Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Amazon- spam mail. Bankdaten eingegeben.

Amazon- spam mail. Bankdaten eingegeben.


Plagegeister aller Art und deren Bekämpfung: Amazon- spam mail. Bankdaten eingegeben.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.06.2015, 11:25   #1
Gizmo01
 
Amazon- spam mail. Bankdaten eingegeben. - Beitrag

Amazon- spam mail. Bankdaten eingegeben.


Hallo, vor 3 Tagen hatte ich eine Mail von sicherheit@amazon.de. Da ich vor kurzem noch etwas von Amazon bestellt habe, dachte ich, dass die wirklich noch meine Dten brauchen.


Vorab schonmal die Mail:
Datum: 28.05.2015
Wichtige Kundenmitteilung
Referenznummer: #133-82169631-0158829
Sehr geehrter Kunde,

Ihr Nutzerkonto wurde vorsichtshalber fürs Erste deaktiviert.

Der Grund hierfür ist, dass Sie Ihre persönlichen Daten nicht bestätigt haben.

Dies sorgt in diesen Fall dafür, dass die hinterlegten Daten stets aktuell sind. Ein weiterer wichtiger Faktor hierbei ist: Ihre Sicherheit beim Einkaufsvorgang.

Kommen Sie dieser Aufforderung innerhalb 14 Tagen nicht nach, wird Ihr Nutzerkonto permanent deaktiviert. Da diese Prüfung manuell überprüft werden muss, wird eine Bearbeitungsgebühr in Höhe von 29,95€;; fällig.

Daher bitten wir Sie, über den unten ausgeführten Link den Abgleich Ihrer Daten durchzuführen. Hierbei entstehen keine Kosten oder Nachteile für sie.


Hierüber gelangen Sie zur Bestätigung:

> Jetzt zur Bestätigung (hier klicken)
Wir bitten Sie herzlichst die Unannehmlichkeiten zu entschuldigen.

Mit freundlichen Grüßen
Ihr Kundenservice-Team

Hörte sich für mich seriös an und ich gab alle meine Daten ein. Im letzten Schritt wurde dann nach der Kreditline meines Kontos gefragt. Dann habe ich erst verstanden, dass das eine Spam- mail ist. Leider hatte ich meine Bankdaten, Adresse, Name etc schon abgeschickt. Und auf den Link bin ich ja auch gegangen.

Ich habe sofort ein Virusscan bei Avira- ANtivirus durchgeführt. Mein online Banking habe ich sperren lassen und die Mitarbeiterin von der Bank meinte, ich soll mein Laptop erst von einem Fachmann bereinigen lassen, bevor ich mich noch irgendwo einlogge :/

Ich weiß nun echt nicht, wie ich vorgehen soll.

Über eine Antwort würde ich mich rießig freuen.

Liebe Grüße Gizmo
Geändert von Gizmo01 (01.06.2015 um 12:10 Uhr)

Alt 01.06.2015, 12:28   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Amazon- spam mail. Bankdaten eingegeben. - Standard

Amazon- spam mail. Bankdaten eingegeben.


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 01.06.2015, 20:59   #3
Gizmo01
 
Amazon- spam mail. Bankdaten eingegeben. - Standard

Amazon- spam mail. Bankdaten eingegeben.


FRST

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Gizem Bayraktar (administrator) on GIZEM on 01-06-2015 13:58:07
Running from C:\Users\Gizem Bayraktar\Downloads
Loaded Profiles: Gizem Bayraktar (Available Profiles: Gizem Bayraktar)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876304 2013-01-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10592256 2014-03-11] (Broadcom Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2014-03-11] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2015-01-23] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-01] (Avast Software s.r.o.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\dbeaa79f-2db3-40d1-84f3-304c05247666.exe [183232 2015-06-01] (AVAST Software)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\...\MountPoints2: {510c7b96-f9a9-11e4-be86-3065ec161505} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\...\MountPoints2: {8bb9aff0-1361-11e4-8250-24fd522158e9} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\...\MountPoints2: {a3d9b234-e4c4-11e3-be73-24fd522158e9} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\...\MountPoints2: {a3d9b23c-e4c4-11e3-be73-24fd522158e9} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\...\MountPoints2: {e3e98825-4aeb-11e4-be7c-24fd522158e9} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-11]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-01] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4171695393-1876299532-2725889785-1001 -> DefaultScope {4CC29CDD-CFFE-4430-B5DD-867A615D53B5} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140813&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-4171695393-1876299532-2725889785-1001 -> {4CC29CDD-CFFE-4430-B5DD-867A615D53B5} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE662D20140813&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-4171695393-1876299532-2725889785-1001 -> {61128174-3F4E-4631-81F6-430D6DA4010B} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-01] (Avast Software s.r.o.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-01] (Avast Software s.r.o.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Gizem Bayraktar\AppData\Roaming\Mozilla\Firefox\Profiles\y9wrkpy0.default
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B111DE662D20140813&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-01] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-01] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-03-04]
FF Extension: Avira Browser Safety - C:\Users\Gizem Bayraktar\AppData\Roaming\Mozilla\Firefox\Profiles\y9wrkpy0.default\Extensions\abs@avira.com [2015-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-01]

Chrome: 
=======
CHR Profile: C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Avira Browser Safety) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR Profile: C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Avira Browser Safety) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR Profile: C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-10]
CHR Extension: (Google Docs) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-10]
CHR Extension: (Google Drive) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-10]
CHR Extension: (YouTube) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-10]
CHR Extension: (Google Search) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-10]
CHR Extension: (Google Sheets) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-10]
CHR Extension: (Avira Browser Safety) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-10]
CHR Extension: (Bookmark Manager) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-10]
CHR Extension: (Gmail) - C:\Users\Gizem Bayraktar\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-07] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-06-01] (Avast Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2227992 2012-10-01] (Broadcom Corporation.)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2015-01-23] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-01-23] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [786136 2015-01-23] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2014-03-11] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6068736 2014-03-11] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-01] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-01] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-01] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [169240 2012-10-01] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-01-23] (BlueStack Systems)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2014-03-11] (Dritek System Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-06-01] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 13:55 - 2015-06-01 13:55 - 00029922 _____ () C:\Users\Gizem Bayraktar\Desktop\Addition.txt
2015-06-01 13:54 - 2015-06-01 13:54 - 00042364 _____ () C:\Users\Gizem Bayraktar\Desktop\FRST.txt.txt
2015-06-01 13:50 - 2015-06-01 13:54 - 00029922 _____ () C:\Users\Gizem Bayraktar\Downloads\Addition.txt
2015-06-01 13:49 - 2015-06-01 13:58 - 00022765 _____ () C:\Users\Gizem Bayraktar\Downloads\FRST.txt
2015-06-01 13:49 - 2015-06-01 13:58 - 00000000 ____D () C:\FRST
2015-06-01 13:48 - 2015-06-01 13:48 - 02108928 _____ (Farbar) C:\Users\Gizem Bayraktar\Downloads\FRST64.exe
2015-06-01 12:05 - 2015-06-01 12:05 - 00000000 ____D () C:\Users\Gizem Bayraktar\AppData\Roaming\AVAST Software
2015-06-01 12:03 - 2015-06-01 12:05 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2015-06-01 12:03 - 2015-06-01 12:05 - 00000000 ____D () C:\WINDOWS\system32\vbox
2015-06-01 12:03 - 2015-06-01 12:03 - 00001942 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-01 12:03 - 2015-06-01 12:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-01 12:02 - 2015-06-01 12:02 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-01 12:02 - 2015-06-01 12:02 - 00272248 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00065736 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-01 12:02 - 2015-06-01 12:02 - 00029168 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-01 12:02 - 2015-06-01 12:02 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-01 12:01 - 2015-06-01 12:01 - 00000000 ____D () C:\Program Files\AVAST Software
2015-06-01 12:00 - 2015-06-01 12:00 - 05481344 _____ (Avast Software s.r.o.) C:\Users\Gizem Bayraktar\Downloads\avast_free_antivirus_setup.exe
2015-06-01 12:00 - 2015-06-01 12:00 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-28 17:46 - 2015-05-28 17:46 - 00237568 _____ (Big Fish Games) C:\Users\Gizem Bayraktar\Downloads\restaurant-rush_s2_l2_gF2615T1L2_d2471863834.exe
2015-05-28 16:06 - 2015-05-28 16:06 - 00004096 _____ () C:\WINDOWS\d3dx.dat
2015-05-28 16:06 - 2015-05-28 16:06 - 00000000 ____D () C:\Users\Public\SallysSalon
2015-05-28 16:03 - 2015-05-28 16:03 - 00000000 ____D () C:\Users\Gizem Bayraktar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sally's Salon
2015-05-28 16:03 - 2015-05-28 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sally's Salon
2015-05-28 16:03 - 2015-05-28 16:03 - 00000000 ____D () C:\Program Files (x86)\Sally's Salon
2015-05-28 16:02 - 2015-05-28 17:46 - 00000000 ____D () C:\BigFishCache
2015-05-28 16:02 - 2015-05-28 16:02 - 00001907 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2015-05-28 16:02 - 2015-05-28 16:02 - 00001248 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weitere fantastische Spiele.lnk
2015-05-28 16:02 - 2015-05-28 16:02 - 00000000 ____D () C:\Users\Gizem Bayraktar\AppData\Local\Big Fish
2015-05-28 16:02 - 2015-05-28 16:02 - 00000000 ____D () C:\ProgramData\Big Fish
2015-05-28 16:02 - 2015-05-28 16:02 - 00000000 ____D () C:\Program Files (x86)\bfgclient
2015-05-25 17:18 - 2015-05-25 17:21 - 00019397 _____ () C:\Users\Gizem Bayraktar\Downloads\Teammanagement.odt
2015-05-23 14:18 - 2015-05-23 14:18 - 00000340 _____ () C:\Users\Gizem Bayraktar\Downloads\trainex.ics
2015-05-23 14:18 - 2015-05-23 14:18 - 00000340 _____ () C:\Users\Gizem Bayraktar\Downloads\trainex (1).ics
2015-05-19 21:07 - 2015-05-19 21:07 - 00012241 _____ () C:\Users\Gizem Bayraktar\Downloads\Unbenannt 1.odt
2015-05-15 10:13 - 2015-05-15 10:13 - 01585984 _____ () C:\Users\Gizem Bayraktar\Downloads\HTSMSGBK_20150515 (1).hbk
2015-05-15 10:12 - 2015-05-15 10:12 - 01585984 _____ () C:\Users\Gizem Bayraktar\Downloads\HTSMSGBK_20150515.hbk
2015-05-14 20:10 - 2015-05-28 15:53 - 00000000 ____D () C:\Users\Gizem Bayraktar\Desktop\handy
2015-05-14 19:40 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-14 19:40 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-14 19:40 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-14 19:40 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-14 19:40 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-14 19:40 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-14 19:40 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-14 19:40 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-14 19:40 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-14 19:39 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-14 19:39 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-14 19:39 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-14 19:39 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-14 19:39 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-14 19:39 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-14 19:38 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-14 19:38 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-14 19:38 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-14 19:38 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-14 19:38 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-14 19:38 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-14 19:38 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-14 19:38 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-14 19:38 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-14 19:38 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-14 19:38 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-14 19:38 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-14 19:38 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-14 19:38 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 21:52 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:52 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:26 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 21:26 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 21:26 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 21:26 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 21:26 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 21:26 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 21:25 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 21:25 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 21:25 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 21:25 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 21:25 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 21:25 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 21:25 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 21:25 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 21:25 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 21:25 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 21:25 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 21:25 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 21:25 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 21:25 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 21:25 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 21:25 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 21:25 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 21:25 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 21:25 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 21:25 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 21:25 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 21:25 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 21:25 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 21:25 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 21:25 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 21:25 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 21:25 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 21:25 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 21:25 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 21:25 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 21:25 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 21:25 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 21:25 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 21:25 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 21:25 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 21:25 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 21:25 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 21:25 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 21:25 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 21:25 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 21:25 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 21:25 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 21:25 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 21:25 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 14:09 - 2015-04-09 14:37 - 00017435 _____ () C:\Users\Gizem Bayraktar\Documents\Buchfuehrung_und_Finanzierung_Aufgabe_14_bis_27%20(3).xls_0.ods
2015-05-12 14:07 - 2015-05-12 14:07 - 03064670 _____ () C:\Users\Gizem Bayraktar\Downloads\Gesamte Präsentation (1).pptx
2015-05-12 14:06 - 2015-05-12 14:06 - 03064670 _____ () C:\Users\Gizem Bayraktar\Downloads\Gesamte Präsentation.pptx
2015-05-07 10:50 - 2015-05-07 10:50 - 00002016 _____ () C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-05-07 10:50 - 2015-05-07 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 13:48 - 2014-07-24 20:48 - 02036351 _____ () C:\WINDOWS\WindowsUpdate.log
2015-06-01 13:37 - 2015-03-10 21:26 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-01 13:05 - 2014-05-26 17:53 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-01 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-06-01 12:30 - 2015-04-03 12:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-06-01 12:26 - 2014-05-26 17:53 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-01 10:44 - 2014-07-28 23:49 - 00003958 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1C02FAD6-A074-4D13-B6E0-BCE52387AC0B}
2015-06-01 10:41 - 2015-03-10 21:26 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-31 21:17 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-30 14:43 - 2014-05-26 13:57 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4171695393-1876299532-2725889785-1001
2015-05-28 22:06 - 2013-03-07 01:23 - 00000000 ____D () C:\ProgramData\Temp
2015-05-28 17:51 - 2014-05-26 18:43 - 00280064 ___SH () C:\Users\Gizem Bayraktar\Downloads\Thumbs.db
2015-05-28 16:03 - 2013-03-07 00:59 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-28 12:51 - 2014-10-04 12:09 - 00000000 ____D () C:\Users\Gizem Bayraktar\Desktop\FHM Bielefeld
2015-05-28 12:18 - 2014-06-24 18:43 - 01452032 ___SH () C:\Users\Gizem Bayraktar\Desktop\Thumbs.db
2015-05-27 12:06 - 2014-08-26 19:59 - 00000000 ____D () C:\Users\Gizem Bayraktar\Desktop\Originals
2015-05-25 18:39 - 2015-03-10 21:28 - 00002159 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-22 20:57 - 2013-08-22 16:46 - 00410452 _____ () C:\WINDOWS\setupact.log
2015-05-21 23:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-21 22:19 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-21 22:18 - 2015-04-05 14:46 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-21 22:18 - 2015-04-05 14:46 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-20 23:37 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-20 23:37 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-20 23:37 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-19 01:32 - 2015-03-10 21:26 - 00004102 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 01:32 - 2015-03-10 21:26 - 00003866 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 16:35 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-15 16:34 - 2014-07-24 20:21 - 00053284 _____ () C:\WINDOWS\system32\wpbbin.exe
2015-05-15 16:34 - 2014-03-18 03:50 - 00408782 _____ () C:\WINDOWS\PFRO.log
2015-05-15 16:34 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-15 10:23 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-15 10:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-15 10:21 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-14 19:58 - 2014-05-28 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-14 19:54 - 2014-05-28 12:39 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 21:48 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 21:10 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-05-07 10:48 - 2014-11-13 21:29 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-05-07 10:48 - 2014-11-13 21:29 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-05-05 19:59 - 2015-04-26 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-04-26 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-03-11 11:06 - 2014-03-11 11:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Gizem Bayraktar\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-31 22:57

==================== End of log ============================
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Gizem Bayraktar at 2015-06-01 13:50:09
Running from C:\Users\Gizem Bayraktar\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4171695393-1876299532-2725889785-500 - Administrator - Disabled)
Gast (S-1-5-21-4171695393-1876299532-2725889785-501 - Limited - Disabled)
Gizem Bayraktar (S-1-5-21-4171695393-1876299532-2725889785-1001 - Administrator - Enabled) => C:\Users\Gizem Bayraktar
HomeGroupUser$ (S-1-5-21-4171695393-1876299532-2725889785-1005 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{81C6F800-A69B-4E70-9DC0-74732F8B00E7}) (Version: 1.00.3015 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.8.4406 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{02F2570F-4B20-43B5-A3DD-082AF5C0E6DC}) (Version: 0.9.8.4406 - BlueStack Systems, Inc.)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.104 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3729_45993 - CyberLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
ETDWare PS/2-X64 11.6.19.204_WHQL (HKLM\...\Elantech) (Version: 11.6.19.204 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.12 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3007 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Sally's Salon (HKLM-x32\...\BFG-Sally's Salon) (Version:  - )
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5100 - Broadcom Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4171695393-1876299532-2725889785-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

13-05-2015 21:47:28 Windows Update
21-05-2015 22:16:43 Windows Update
31-05-2015 22:55:08 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06378D08-5E79-4396-8F4C-581A3576B09D} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2013-02-09] ()
Task: {2EA96649-A352-4D67-9AE7-25CC8E9433CB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {40DFD36B-9346-4FEB-8123-BBFF8DFF019A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10] (Google Inc.)
Task: {48C85B79-6DF2-46C6-B88F-456AB4200065} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {54062C65-F0C3-44FF-86D3-6A219C321E7B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {6BB6C861-50CD-4C04-B5C3-C6ADCB06AAF3} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-01-22] ()
Task: {73D3DFED-4173-474F-AEFB-0B5C2A5B605B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-01] (Avast Software s.r.o.)
Task: {74F6E764-1DC1-4429-BF58-D688F46F0110} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2013-02-09] ()
Task: {8302FEE0-FCFF-4E8C-89EB-1E1290DEC119} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-01] (Adobe Systems Incorporated)
Task: {8DD989A5-F995-4616-BD6B-612BAC24DDD0} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2013-02-08] (CyberLink)
Task: {956AB48A-3AA1-44AB-AAF4-0CDD610461AC} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {9E36251C-BC78-42F1-9DCF-B1E284FB2873} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-10] (Google Inc.)
Task: {B9E82891-EA5D-40F3-BA67-E6AF69143924} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-14] (Microsoft Corporation)
Task: {C111C9BB-EC8A-46E0-A1BE-8EBC91344CE5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {EBF1080D-D8B8-4CB6-A0D5-D30039BA37F1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {EC5C03F9-C3C5-421A-A807-EAB93063DD3E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {FFE13C29-78C0-4049-962B-EF1D9E5986F5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-01-08 16:51 - 2013-01-08 16:51 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2013-02-09 00:24 - 2013-02-09 00:24 - 00025672 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2013-02-09 00:24 - 2013-02-09 00:24 - 00044616 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2014-03-11 11:03 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-06-01 12:02 - 2015-06-01 12:02 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-01 12:02 - 2015-06-01 12:02 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-01 12:02 - 2015-06-01 12:02 - 02951680 _____ () C:\Program Files\AVAST Software\Avast\defs\15060100\algo.dll
2015-06-01 12:02 - 2015-06-01 12:02 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-11 11:30 - 2013-02-20 23:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-05-25 18:39 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 18:39 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-25 18:39 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:B3942462

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4171695393-1876299532-2725889785-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gizem Bayraktar\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "Broadcom Wireless Manager UI"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3B6F1044-B52F-438D-A093-A5608BE4EC9F}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{646DD5EF-A46D-4352-AF9A-32ADD6C09782}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{03908D00-91DE-4C6B-A465-E31A75E301AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{0F3D548A-F5CB-4A0E-9EB2-BAD8DFAA6D3A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{F9DD5DDC-1CE9-42F6-84F0-7033E58E1C6A}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{81880FD9-0DE3-4DC3-9FED-47780BCEDBDB}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{64C7ACE6-DB50-4390-BA99-9F217F0FF83F}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{CA8A923D-66B5-4DAE-8E33-DB4D7C73DCAE}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{E93DCB83-471C-4F51-B81D-1A07D2B15BE1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{3590C2F7-3D60-4C60-B516-1472935500A5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{D8B60B4A-5E0D-4DDE-AD87-595CA2C057F2}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{C19663A5-C99C-41C0-BB0D-97CA690883EF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{63225D32-F4E4-4E88-990B-6B998E332740}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{9D133AE3-DEC1-4F26-AC31-9FE78CC03568}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{FE8BAB1C-E817-44A8-B66F-EDEA2D3ACA32}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{7462B048-E83F-4898-BA8D-0BD7812F9E9F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{01CB1BCD-B9AE-4AA4-BCB0-089870674438}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{6D655F68-CACB-48E8-A292-5737B8BB445B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{A4A756AF-B2AA-4B55-BA76-00C1389C73CF}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{09F54845-7D4B-4185-BAC6-1F8812E5822B}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{61805694-0081-4BA9-982C-816DC02AE79A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{40CC3BA2-59CB-486F-A897-6CD9436A4884}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8DFD6D44-1A2C-4FF0-A036-3AEA4A8A2F0B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8D4A4C4B-76BD-4AA5-B676-9183E636CA69}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{09C95509-00A4-46E9-9D87-FBA0357C907F}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{80117233-E5F2-4698-A6ED-B79AC1466AA3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7E924F28-1D84-4A50-BD3F-C5F01903450A}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{CE3467E7-FE82-4CDF-8E8B-ABA0EA854A58}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4659D62-816F-407E-B885-9451B6998696}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{597EDC11-FDC7-444A-A4D0-B9D75C561773}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{40A260D9-9397-489C-AB5C-BBD62B1565F3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{C8EA0D3C-7FC8-4FD0-83F3-2378D5271EC3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB module
Description: Bluetooth USB module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2015 11:30:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/31/2015 09:17:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/29/2015 09:57:12 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/28/2015 05:08:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040fb2
ID des fehlerhaften Prozesses: 0x538
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Vollständiger Name des fehlerhaften Pakets: bfgclient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bfgclient.exe5

Error: (05/28/2015 04:03:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040fb2
ID des fehlerhaften Prozesses: 0xd24
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Vollständiger Name des fehlerhaften Pakets: bfgclient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bfgclient.exe5

Error: (05/28/2015 04:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Name des fehlerhaften Moduls: bfgclient.exe, Version: 3.3.0.2, Zeitstempel: 0x53179a91
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002863ea
ID des fehlerhaften Prozesses: 0xe0c
Startzeit der fehlerhaften Anwendung: 0xbfgclient.exe0
Pfad der fehlerhaften Anwendung: bfgclient.exe1
Pfad des fehlerhaften Moduls: bfgclient.exe2
Berichtskennung: bfgclient.exe3
Vollständiger Name des fehlerhaften Pakets: bfgclient.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bfgclient.exe5

Error: (05/28/2015 11:54:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/27/2015 01:15:51 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/27/2015 01:15:51 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (05/27/2015 01:15:51 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.


System errors:
=============
Error: (06/01/2015 01:45:44 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/01/2015 01:45:14 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/31/2015 10:58:48 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/31/2015 10:58:18 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/30/2015 02:43:57 PM) (Source: DCOM) (EventID: 10000) (User: Gizem)
Description: C:\Windows\System32\skydrive.exe -Embedding5{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/30/2015 02:43:57 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/30/2015 02:43:39 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/30/2015 02:43:39 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/28/2015 10:02:32 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/28/2015 10:02:02 PM) (Source: DCOM) (EventID: 10010) (User: Gizem)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office:
=========================
Error: (06/01/2015 11:30:33 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/31/2015 09:17:14 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/29/2015 09:57:12 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/28/2015 05:08:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.3.9600.17736550f42c2c000000500040fb253801d0994f0bcfc5aaC:\Program Files (x86)\bfgclient\bfgclient.exeC:\WINDOWS\SYSTEM32\ntdll.dll55f427a8-054b-11e5-be87-3065ec161505

Error: (05/28/2015 04:03:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91ntdll.dll6.3.9600.17736550f42c2c000000500040fb2d2401d0994eff0af103C:\Program Files (x86)\bfgclient\bfgclient.exeC:\WINDOWS\SYSTEM32\ntdll.dll460ad4a1-0542-11e5-be87-3065ec161505

Error: (05/28/2015 04:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: bfgclient.exe3.3.0.253179a91bfgclient.exe3.3.0.253179a91c0000005002863eae0c01d0994efc980f0eC:\Program Files (x86)\bfgclient\bfgclient.exeC:\Program Files (x86)\bfgclient\bfgclient.exe411d9540-0542-11e5-be87-3065ec161505

Error: (05/28/2015 11:54:22 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/27/2015 01:15:51 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\WordAddIn2003.dll.Manifest4

Error: (05/27/2015 01:15:51 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\ExcelAddIn2003.dll.Manifest4

Error: (05/27/2015 01:15:51 PM) (Source: SideBySide) (EventID: 72) (User: )
Description: asmv2:clrClassInvocationurn:schemas-microsoft-com:asm.v1^entryPointC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.ManifestC:\Program Files (x86)\Acer\Office Addin 2003\PowerPointAddIn2003.dll.Manifest4


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 1017U @ 1.60GHz
Percentage of memory in use: 39%
Total physical RAM: 7987.6 MB
Available physical RAM: 4865.12 MB
Total Pagefile: 17715.6 MB
Available Pagefile: 12973.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:454.4 GB) (Free:391.7 GB) NTFS
Drive d: (DATA) (Fixed) (Total:454.84 GB) (Free:454.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 499A70BC)

Partition: GPT Partition Type.

==================== End of log ============================
Hey, ist das was ich da gepostet habe das richtige ?

Habe da nicht viel Ahnung von sorry )

Danke im Voraus
__________________
Alt 02.06.2015, 18:39   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Amazon- spam mail. Bankdaten eingegeben. - Standard

Amazon- spam mail. Bankdaten eingegeben.


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Amazon- spam mail. Bankdaten eingegeben.
adresse, amazon, antivirus, antwort, bankdaten, brauche, daten, email, klicke, klicken, kontodaten, kosten, laptop, link, mail, online, online banking, prüfung, schonmal, seriös, sicherheit, spam, spam-mail, sperre, sperren, virus, virusscan, wichtiger, wirklich


« DHL Fake Link geöffnet, ZIP extrahiert und .exe Datei geöffnet | Windows Live Mail startet nicht mehr nach Exe Passwort »


Ähnliche Themen: Amazon- spam mail. Bankdaten eingegeben.


  1. Fremdzugriff auf E-Mail, Amazon etc.
    Log-Analyse und Auswertung - 28.10.2015 (13)
  2. Phishing-Mail von amazon
    Plagegeister aller Art und deren Bekämpfung - 04.10.2014 (5)
  3. Phising Mail Link angeklickt - keine Daten eingegeben
    Plagegeister aller Art und deren Bekämpfung - 01.10.2014 (19)
  4. Amazon Spam von "info@amazon.de"
    Plagegeister aller Art und deren Bekämpfung - 01.07.2014 (14)
  5. Amazon Spam Mail geöffnet
    Plagegeister aller Art und deren Bekämpfung - 01.05.2014 (7)
  6. PayPal Phishing-Mail erhalten, auf Link geklickt und Passwort eingegeben
    Plagegeister aller Art und deren Bekämpfung - 12.04.2014 (9)
  7. Phishing Mail von Amazon geöffnet!!!
    Log-Analyse und Auswertung - 07.04.2014 (9)
  8. Amazon Pishing-Mail
    Plagegeister aller Art und deren Bekämpfung - 04.04.2014 (2)
  9. Phishing-Mail von Amazon geöffnet
    Plagegeister aller Art und deren Bekämpfung - 08.03.2014 (5)
  10. Malware/Spam durch Amazon.de
    Plagegeister aller Art und deren Bekämpfung - 08.03.2014 (11)
  11. Spam/Phishing-Mail von Amazon in Thunderbird angeklickt und in Firefox geöffnet
    Log-Analyse und Auswertung - 15.02.2014 (16)
  12. amazon.de Spam: Ihre Amazon.de Bestellung vom 05.11.13
    Diskussionsforum - 12.11.2013 (2)
  13. Falsche E-Mail von Amazon.de
    Plagegeister aller Art und deren Bekämpfung - 31.08.2013 (7)
  14. Battle.net Phishing Mail, Link geklickt, aber nichts eingegeben
    Plagegeister aller Art und deren Bekämpfung - 27.06.2013 (13)
  15. Amazon + E-mail account gehackt
    Log-Analyse und Auswertung - 26.02.2013 (13)
  16. spam-mail über mein web.de-account versendet, spam-mail auch im gesendet Ordner
    Log-Analyse und Auswertung - 16.11.2011 (3)
  17. Paypal Phishing Mail Geöffnet + PASSWORD eingegeben
    Überwachung, Datenschutz und Spam - 17.01.2011 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Amazon- spam mail. Bankdaten eingegeben. - Hallo, vor 3 Tagen hatte ich eine Mail von sicherheit@amazon.de . Da ich vor kurzem noch etwas von Amazon bestellt habe, dachte ich, dass die wirklich noch meine Dten brauchen. - Amazon- spam mail. Bankdaten eingegeben....
Archiv
Du betrachtest: Amazon- spam mail. Bankdaten eingegeben. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131