0728 - KYOCERA Document Solutions Inc.)
LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version: - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - )
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.205.0 - Tracker Software Products Ltd)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Python 2.7 pycrypto-2.1.0 (HKCU\...\pycrypto-py2.7) (Version: - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Videoload (HKCU\...\76135659.wcps.t-online.de) (Version: - wcps.t-online.de)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinEdt (HKLM-x32\...\WinEdt) (Version: 5.3 - Aleksander Simonic (WinEdt Team))
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: - )
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-08-2014 20:03:13 Windows Update
15-08-2014 11:23:57 Installed DisplayLink Graphics
19-08-2014 18:23:58 Windows Update
23-08-2014 20:10:49 Windows Update
24-08-2014 19:50:58 Installed calibre
26-08-2014 12:39:23 Windows Update
27-08-2014 20:42:50 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {051DD7B2-D970-412F-BD2A-7E7D1742EAA9} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: {1D8C02A5-3E7B-4816-978F-28B6CA02A032} - System32\Tasks\{5505A6B5-5BCF-41DA-8A58-280D847A26D2} => C:\Terzio\Fantasy\Fantasy.exe
Task: {4218E9AE-08BD-4C98-A92F-2D0A1AEDBEFC} - System32\Tasks\{A70AB0CA-7E5E-459F-9F12-438D86760230} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {9210A6B3-915C-4A98-B3CD-E6C529E36CD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-25] (Adobe Systems Incorporated)
Task: {9AE072A8-C3D9-44BE-8171-9A83BDA4E5C8} - System32\Tasks\{38AAD464-4DDC-4FA7-8181-6DDE29AB2C88} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {9AEC74F9-AC5F-4D04-B2BF-7383E916BA9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: {A3AA101E-FCF2-4A10-ABDC-E07E162B1570} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {AC0EC1C2-2334-4A29-A699-9A31985586B5} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: {B7DE2F0E-E5B6-495A-B789-D3795A691202} - System32\Tasks\{F12E4BCB-1C92-467B-83A4-328D278EF4C1} => C:\Terzio\Fantasy\Fantasy.exe
Task: {C284D5B2-3150-4966-A44D-2B0E3CE36AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-04-11 11:57 - 2009-12-19 00:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-04-11 11:57 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-04-11 07:19 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-03-01 23:21 - 2014-03-01 23:21 - 00118784 _____ () C:\Windows\system32\mfc100ud.exe
2012-04-11 09:57 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-11 11:57 - 2012-03-27 23:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-04-11 11:57 - 2012-02-24 23:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:14 - 2014-08-14 14:14 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-04-11 10:39 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-11 10:31 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-14 13:54 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\bieni2\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-04-11 11:57 - 2009-12-19 00:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-04-11 11:57 - 2009-12-19 00:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-08-03 08:55 - 2014-08-03 08:56 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-12 15:15 - 2014-06-12 15:15 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-12 15:15 - 2014-06-12 15:15 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-12 15:15 - 2014-06-12 15:15 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/29/2014 09:36:58 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/29/2014 08:19:39 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2014 09:35:55 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/28/2014 04:38:23 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/27/2014 09:07:25 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/26/2014 07:03:39 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/26/2014 02:32:56 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/26/2014 10:13:54 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (08/26/2014 10:11:08 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Avira.OE.WinCore.WinHandleUtil+NativeMethods.GetFullHandleName(IntPtr, System.Text.StringBuilder, Int32 ByRef)
at Avira.OE.WinCore.WinHandleUtil.GetFullHandleName(IntPtr)
at Avira.OE.WinCore.WcfAuthService.VerifyTokenEventName(IntPtr)
at Avira.OE.WinCore.WcfAuthService.AuthenticateChannel(System.ServiceModel.IClientChannel, Avira.OE.WinCore.WcfAuthToken)
at Avira.OE.WinCore.WcfServiceAuthInterceptor.AfterReceiveRequest(System.ServiceModel.Channels.Message ByRef, System.ServiceModel.IClientChannel, System.ServiceModel.InstanceContext)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.AfterReceiveRequestCore(System.ServiceModel.Dispatcher.MessageRpc ByRef)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
at System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
at System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
at System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
at System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
at System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
at System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
at System.Runtime.AsyncResult.Complete(Boolean)
at System.ServiceModel.Channels.FramingDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
at System.Runtime.AsyncResult.Complete(Boolean)
at System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
at System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
at System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
at System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
at System.Net.LazyAsyncResult.Complete(IntPtr)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
at System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.NegotiateStream.StartFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
at System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
at System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
at System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
at System.Runtime.AsyncResult.Complete(Boolean)
at System.ServiceModel.Channels.ConnectionStream+ReadAsyncResult.OnAsyncReadComplete(System.Object)
at System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
at System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
at System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (08/26/2014 10:08:46 AM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
System errors:
=============
Error: (08/29/2014 09:36:32 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (08/29/2014 08:33:48 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error: (08/29/2014 08:19:14 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (08/28/2014 09:35:12 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000004, 0x0000000000000258, 0xfffffa80036c6040, 0xfffff80000b9c3d0)C:\Windows\MEMORY.DMP082814-15693-01
Error: (08/28/2014 09:34:41 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (08/28/2014 06:14:40 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error: (08/28/2014 05:29:28 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error: (08/28/2014 04:55:39 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Error: (08/28/2014 04:36:26 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.
Error: (08/27/2014 09:24:51 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Boot" den Befehl "chkdsk" aus.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-13 10:18:02.891
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:18:02.860
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:18:00.795
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:18:00.754
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:58.689
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:58.658
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:56.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:56.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:54.462
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:54.431
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 55%
Total physical RAM: 3990.83 MB
Available physical RAM: 1777.46 MB
Total Pagefile: 7979.84 MB
Available Pagefile: 5405.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:56.19 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:15.58 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
29.08.2014, 11:24
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Adware/Junkware/Toolbars entfernen (alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen aus den Desktop!) 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware |
|
29.08.2014, 14:11
| #7 |
| | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Hallo, Ich habe alle Anweisungen befolgt. (Hoffentlich habe ich alles richtig ausgeührt.) Hier die neuen Logfiles: Adwcleaner Log Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 29/08/2014 um 14:38:11
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bieni2 - BIENI2-PC
# Gestartet von : C:\Users\bieni2\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : sdbinstd
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\{3F4E792C-B036-48AD-A869-4BF7470FDE56}
Ordner Gelöscht : C:\Windows\Installer\{C802D76A-9483-4903-8129-20307D946991}
Ordner Gelöscht : C:\Program Files\{9EBC74FB-C109-4424-AFA2-A6B66EA5C05E}
Datei Gelöscht : C:\Windows\System32\mfc100ud.exe
Datei Gelöscht : C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{B0972BC8-42DA-4561-A4EE-4D013E6C3E6D}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Download Protect]
Schlüssel Gelöscht : HKLM\SOFTWARE\Solvusoft
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\prefs.js ]
*************************
AdwCleaner[R0].txt - [4684 octets] - [06/07/2014 21:18:24]
AdwCleaner[R1].txt - [1060 octets] - [06/07/2014 21:54:09]
AdwCleaner[R2].txt - [1181 octets] - [06/07/2014 22:08:46]
AdwCleaner[R3].txt - [1301 octets] - [06/07/2014 22:14:03]
AdwCleaner[R4].txt - [1236 octets] - [09/07/2014 20:57:27]
AdwCleaner[R5].txt - [1356 octets] - [09/07/2014 22:16:42]
AdwCleaner[R6].txt - [2422 octets] - [29/08/2014 14:24:34]
AdwCleaner[R7].txt - [2541 octets] - [29/08/2014 14:36:03]
AdwCleaner[R8].txt - [2660 octets] - [29/08/2014 14:37:33]
AdwCleaner[S0].txt - [4572 octets] - [06/07/2014 21:19:15]
AdwCleaner[S1].txt - [1122 octets] - [06/07/2014 21:57:40]
AdwCleaner[S2].txt - [1243 octets] - [06/07/2014 22:09:34]
AdwCleaner[S3].txt - [1298 octets] - [09/07/2014 20:58:14]
AdwCleaner[S4].txt - [1418 octets] - [09/07/2014 22:21:11]
AdwCleaner[S5].txt - [322 octets] - [29/08/2014 14:26:50]
AdwCleaner[S6].txt - [322 octets] - [29/08/2014 14:37:04]
AdwCleaner[S7].txt - [2581 octets] - [29/08/2014 14:38:11]
########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [2641 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by bieni2 on 29.08.2014 at 14:54:07,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{2EAAC5A5-5F30-4389-A08B-8E776BCA21BB}
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{4B48EC32-CC73-4E49-834E-F4A5B2EBA36C}
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{74616613-6B4F-4C76-A546-6F1E0E0E8D2F}
Successfully deleted: [Empty Folder] C:\Users\bieni2\appdata\local\{A2858F14-956C-42DE-AE1C-614A9B17D150}
~~~ FireFox
Emptied folder: C:\Users\bieni2\AppData\Roaming\mozilla\firefox\profiles\29abvt0m.bieni\minidumps [33 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.08.2014 at 15:01:10,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by bieni2 (administrator) on BIENI2-PC on 29-08-2014 15:04:24
Running from C:\Users\bieni2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-18] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-3881695242-4162624402-3961098551-1000\...\Run: [uTorrent] => C:\Users\bieni2\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-02] (BitTorrent Inc.)
BootExecute: autocheck autochk /k:C *
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 80.69.100.214 80.69.100.110
FireFox:
========
FF ProfilePath: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de?hl=de&gl=de
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\bieni2\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-06-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9306928 2013-12-13] (DisplayLink Corp.)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 DisplayLinkUsbIo_x64; C:\Windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.4.53134.0.sys [46384 2014-01-09] ()
R3 dlusbaudio; C:\Windows\System32\DRIVERS\dlusbaudio_x64.sys [202128 2013-12-13] (DisplayLink Corp.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.3.40660.0.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 15:04 - 2014-08-29 15:04 - 00016851 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-29 15:03 - 2014-08-29 15:03 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-29 15:01 - 2014-08-29 15:01 - 00001187 _____ () C:\Users\bieni2\Desktop\JRT.txt
2014-08-29 14:54 - 2014-08-29 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 14:48 - 2014-08-29 14:48 - 00002725 _____ () C:\Users\bieni2\Desktop\AdwCleaner[S7].txt
2014-08-29 14:23 - 2014-08-29 14:23 - 01364531 _____ () C:\Users\bieni2\Desktop\adwcleaner_3.308.exe
2014-08-29 14:23 - 2014-08-29 14:23 - 01016261 _____ (Thisisu) C:\Users\bieni2\Desktop\JRT.exe
2014-08-29 14:21 - 2014-08-29 14:21 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-29 14:21 - 2014-08-29 14:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 12:09 - 2014-08-29 12:09 - 00066968 _____ () C:\Users\bieni2\Desktop\Addition_20140828.txt
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:34 - 2014-08-28 21:35 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM_20140828.txt
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer_20140828.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:50 - 2014-08-29 12:09 - 00043247 _____ () C:\Users\bieni2\Desktop\FRST_20140828.txt
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST6420140828.exe
2014-08-27 21:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-23 22:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 22:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 22:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 22:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 22:11 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 22:11 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 22:11 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 22:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 22:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-13 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 22:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 20:33 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 20:33 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 20:33 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 20:33 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 20:33 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 20:33 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 20:33 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 20:33 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 20:33 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 20:33 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 20:33 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 20:33 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 20:33 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 20:33 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 20:33 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 20:33 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 20:33 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 20:33 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 20:33 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 20:33 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 20:33 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 20:33 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 20:33 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 20:33 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 20:33 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 20:33 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 20:33 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 20:33 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 20:33 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 20:33 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 20:33 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 20:33 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 20:33 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 20:33 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 20:33 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 20:33 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 20:33 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 20:33 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 20:33 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 20:33 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 20:33 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 20:33 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 20:33 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 20:33 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 20:32 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 20:32 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:19 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 20:19 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-09 20:19 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-09 20:18 - 2014-08-09 20:19 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-03 08:55 - 2014-08-03 08:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-29 15:04 - 2014-08-29 15:04 - 00016851 _____ () C:\Users\bieni2\Desktop\FRST.txt
2014-08-29 15:04 - 2014-07-06 21:33 - 00000000 ____D () C:\FRST
2014-08-29 15:03 - 2014-08-29 15:03 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST64.exe
2014-08-29 15:01 - 2014-08-29 15:01 - 00001187 _____ () C:\Users\bieni2\Desktop\JRT.txt
2014-08-29 14:54 - 2014-08-29 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-29 14:49 - 2012-08-18 19:35 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\uTorrent
2014-08-29 14:49 - 2012-06-25 15:12 - 00000000 ____D () C:\Users\bieni2\Documents\Youcam
2014-08-29 14:49 - 2009-07-14 06:51 - 00277815 _____ () C:\Windows\setupact.log
2014-08-29 14:48 - 2014-08-29 14:48 - 00002725 _____ () C:\Users\bieni2\Desktop\AdwCleaner[S7].txt
2014-08-29 14:48 - 2013-06-07 20:37 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-29 14:48 - 2013-06-03 17:36 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-29 14:48 - 2012-06-25 15:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-29 14:48 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-29 14:48 - 2009-07-14 06:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-29 14:45 - 2012-06-25 15:02 - 01942209 _____ () C:\Windows\WindowsUpdate.log
2014-08-29 14:40 - 2010-11-21 05:47 - 00119810 _____ () C:\Windows\PFRO.log
2014-08-29 14:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-29 14:38 - 2014-07-06 21:18 - 00000000 ____D () C:\AdwCleaner
2014-08-29 14:26 - 2012-06-25 15:04 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-29 14:23 - 2014-08-29 14:23 - 01364531 _____ () C:\Users\bieni2\Desktop\adwcleaner_3.308.exe
2014-08-29 14:23 - 2014-08-29 14:23 - 01016261 _____ (Thisisu) C:\Users\bieni2\Desktop\JRT.exe
2014-08-29 14:21 - 2014-08-29 14:21 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-29 14:21 - 2014-08-29 14:21 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 14:21 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-29 14:21 - 2012-11-14 22:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-29 14:21 - 2012-11-14 22:13 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-29 14:16 - 2012-08-18 11:36 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\vlc
2014-08-29 13:30 - 2012-08-28 07:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-29 12:09 - 2014-08-29 12:09 - 00066968 _____ () C:\Users\bieni2\Desktop\Addition_20140828.txt
2014-08-29 12:09 - 2014-08-28 20:50 - 00043247 _____ () C:\Users\bieni2\Desktop\FRST_20140828.txt
2014-08-29 09:32 - 2014-07-09 20:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 22:05 - 2014-08-28 22:05 - 00019593 _____ () C:\Users\bieni2\Desktop\antivir_log.zip
2014-08-28 21:35 - 2014-08-28 21:34 - 00718904 _____ () C:\Windows\Minidump\082814-15693-01.dmp
2014-08-28 21:34 - 2014-02-22 13:07 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 21:34 - 2014-02-22 13:06 - 756738886 _____ () C:\Windows\MEMORY.DMP
2014-08-28 21:23 - 2014-08-28 21:23 - 00003279 _____ () C:\Users\bieni2\Desktop\MBAM_20140828.txt
2014-08-28 21:07 - 2014-08-28 21:07 - 00003224 _____ () C:\Users\bieni2\Desktop\gmer_20140828.txt
2014-08-28 20:52 - 2014-08-28 20:52 - 00380416 _____ () C:\Users\bieni2\Desktop\Gmer-19357.exe
2014-08-28 20:49 - 2014-08-28 20:49 - 02103296 _____ (Farbar) C:\Users\bieni2\Desktop\FRST6420140828.exe
2014-08-28 16:38 - 2009-07-14 06:45 - 00555424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:08 - 2014-03-26 16:52 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-25 21:04 - 2012-08-28 07:50 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-25 21:04 - 2012-08-18 21:05 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-25 21:04 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-24 22:29 - 2012-09-03 22:20 - 00000000 ____D () C:\Users\bieni2\Documents\Calibre Bibliothek
2014-08-24 22:13 - 2011-05-16 16:04 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 22:13 - 2011-05-16 16:04 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 22:13 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 22:08 - 2012-08-20 21:44 - 00000000 ____D () C:\Users\bieni2\Downloads\ebooks
2014-08-24 22:07 - 2014-08-24 22:07 - 00349928 _____ () C:\Users\bieni2\Downloads\LPP-EightDates.epub
2014-08-24 21:52 - 2012-09-03 22:19 - 00000964 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-08-24 21:52 - 2012-09-03 22:19 - 00000000 ____D () C:\Program Files (x86)\Calibre2
2014-08-24 21:19 - 2013-01-02 19:59 - 00000000 ___RD () C:\Users\bieni2\Google Drive
2014-08-24 18:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-24 08:51 - 2014-08-24 08:51 - 00000000 ____D () C:\Users\bieni2\AppData\Roaming\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00001092 _____ () C:\Users\Public\Desktop\MuseScore.lnk
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Users\bieni2\AppData\Local\MusE
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuseScore
2014-08-24 08:50 - 2014-08-24 08:50 - 00000000 ____D () C:\Program Files (x86)\MuseScore
2014-08-23 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 04:07 - 2014-08-27 21:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 21:53 - 2014-04-09 13:44 - 00000000 ____D () C:\Users\bieni2\Downloads\Filme
2014-08-20 21:34 - 2011-07-18 22:56 - 00000000 ____D () C:\Windows\nl
2014-08-19 20:27 - 2013-01-02 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-16 20:34 - 2014-08-16 20:34 - 00000000 ____D () C:\Users\bieni2\Downloads\Season1
2014-08-16 20:22 - 2014-08-16 20:22 - 00000000 ____D () C:\Users\bieni2\Downloads\Season 1
2014-08-15 13:24 - 2014-08-15 13:24 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2014-08-15 13:22 - 2014-08-15 13:22 - 03441528 _____ (Solvusoft Corporation ) C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe
2014-08-14 13:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:16 - 2012-08-24 09:24 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 22:11 - 2013-09-01 21:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:08 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 21:14 - 2013-09-11 17:05 - 00001074 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002433 _____ () C:\Users\bieni2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Videoload.lnk
2014-08-09 20:32 - 2014-08-09 20:32 - 00002403 _____ () C:\Users\bieni2\Desktop\Videoload.lnk
2014-08-09 20:21 - 2013-10-18 22:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 20:19 - 2014-08-09 20:18 - 00004286 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-09 20:19 - 2013-08-05 22:07 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 13:22 - 2014-02-04 14:36 - 00000000 ____D () C:\Program Files (x86)\Steuer 2013
2014-08-07 13:22 - 2013-05-11 10:50 - 00000688 _____ () C:\Windows\wiso.ini
2014-08-07 13:22 - 2013-05-11 10:45 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-08-05 15:55 - 2014-08-05 15:55 - 00280632 _____ () C:\Windows\Minidump\080514-17284-01.dmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 12:54 - 2012-11-16 17:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-04 12:54 - 2012-08-18 12:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-03 22:38 - 2012-11-16 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-03 16:01 - 2012-08-19 20:04 - 00000000 ____D () C:\ANDREA
2014-08-03 08:56 - 2014-08-03 08:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-03 07:53 - 2013-05-07 11:59 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-01 01:41 - 2014-08-13 20:33 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 20:33 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
Some content of TEMP:
====================
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-27 21:44
==================== End Of Log ============================
mit dem aktuellen Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by bieni2 at 2014-08-29 15:05:14
Running from C:\Users\bieni2\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 2.5b (HKLM-x32\...\AC3Filter_is1) (Version: 2.5b - Alexander Vigovsky)
ActiveState ActivePython 2.7.2.5 (32-bit) (HKLM-x32\...\{49351FE8-DB8F-4C56-9DA6-B2D6CE3F7BF8}) (Version: 2.7.5 - ActiveState Software Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1210 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004106478.48.56.11741954 - Audible, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{59E75C53-7980-45AD-ADAA-733198B4BF7F}) (Version: 2.0.0 - Kovid Goyal)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version: - )
CD Audio Reader Filter (remove only) (HKLM-x32\...\CD Audio Reader Filter) (Version: - )
CodeStuff Starter (HKLM-x32\...\CodeStuff Starter) (Version: 5.6.2.9 - CodeStuff)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCoder Image Source (remove only) (HKLM-x32\...\DCoder Image Source) (Version: - )
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
DisplayLink Core Software (HKLM\...\{97E1E152-139C-496B-8876-8884AA18DE73}) (Version: 7.4.53134.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{ACA8E43C-8EAC-4F5B-8ECA-705361F4E183}) (Version: 6.3.40662.0 - DisplayLink Corp.)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
DScaler 5 Mpeg Decoders (HKLM-x32\...\DScaler 5 Mpeg Decoders_is1) (Version: - )
ffdshow v1.2.4453 [2012-05-21] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4453.0 - )
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Ich sehe was ... die große Schatzsuche (HKLM-x32\...\{3170BDC4-4BF9-42AE-81BC-14D4F60569C0}) (Version: 1.00.0000 - )
ImageJ 1.47v (HKLM\...\ImageJ_is1) (Version: - NIH)
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 3.3.0728 - KYOCERA Document Solutions Inc.)
LAV Filters 0.55.3 (HKLM-x32\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
MadVR (remove only) (HKLM-x32\...\MadVR) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version: - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - )
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.205.0 - Tracker Software Products Ltd)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.02.10270 - Sony Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Python 2.7 pycrypto-2.1.0 (HKCU\...\pycrypto-py2.7) (Version: - )
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartTools Office DDE-Fix (HKLM-x32\...\SmartTools PublishingOffice DDE-Fixv1.20) (Version: v1.20 - SmartTools Publishing)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Steuer 2012 (HKLM-x32\...\{01159E8A-44F7-4885-A7F9-872CE4D74063}) (Version: 20.00.8137 - Buhl Data Service GmbH)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Videoload (HKCU\...\76135659.wcps.t-online.de) (Version: - wcps.t-online.de)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinEdt (HKLM-x32\...\WinEdt) (Version: 5.3 - Aleksander Simonic (WinEdt Team))
Zoom Player (remove only) (HKLM-x32\...\ZoomPlayer) (Version: - )
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-08-2014 20:03:13 Windows Update
15-08-2014 11:23:57 Installed DisplayLink Graphics
19-08-2014 18:23:58 Windows Update
23-08-2014 20:10:49 Windows Update
24-08-2014 19:50:58 Installed calibre
26-08-2014 12:39:23 Windows Update
27-08-2014 20:42:50 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {051DD7B2-D970-412F-BD2A-7E7D1742EAA9} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: {1D8C02A5-3E7B-4816-978F-28B6CA02A032} - System32\Tasks\{5505A6B5-5BCF-41DA-8A58-280D847A26D2} => C:\Terzio\Fantasy\Fantasy.exe
Task: {4218E9AE-08BD-4C98-A92F-2D0A1AEDBEFC} - System32\Tasks\{A70AB0CA-7E5E-459F-9F12-438D86760230} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {9210A6B3-915C-4A98-B3CD-E6C529E36CD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-25] (Adobe Systems Incorporated)
Task: {9AE072A8-C3D9-44BE-8171-9A83BDA4E5C8} - System32\Tasks\{38AAD464-4DDC-4FA7-8181-6DDE29AB2C88} => C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [2014-05-16] (Microsoft Corporation)
Task: {9AEC74F9-AC5F-4D04-B2BF-7383E916BA9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: {A3AA101E-FCF2-4A10-ABDC-E07E162B1570} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {AC0EC1C2-2334-4A29-A699-9A31985586B5} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: {B7DE2F0E-E5B6-495A-B789-D3795A691202} - System32\Tasks\{F12E4BCB-1C92-467B-83A4-328D278EF4C1} => C:\Terzio\Fantasy\Fantasy.exe
Task: {C284D5B2-3150-4966-A44D-2B0E3CE36AC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{213019C2-1EC7-4C3D-8A55-BBC9CCCE228F}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{8304D29E-653A-47C1-9589-F1DD95817A55}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-04-11 11:57 - 2009-12-19 00:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-04-11 11:57 - 2011-10-13 23:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-04-11 07:19 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-04-11 09:57 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-04-11 11:57 - 2012-03-27 23:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-04-11 11:57 - 2010-01-13 02:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-04-11 11:57 - 2012-01-13 02:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-04-11 11:57 - 2012-02-24 23:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-07-14 16:49 - 2014-07-14 16:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-14 16:49 - 2014-07-14 16:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-14 14:14 - 2014-08-14 14:14 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-04-11 10:39 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-11 10:31 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-14 13:54 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\bieni2\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-04-11 11:57 - 2009-12-19 00:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-04-11 11:57 - 2009-12-19 00:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-13 10:18:02.891
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:18:02.860
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:18:00.795
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:18:00.754
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:58.689
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:58.658
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:56.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:56.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:54.462
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-05-13 10:17:54.431
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 43%
Total physical RAM: 3990.83 MB
Available physical RAM: 2242.18 MB
Total Pagefile: 7979.84 MB
Available Pagefile: 5957.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:56.5 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:15.58 GB) NTFS
Drive e: (PIPPI_D3) (CDROM) (Total:7.08 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
29.08.2014, 15:03
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.08.2014, 17:04
| #9 |
| | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Hallo Habe FRST laufen lassen mit dem eingefügten Text. Hier ist das Ergebnis (Fixlog.txt) Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by bieni2 at 2014-08-29 16:54:39 Run:3
Running from C:\Users\bieni2\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
FF SearchPlugin: C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Users\bieni2\AppData\Roaming\Mozilla\Firefox\Profiles\29abvt0m.bieni\searchplugins\thepiratebay-ssl.xml => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\bieni2\AppData\Local\Temp\avgnt.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\mdm_z4_ext_94502984_5468.dll => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.3-win32.exe => Moved successfully.
C:\Users\bieni2\AppData\Local\Temp\vlc-2.1.5-win32.exe => Moved successfully.
The system needed a reboot.
==== End of Fixlog ====
|
|
30.08.2014, 12:12
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.09.2014, 12:52
| #11 |
| | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware Hallo, Sorry, dass ich eine ganze Weile für die Ausführung der Scans benötigt habe. Komme jetzt endlich dazu. Hier das aktuelle MBAM Logfile: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 07.09.2014 Scan Time: 08:05:22 Logfile: mbam_20140907.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.09.07.01 Rootkit Database: v2014.08.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: bieni2 Scan Type: Threat Scan Result: Completed Objects Scanned: 340838 Time Elapsed: 16 min, 57 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=b53fc8c3934fef438939a639f657263a
# engine=20034
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-07 10:10:56
# local_time=2014-09-07 12:10:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 57002 64009242 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 54544 161714506 0 0
# scanned=438141
# found=6
# cleaned=0
# scan_time=11155
sh=95D1E596ACC1912879100C54027750C1772027C7 ft=1 fh=212faf0536ad9d68 vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\bieni2\AppData\Local\DownloadGuide\Offers\ResultsAlphaSetup.exe.vir"
sh=107FCBBD08C3CB01A6B817DF674851DC8EADB434 ft=1 fh=8875adce3e5b5647 vn="Variante von Win64/Agent.BL Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\mfc100ud.exe.vir"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\bieni2\Downloads\Lindy_USB_3.0_to_DisplayPort_Adapter_Treiber_Update_06-2014.exe"
sh=A013EFA23324355B48343CB1E9241E8C88AF4CD8 ft=1 fh=0327700b639d5c9c vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\bieni2\Downloads\Software\MKCAD6StudioDeutsch.exe"
sh=F1B26AFCE9959BE67A1FB8C912A4D71DCAB3383E ft=1 fh=47e2548a1805d6b0 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\bieni2\Downloads\Software\pcbeschleunigen_3117294b04e644fbbdb5af6079d2ef92_.exe"
sh=A9F6A3299D8E5A8B0F8F18915521C8B3E7C9F864 ft=1 fh=a874d3fc82897e2d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe"
blueinf |
|
10.09.2014, 13:29
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware TFC - Temp File Cleaner Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Firefox 31.0 add on Download Protect 2.2.5 lässt sich nicht entfernen - Malware |
| adware/lintrane.av, antivir, antivirus, beseitigung, bonjour, download protect 2.2.5 firefox, downloadprotect, entfernen, firefox, flash player, homepage, js/gfilter.ba, malware, mozilla, pup.optional.downloadprotect.a, registry, services.exe, software, svchost.exe, system, temp, tracker, windows |
Linear-Darstellung
