| BlueCoco | 19.08.2013 16:19 |
Hallo Matthias,
vielen Dank für die schnelle Hilfe.
Hier die Logdatei von MBAM : Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.08.19.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Teat :: 300V3A-S02-PC [Administrator]
19.08.2013 16:50:42
MBAM-log-2013-08-19 (17-12-09).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 295029
Laufzeit: 9 Minute(n), 13 Sekunde(n)
Infizierte Speicherprozesse: 2
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 1868 -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> 3764 -> Keine Aktion durchgeführt.
Infizierte Speichermodule: 1
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
Infizierte Registrierungsschlüssel: 3
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Daten: hxxp://search.babylon.com/?babsrc=HP_ss_sps&mntrId=1462DCA9718C7F94&affID=121563&tt=040713_ctrl&tsp=4938 -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Daten: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Keine Aktion durchgeführt.
Infizierte Dateiobjekte der Registrierung: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.BrowserDefender.A) -> Bösartig: (c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll) Gut: () -> Keine Aktion durchgeführt.
Infizierte Verzeichnisse: 8
C:\Users\Teat\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Roaming\OpenCandy\468AF146D5794BF9B46E6A4B39BCA524 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Roaming\OpenCandy\B0C3EA6C5026464898B22BAAB5AE9CF6 (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
Infizierte Dateien: 27
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Roaming\OpenCandy\468AF146D5794BF9B46E6A4B39BCA524\DeltaTB.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Local\Temp\951F.tmp (PUP.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Local\Temp\DA42D58E-BAB0-7891-8335-06C672542DCA\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Local\Temp\DA42D58E-BAB0-7891-8335-06C672542DCA\Latest\ccp.exe (PUP.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Local\Temp\DA42D58E-BAB0-7891-8335-06C672542DCA\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Local\Temp\DA42D58E-BAB0-7891-8335-06C672542DCA\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\dm (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\bprotector.js (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23 (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.
C:\Users\Teat\AppData\Roaming\OpenCandy\B0C3EA6C5026464898B22BAAB5AE9CF6\TuneUpUtilities2013-2200217_de-DE.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt.
(Ende)
Die FRST.txt Datei
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-08-2013
Ran by Teat (administrator) on 19-08-2013 17:13:51
Running from C:\Users\Teat\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\windows\SysWOW64\schtasks.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Spotify Ltd) C:\Users\Teat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10372368 2011-03-30] (Intel Corporation)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4526 2010-10-08] ()
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-16] (ELAN Microelectronics Corp.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Teat\AppData\Roaming\Spotify\Spotify.exe [4640768 2013-07-09] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Teat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-09] (Spotify Ltd)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-22] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [226920 2011-03-07] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll c:\windows\syswow64\nvinit.dll [2691536 2013-07-26] ()
Startup: C:\Users\Teat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?babsrc=HP_ss_sps&mntrId=1462DCA9718C7F94&affID=121563&tt=040713_ctrl&tsp=4938
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=1462DCA9718C7F94&affID=121563&tt=040713_ctrl&tsp=4938
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Teat\AppData\Roaming\Mozilla\Firefox\Profiles\5yc9omif.default
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=1462DCA9718C7F94&affID=121563&tt=040713_ctrl&tsp=4938
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Teat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Extension: No Name - C:\Users\Teat\AppData\Roaming\Mozilla\Firefox\Profiles\5yc9omif.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKCU\...\Firefox\Extensions: [{6C0D3E7F-0206-11E2-8271-B8AC6F996F26}] C:\Users\Teat\AppData\Local\{6C0D3E7F-0206-11E2-8271-B8AC6F996F26}\
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696 2013-07-26] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-27] (Safer Networking Ltd.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-30] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-29] (Windows (R) 2003 DDK 3790 provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2011-10-29] (Windows (R) 2003 DDK 3790 provider)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-19 17:13 - 2013-08-19 17:13 - 01575812 _____ (Farbar) C:\Users\Teat\Downloads\FRST64.exe
2013-08-19 17:13 - 2013-08-19 17:13 - 00000000 ____D C:\FRST
2013-08-19 16:31 - 2013-08-19 16:31 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-19 16:17 - 2013-08-19 16:22 - 00000000 ____D C:\Users\Teat\AppData\Roaming\Skype
2013-08-19 16:16 - 2013-08-19 16:16 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-19 16:16 - 2013-08-19 16:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-19 16:15 - 2013-08-19 16:15 - 01492848 _____ (Skype Technologies S.A.) C:\Users\Teat\Downloads\SkypeSetup.exe
2013-08-19 14:50 - 2013-08-19 14:50 - 00019241 _____ C:\Users\Teat\Desktop\Lebenslauf.odt
2013-08-19 13:49 - 2013-08-19 13:49 - 00000000 ____D C:\Users\Teat\AppData\Local\{96EF5025-6323-48F5-A991-53A7C86D2706}
2013-08-19 12:52 - 2013-08-19 15:50 - 00000000 ____D C:\Users\Teat\Desktop\Rahmen
2013-08-18 12:58 - 2013-08-18 12:58 - 00000000 _____ C:\windows\SysWOW64\sho2913.tmp
2013-08-17 23:09 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-08-17 23:09 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-08-17 23:09 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-08-17 23:09 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-08-17 23:09 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-08-17 23:09 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-08-17 23:09 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-08-17 23:09 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-08-17 23:09 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-08-17 23:09 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-08-17 23:09 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-08-17 23:09 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-08-17 23:09 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-08-17 23:09 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-17 22:53 - 2013-08-17 22:58 - 00000000 ____D C:\windows\system32\MRT
2013-08-17 22:50 - 2013-08-18 13:43 - 00000000 ____D C:\Users\Teat\Desktop\Marie&Berli17.08.13
2013-08-17 01:09 - 2013-08-17 01:09 - 00000000 ____D C:\windows\SysWOW64\searchplugins
2013-08-17 01:09 - 2013-08-17 01:09 - 00000000 ____D C:\windows\SysWOW64\Extensions
2013-08-17 00:58 - 2013-08-18 15:19 - 00000420 _____ C:\Users\Teat\Downloads\vegaspro12.0.670.exe
2013-08-16 18:10 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-08-16 18:10 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-08-16 18:10 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-08-16 18:10 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2013-08-16 18:10 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2013-08-16 18:10 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2013-08-16 18:10 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-08-16 18:10 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2013-08-16 18:10 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2013-08-16 18:10 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2013-08-16 18:10 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2013-08-16 18:10 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2013-08-16 18:10 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2013-08-16 18:10 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2013-08-16 18:09 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-08-16 18:09 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2013-08-16 17:50 - 2013-08-19 16:00 - 00000000 ____D C:\Users\Teat\Desktop\Friedo16.08.13
2013-08-07 09:35 - 2013-08-07 09:36 - 00000000 ____D C:\Users\Teat\AppData\Local\{E0223423-FBDC-49A1-BCE9-18162C78EB3E}
2013-08-06 16:56 - 2013-08-06 16:56 - 00000000 ____D C:\Users\Teat\AppData\Local\{0DFC9B74-6E9D-4EEA-8D61-E30F5DA09B8F}
2013-08-05 22:43 - 2013-08-05 22:43 - 00000000 ____D C:\Users\Teat\AppData\Local\{FC791A27-DC6D-464F-AE83-09C4EA1737E7}
2013-08-04 23:11 - 2013-08-04 23:11 - 00000000 ____D C:\Users\Teat\AppData\Local\{C24D2388-174C-424B-B79A-39B99AF44016}
2013-08-04 23:07 - 2013-08-04 23:43 - 00000000 ____D C:\Users\Teat\Desktop\Iphone
2013-08-02 11:55 - 2013-08-02 11:55 - 00000000 ____D C:\Users\Teat\AppData\Local\{3377E8CE-256D-41E6-B20F-DB1C94218F83}
2013-08-01 12:21 - 2013-08-01 12:21 - 00000000 ____D C:\Users\Teat\AppData\Local\{5F195449-B0AE-46F9-96B0-B2C60F870F27}
2013-07-31 14:14 - 2013-07-31 14:14 - 00000000 ____D C:\Users\Teat\AppData\Local\{018FFC4E-A8E8-4BE1-BCC9-3B58E87C9900}
2013-07-25 13:09 - 2013-08-18 13:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-25 13:09 - 2013-07-25 13:09 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\Users\Teat\AppData\Local\{5278A98D-800A-4EEB-91D7-724B67C35A76}
==================== One Month Modified Files and Folders =======
2013-08-19 17:13 - 2013-08-19 17:13 - 01575812 _____ (Farbar) C:\Users\Teat\Downloads\FRST64.exe
2013-08-19 17:13 - 2013-08-19 17:13 - 00000000 ____D C:\FRST
2013-08-19 17:03 - 2012-05-25 17:06 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-08-19 16:32 - 2013-07-09 11:03 - 00000000 ____D C:\Users\Teat\AppData\Roaming\Spotify
2013-08-19 16:31 - 2013-08-19 16:31 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-19 16:31 - 2012-12-02 06:03 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-19 16:22 - 2013-08-19 16:17 - 00000000 ____D C:\Users\Teat\AppData\Roaming\Skype
2013-08-19 16:19 - 2012-09-10 10:11 - 00000000 ____D C:\Users\Teat\AppData\Local\CrashDumps
2013-08-19 16:16 - 2013-08-19 16:16 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-19 16:16 - 2013-08-19 16:16 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-19 16:16 - 2011-12-06 01:48 - 00000000 ____D C:\ProgramData\Skype
2013-08-19 16:15 - 2013-08-19 16:15 - 01492848 _____ (Skype Technologies S.A.) C:\Users\Teat\Downloads\SkypeSetup.exe
2013-08-19 16:00 - 2013-08-16 17:50 - 00000000 ____D C:\Users\Teat\Desktop\Friedo16.08.13
2013-08-19 15:50 - 2013-08-19 12:52 - 00000000 ____D C:\Users\Teat\Desktop\Rahmen
2013-08-19 15:22 - 2011-07-13 19:46 - 02062140 _____ C:\windows\WindowsUpdate.log
2013-08-19 15:21 - 2011-07-13 05:12 - 00697542 _____ C:\windows\system32\perfh007.dat
2013-08-19 15:21 - 2011-07-13 05:12 - 00148548 _____ C:\windows\system32\perfc007.dat
2013-08-19 15:21 - 2009-07-14 07:13 - 01614924 _____ C:\windows\system32\PerfStringBackup.INI
2013-08-19 15:19 - 2009-07-14 06:51 - 00079157 _____ C:\windows\setupact.log
2013-08-19 14:50 - 2013-08-19 14:50 - 00019241 _____ C:\Users\Teat\Desktop\Lebenslauf.odt
2013-08-19 13:49 - 2013-08-19 13:49 - 00000000 ____D C:\Users\Teat\AppData\Local\{96EF5025-6323-48F5-A991-53A7C86D2706}
2013-08-18 15:19 - 2013-08-17 00:58 - 00000420 _____ C:\Users\Teat\Downloads\vegaspro12.0.670.exe
2013-08-18 13:43 - 2013-08-17 22:50 - 00000000 ____D C:\Users\Teat\Desktop\Marie&Berli17.08.13
2013-08-18 13:13 - 2013-07-25 13:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 13:13 - 2013-07-09 11:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-18 13:07 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-18 13:07 - 2009-07-14 06:45 - 00021200 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-18 12:59 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-08-18 12:58 - 2013-08-18 12:58 - 00000000 _____ C:\windows\SysWOW64\sho2913.tmp
2013-08-17 22:58 - 2013-08-17 22:53 - 00000000 ____D C:\windows\system32\MRT
2013-08-17 22:52 - 2012-12-14 23:54 - 78161360 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2013-08-17 22:52 - 2012-05-25 17:18 - 01592818 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-08-17 01:09 - 2013-08-17 01:09 - 00000000 ____D C:\windows\SysWOW64\searchplugins
2013-08-17 01:09 - 2013-08-17 01:09 - 00000000 ____D C:\windows\SysWOW64\Extensions
2013-08-16 18:19 - 2010-11-21 05:47 - 00449306 _____ C:\windows\PFRO.log
2013-08-16 17:45 - 2013-07-09 11:03 - 00000000 ____D C:\Users\Teat\AppData\Local\Spotify
2013-08-07 09:36 - 2013-08-07 09:35 - 00000000 ____D C:\Users\Teat\AppData\Local\{E0223423-FBDC-49A1-BCE9-18162C78EB3E}
2013-08-07 09:27 - 2013-07-09 13:20 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-08-06 16:56 - 2013-08-06 16:56 - 00000000 ____D C:\Users\Teat\AppData\Local\{0DFC9B74-6E9D-4EEA-8D61-E30F5DA09B8F}
2013-08-05 22:43 - 2013-08-05 22:43 - 00000000 ____D C:\Users\Teat\AppData\Local\{FC791A27-DC6D-464F-AE83-09C4EA1737E7}
2013-08-04 23:43 - 2013-08-04 23:07 - 00000000 ____D C:\Users\Teat\Desktop\Iphone
2013-08-04 23:11 - 2013-08-04 23:11 - 00000000 ____D C:\Users\Teat\AppData\Local\{C24D2388-174C-424B-B79A-39B99AF44016}
2013-08-02 11:55 - 2013-08-02 11:55 - 00000000 ____D C:\Users\Teat\AppData\Local\{3377E8CE-256D-41E6-B20F-DB1C94218F83}
2013-08-02 00:03 - 2013-04-30 05:19 - 00000000 ____D C:\Program Files (x86)\Sharepod
2013-08-01 22:27 - 2012-08-28 08:19 - 00000000 ____D C:\Users\Teat\AppData\Roaming\Dropbox
2013-08-01 12:57 - 2012-08-28 08:21 - 00000000 ___RD C:\Users\Teat\Dropbox
2013-08-01 12:21 - 2013-08-01 12:21 - 00000000 ____D C:\Users\Teat\AppData\Local\{5F195449-B0AE-46F9-96B0-B2C60F870F27}
2013-08-01 11:43 - 2009-07-14 07:08 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-07-31 14:14 - 2013-07-31 14:14 - 00000000 ____D C:\Users\Teat\AppData\Local\{018FFC4E-A8E8-4BE1-BCC9-3B58E87C9900}
2013-07-26 07:13 - 2013-08-17 23:09 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-17 23:09 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-17 23:09 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-17 23:09 - 19239424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 15405056 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 02647040 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-17 23:09 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-17 23:09 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-17 23:09 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-17 23:09 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 14329344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 02048512 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-17 23:09 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-17 23:09 - 13761024 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-17 23:09 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-17 23:09 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-17 23:09 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-17 23:09 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 13:10 - 2012-05-25 01:37 - 00000000 ____D C:\Users\Teat\AppData\Roaming\Mozilla
2013-07-25 13:09 - 2013-07-25 13:09 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-25 11:25 - 2013-08-16 18:10 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-16 18:10 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\Users\Teat\AppData\Local\{5278A98D-800A-4EEB-91D7-724B67C35A76}
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-28 19:03
==================== End Of Log ============================
--- --- ---
Die Addition.txt Datei : Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-08-2013
Ran by Teat at 2013-08-19 17:15:08
Running from C:\Users\Teat\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922)
„Windows Live Mail“ (x32 Version: 15.4.3502.0922)
„Windows Live Messenger“ (x32 Version: 15.4.3538.0513)
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922)
Abenteuer auf dem Reiterhof 6 (x32 Version: 1.00)
Adobe Common File Installer (x32 Version: 1.00.002)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Premiere Elements 4.0 (x32 Version: 4.0)
Adobe Premiere Elements 4.0 Templates (x32 Version: 4.0.0)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
Bonjour (Version: 3.0.0.10)
BrowserDefender (x32)
Build-a-lot (x32 Version: 2.2.0.82)
Chuzzle Deluxe (x32 Version: 2.2.0.82)
CyberLink Media Suite (x32 Version: 8.0.2227)
CyberLink Media+ Player10 (x32 Version: 10.0.1110.00)
CyberLink MediaShow (x32 Version: 5.0.1130a)
CyberLink Power2Go (x32 Version: 6.1.3802)
CyberLink PowerDirector (x32 Version: 8.0.3306)
CyberLink YouCam (x32 Version: 3.1.4013)
D3DX10 (x32 Version: 15.4.2368.0902)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82)
Easy Content Share (x32 Version: 1.0)
Easy Migration (x32 Version: 1.0)
EasyFileShare (x32 Version: 1.0.12)
Eco Mode (x32 Version: 1.0.0.11)
Facebook Video Calling 1.2.0.159 (x32 Version: 1.2.159)
Farm Frenzy (x32 Version: 2.2.0.82)
FormatFactory 3.0.1 (x32 Version: 3.0.1)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Foxit Reader (x32 Version: 5.4.5.124)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Insaniquarium Deluxe (x32 Version: 2.2.0.82)
Intel PROSet Wireless (x32)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Processor Graphics (x32 Version: 8.15.10.2622)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 1.1.0.0537)
Intel(R) PROSet/Wireless WiFi-Software (Version: 14.2.1000)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.5.1001)
Interactive Guide (x32 Version: 1.1)
iTunes (Version: 11.0.3.42)
John Deere Drive Green (x32 Version: 2.2.0.82)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Zoo Tycoon (x32)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT Redists (x32 Version: 1.0)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
Multimedia POP (x32 Version: 1.0)
NVIDIA Control Panel 267.54 (Version: 267.54)
NVIDIA Graphics Driver 267.54 (Version: 267.54)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA Optimus 1.0.21 (Version: 1.0.21)
NVIDIA Update Components (Version: 1.0.21)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Peggle (x32 Version: 2.2.0.82)
Penguins! (x32 Version: 2.2.0.82)
PhoneShare (x32 Version: 9.1.4)
Picasa 3 (x32 Version: 3.9)
Plants vs. Zombies (x32 Version: 2.2.0.82)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Golfer (x32 Version: 2.2.0.82)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
QuickTime (x32 Version: 7.73.80.64)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
RAR Password Recovery v1.1 RC17 (remove only) (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.44.421.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6400)
Samsung AnyWeb Print (x32 Version: 2.0.67.1)
Samsung Control Center (x32 Version: 1.0)
Samsung Printer Live Update (x32)
Samsung Recovery Solution 5 (x32 Version: 5.0.1.3)
Samsung Support Center 1.0 (x32 Version: 1.1.38)
Samsung Universal Print Driver (x32 Version: 2.02.05.00:27)
Samsung Universal Scan Driver (x32 Version: 1.2.5.0)
Samsung Update Plus (x32 Version: 3.0.0.17)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0)
Skype™ 6.7 (x32 Version: 6.7.102)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Spybot - Search & Destroy (x32 Version: 1.6.2)
The Sims 2 (x32)
TmNationsForever (x32)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.0.82.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update Installer for WildTangent Games App (x32)
User Guide (x32 Version: 1.0)
VoiceOver Kit (x32 Version: 1.42.128.0)
Ware PS/2-X64 10.0.7.2_WHQL (Version: 10.0.7.2)
WildTangent Games (x32 Version: 1.0.1.5)
WildTangent Games App (x32 Version: 4.0.10.5)
WildTangent ORB Game Console (x32)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Pošta (x32 Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Live 메일 (x32 Version: 15.4.3502.0922)
Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922)
Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922)
Windows Live 影像中心 (x32 Version: 15.4.3502.0922)
Windows Live 照片库 (x32 Version: 15.4.3502.0922)
Windows Live 程式集 (x32 Version: 15.4.3502.0922)
Windows Live 软件包 (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
WordCaptureX Pro (x32 Version: 4.0.0)
Zuma Deluxe (x32 Version: 2.2.0.95)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922)
Почта Windows Live (x32 Version: 15.4.3502.0922)
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922)
بريد Windows Live (x32 Version: 15.4.3502.0922)
معرض صور Windows Live (x32 Version: 15.4.3502.0922)
==================== Restore Points =========================
07-08-2013 07:33:15 Windows Update
16-08-2013 15:46:31 Windows Update
17-08-2013 19:53:02 Windows Update
19-08-2013 14:10:25 Removed Skype™ 6.7
19-08-2013 14:12:13 Removed Skype™ 6.7
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-12-09 22:46 - 00000098 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0AA331D1-AAD8-44C2-8A0F-B32ECEA29BFD} - System32\Tasks\{F05450D5-3C21-47BC-ADEF-E04BBF4B98FD} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {16C121A3-5305-494C-A2FB-10A2DE57502B} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1047438073-2370129650-4229702673-1004 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {1939C734-9A34-4778-B54C-CA3A803027A8} - System32\Tasks\{FC0E5AE1-9DA6-470B-A164-D219E79366CD} => E:\SCHLUMPF.EXE No File
Task: {197EE58A-C44E-431A-A63E-952F614518C5} - System32\Tasks\{C3855C49-E954-4FB5-A5B6-ACE1BCDF367B} => E:\SCHLUMPF.EXE No File
Task: {19A4C095-F7F6-4E2C-B8DE-7EB82028E865} - System32\Tasks\{94F612BB-0263-4EEB-80C5-58380E256EA2} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {1C6235CB-D5C2-4D62-908C-FEBD3482D202} - System32\Tasks\{DFA9EB3C-B90C-4EFE-A14D-13309543BD28} => E:\SCHLUMPF.EXE No File
Task: {1DDF86B4-9B31-402B-A33D-D9278FA297E6} - System32\Tasks\{9FE7315A-9BCF-4920-9E85-D5B333CB2C74} => E:\SCHLUMPF.EXE No File
Task: {20A05495-58C2-42DA-9A19-CFD1E6E4EBF8} - System32\Tasks\{38B041DC-55EF-4965-BC14-510F8E9F40F6} => E:\SCHLUMPF.EXE No File
Task: {2122751D-E1BF-453C-B7A2-C16EFEA69821} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Samsung Control Center\WifiManager.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {21BBABC2-F6AF-46BC-BB67-0326CCFA51EB} - System32\Tasks\{580AA018-CA91-4D24-9E58-729C3F5FCBDC} => E:\SCHLUMPF.EXE No File
Task: {237901A0-5DC1-46EF-8E25-6568583F9B5D} - System32\Tasks\{74E9D83E-7F50-4C73-9627-A222D3DE8733} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {2C5D10B0-E3C4-4B26-9849-65D132322218} - System32\Tasks\{BFAFAF2D-46F1-4884-8C8F-8942607ECD4D} => E:\SCHLUMPF.EXE No File
Task: {36A06CEB-D5FB-456B-8010-B7038A996F49} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {39B8F93C-2F19-4281-838B-67DDAA7D00D2} - System32\Tasks\{EE0E073B-3139-4247-A738-415CE15C22CB} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {3A52E552-0FE4-4877-9B14-EA993CBF0C45} - System32\Tasks\{AB75CFDA-5A23-4D83-BA4D-4DF517F11B6C} => E:\SCHLUMPF.EXE No File
Task: {3CFF65EB-E52B-4AF7-843F-7AC6ED3A2A35} - System32\Tasks\{FC58A6C3-32F4-4E69-AFB8-D830F2286B93} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {3D1B7540-404B-4F35-B12E-318048F44520} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-04-14] (CyberLink)
Task: {46EBED65-74BE-4CFA-872C-5CD446D21A20} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {4A9A3706-2E25-46DF-B1D7-AA7E2CB573EB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {4BEF6117-C510-431D-B0F6-9E9AD3A6B249} - System32\Tasks\{BD3D29CF-2784-4C1B-AA33-0EBA85641812} => E:\SCHLUMPF.EXE No File
Task: {4C7E2E7F-9111-4721-BFAB-F77B5A08525B} - System32\Tasks\{93F8CB8A-5B4F-4DBD-ADE8-414763CAAE96} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {568FC7A7-A14E-4A2C-8B5D-2B94EB342638} - System32\Tasks\{EDE50F3D-858C-4218-A2B2-FA96222CD499} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {56F6A758-2292-48EB-B06F-8EC8BE15DF03} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5DD1797C-B460-49C4-82E9-67B17E2709A5} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Samsung Control Center\MovieColorEnhancer.exe [2011-02-16] (Samsung Electronics Co., Ltd.)
Task: {5EDB9EAB-DDB3-44DA-B796-6F056F99BC82} - System32\Tasks\{AAB55CF9-7F55-4CCB-9BF8-86CFBA1436C4} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {620820C0-2538-49BD-9777-464E33372733} - System32\Tasks\{E353E732-B698-4BCC-B237-D19243D3C622} => E:\SCHLUMPF.EXE No File
Task: {623FD121-E82F-4B9A-90FB-4953E4EB344F} - System32\Tasks\{58078BDA-F021-4E56-82B1-BCA3E8820AD9} => E:\SCHLUMPF.EXE No File
Task: {6D2C5B84-85C0-4EB3-BC2A-49ECE20F77F3} - System32\Tasks\{6C120408-5B05-4DD0-8469-9FF06078356E} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {762561D4-BCB1-42FE-8AE4-3F2BD53F9135} - System32\Tasks\{DB28BD33-7764-40D5-9C9C-22B7CE08EB61} => E:\SCHLUMPF.EXE No File
Task: {76D3FAF0-701F-42BD-9483-7D623994601B} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Samsung Control Center\EBM\EasyBatteryMgr4.exe [2011-05-09] (SAMSUNG Electronics co., LTD.)
Task: {7795B4CB-B8BE-496D-BA8D-CA3E97A0A32C} - System32\Tasks\{B975FD51-CF28-4750-96FE-344B9CA5FDBF} => E:\SCHLUMPF.EXE No File
Task: {78DD2EC9-8604-4A81-A57F-777CDCC71C95} - System32\Tasks\{F47CFDA1-3B5C-4D22-AA44-076689DB0AFF} => E:\SCHLUMPF.EXE No File
Task: {7B78C312-4B85-4600-9922-40FCE980E902} - System32\Tasks\{500DC356-8416-4CCB-A107-529AC482C422} => E:\SCHLUMPF.EXE No File
Task: {87B69C26-4B8A-4173-8B7E-78C9BC845DC2} - System32\Tasks\{4E1F9BB1-83BE-4A65-8DAD-40D614337ADD} => E:\SCHLUMPF.EXE No File
Task: {93DD0A99-CBD6-4C98-9BF3-A1FBECFA9DB2} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Samsung Control Center\EasySpeedUpManager.exe [2011-04-14] (Samsung Electronics Co., Ltd.)
Task: {953DF574-FE37-4331-AD0D-34D54A664BE5} - System32\Tasks\{943174E7-3BF4-4A79-80C3-D1B315EB9C60} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {97D341B7-216C-4C8C-9814-BCF8181BB701} - System32\Tasks\{0E87E825-B066-4E59-AA7F-159EC116B1CA} => E:\SCHLUMPF.EXE No File
Task: {999DD50A-8D42-4AFC-BE1D-EDDCDF1CD266} - System32\Tasks\{5262C10C-0998-41A7-BC72-91DEDF03B63C} => C:\Program Files (x86)\Raptisoft\Hamsterball\hamsterball.exe No File
Task: {9CAE1B8E-8335-44C5-AAC7-D621942E02B7} - System32\Tasks\{5312055D-EBC7-476A-BD5E-F56799257A44} => E:\SCHLUMPF.EXE No File
Task: {9CC2300A-BADC-47CE-9211-C38D3B5F13AB} - System32\Tasks\{A15FC312-CBDD-4855-862F-67BE24F74489} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {9D10EF50-92F5-49F3-82C6-C5B2153F147B} - System32\Tasks\{4A4A7321-885F-4F3A-A33C-0CF1E4E794C7} => E:\SCHLUMPF.EXE No File
Task: {A0694AB8-4D9C-46AC-9192-AE78570D5851} - System32\Tasks\{2691DB35-B1D1-4692-B504-3FC2AEDF3FD7} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {A2437EC7-2DBB-4755-8D61-2EFD9F2DE511} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe No File
Task: {A86E433B-9D7A-45C4-BE4A-4F9383EC912A} - System32\Tasks\{18DB7183-22C2-4993-A2FC-C623CC15142C} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {A8C056AC-3527-4B7F-A831-6179145BA9C5} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Samsung Control Center\dmhkcore.exe [2011-06-15] (Samsung Electronics Co., Ltd.)
Task: {A9D50960-11F7-4AA0-B45E-608D2F7BF9D0} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Samsung Control Center\SmartSetting.exe [2011-06-04] (Samsung Electronics Co., Ltd.)
Task: {B02138C3-70B8-4082-A0E4-3AC6D2C0EF83} - System32\Tasks\{1D489B3B-B2F0-418E-A0A5-68BA940912FB} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {B0EDA193-5C7D-40ED-B4F9-0C6083CC5FF5} - System32\Tasks\{40564079-0F4C-4E34-AD9A-688DF4C0ECC6} => E:\SCHLUMPF.EXE No File
Task: {B6112678-63E2-48E9-8848-52496A29FB5A} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2011-03-29] (SEC)
Task: {B8B44370-BEAA-4F18-857E-E7A9606CAC0D} - System32\Tasks\{A94A8274-8501-42F1-B527-313D5FDAFC15} => E:\SCHLUMPF.EXE No File
Task: {BECBF78B-DE92-43EC-8C32-1F933190F259} - System32\Tasks\{5A03A6FB-6BB5-4802-AC32-9B868353A0E8} => E:\SCHLUMPF.EXE No File
Task: {C1712FB8-D194-4CD4-8FF8-200B71FE26FB} - System32\Tasks\{058CF25E-0797-4518-97B6-B93E12581D55} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {C5048A44-4E6B-4518-8789-D138E76C801E} - System32\Tasks\{725F90FC-65C1-47F9-907A-5BF1D29F3B77} => E:\SCHLUMPF.EXE No File
Task: {CDE0E59F-174B-45F4-98A2-E2FA9537663D} - System32\Tasks\{1FD619B3-FF26-43FD-9F54-A9A8141F9494} => E:\SCHLUMPF.EXE No File
Task: {CFC74297-653F-49F6-91B6-5FC72F4A0B15} - System32\Tasks\{FFEC2140-459B-4A76-A49A-7DB359C316B5} => E:\SCHLUMPF.EXE No File
Task: {DA68F099-C5DA-4D3A-9864-B058247FA4AC} - System32\Tasks\{25B5B689-89B4-448B-9283-D66887A551A1} => E:\SCHLUMPF.EXE No File
Task: {DBE65BD7-BAFE-4DA5-B88B-CF3DAE5590D8} - System32\Tasks\{43FBDB3D-9AEC-4AED-B8DA-C5849AA8E90B} => E:\SCHLUMPF.EXE No File
Task: {DD90CA34-EE93-4F76-BBE0-B065868AC21E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {E6B29E13-F9FC-4389-940D-27A2B5D6A70F} - System32\Tasks\{2A3B7CFD-C9CF-4182-B0A0-D74030852F52} => E:\SCHLUMPF.EXE No File
Task: {E845D9F8-EFB8-4EE9-ACF9-4E842E905483} - System32\Tasks\{136122B4-C4B0-45FB-B252-35BC97FC2963} => E:\SCHLUMPF.EXE No File
Task: {F503DDFD-E925-40D5-8FE6-B0BE3BA513C6} - System32\Tasks\{90E37814-9C05-4E4F-ADE7-EEDCEAC0A86E} => E:\SCHLUMPF.EXE No File
Task: {F8462C69-7273-4629-B9CA-3D72AC92A6EC} - System32\Tasks\EcoMode => C:\Program Files (x86)\Samsung\Eco Mode\SmartEco.exe [2011-06-06] (Samsung Electronics)
Task: {FF32FB66-8F55-48F3-92FE-D079648A8296} - System32\Tasks\{5DFFF7A1-08B5-4372-A0A6-4046689A3D4B} => C:\Users\Teat\Desktop\Schlumpf\SCHLUMPF.EXE No File
Task: {FFEFF6B7-B5A8-4DEC-ACAC-8CF8CBF0793F} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2013 04:17:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.7.0.102, Zeitstempel: 0x51f0d990
Name des fehlerhaften Moduls: nvdxgiwrap.dll, Version: 8.17.12.6754, Zeitstempel: 0x4d737266
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000285a
ID des fehlerhaften Prozesses: 0x1fb0
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (08/19/2013 04:08:38 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.7.0.102, Zeitstempel: 0x51f0d990
Name des fehlerhaften Moduls: nvdxgiwrap.dll, Version: 8.17.12.6754, Zeitstempel: 0x4d737266
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000285a
ID des fehlerhaften Prozesses: 0x1c64
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (08/19/2013 04:04:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Adobe Premiere Elements.exe, Version: 4.0.0.0, Zeitstempel: 0x46df9114
Name des fehlerhaften Moduls: nvdxgiwrap.dll, Version: 8.17.12.6754, Zeitstempel: 0x4d737266
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000285a
ID des fehlerhaften Prozesses: 0x838
Startzeit der fehlerhaften Anwendung: 0xAdobe Premiere Elements.exe0
Pfad der fehlerhaften Anwendung: Adobe Premiere Elements.exe1
Pfad des fehlerhaften Moduls: Adobe Premiere Elements.exe2
Berichtskennung: Adobe Premiere Elements.exe3
Error: (08/19/2013 03:41:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (08/19/2013 03:13:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1106593
Error: (08/19/2013 03:13:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1106593
Error: (08/19/2013 03:13:52 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/19/2013 02:55:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8159
Error: (08/19/2013 02:55:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8159
Error: (08/19/2013 02:55:34 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (08/19/2013 03:18:48 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR4 gefunden.
Error: (08/18/2013 02:54:31 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{23C185D8-A94E-41D8-A9DD-2E481FD1B30E} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (08/18/2013 01:07:37 PM) (Source: DCOM) (User: )
Description: {E9E0D51D-F407-4D91-B294-C111F721A3AF}
Error: (08/18/2013 01:07:07 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/18/2013 00:57:24 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (08/16/2013 06:40:19 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Media Player-Netzwerkfreigabedienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (08/16/2013 06:39:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/16/2013 06:06:04 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (08/07/2013 09:31:15 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/07/2013 09:31:11 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht.
Microsoft Office Sessions:
=========================
Error: (08/19/2013 04:17:12 PM) (Source: Application Error)(User: )
Description: Skype.exe6.7.0.10251f0d990nvdxgiwrap.dll8.17.12.67544d737266c00000050000285a1fb001ce9ce6c36deb0dC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll09de9b92-08da-11e3-a588-dca9718c7f98
Error: (08/19/2013 04:08:38 PM) (Source: Application Error)(User: )
Description: Skype.exe6.7.0.10251f0d990nvdxgiwrap.dll8.17.12.67544d737266c00000050000285a1c6401ce9ce5927a8e66C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dlld7867991-08d8-11e3-a588-dca9718c7f98
Error: (08/19/2013 04:04:31 PM) (Source: Application Error)(User: )
Description: Adobe Premiere Elements.exe4.0.0.046df9114nvdxgiwrap.dll8.17.12.67544d737266c00000050000285a83801ce9ce4da63d65aC:\Program Files (x86)\Adobe\Adobe Premiere Elements 4.0\Adobe Premiere Elements.exeC:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll447bf0e4-08d8-11e3-a588-dca9718c7f98
Error: (08/19/2013 03:41:57 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestD:\Bilder\SoftonicDownloader_fuer_foxit-pdf-reader.exe
Error: (08/19/2013 03:13:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1106593
Error: (08/19/2013 03:13:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1106593
Error: (08/19/2013 03:13:52 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/19/2013 02:55:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8159
Error: (08/19/2013 02:55:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8159
Error: (08/19/2013 02:55:34 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 4009.55 MB
Available physical RAM: 2107.56 MB
Total Pagefile: 8017.28 MB
Available Pagefile: 5046.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:110 GB) (Free:13.32 GB) NTFS
Drive d: () (Fixed) (Total:163.78 GB) (Free:119.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: CEA5D4BA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=164 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=24 GB) - (Type=27)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und: