Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   maleware problem (https://www.trojaner-board.de/148208-maleware-problem.html)

schrauber 27.01.2014 08:47
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

divix 27.01.2014 19:21
kann jetzt hier z.B. keine smilies oder was am text schrifft und farbe ändern, wo finde ich die einstellung?

schrauber 28.01.2014 15:11
in welchem Browser? Noscript aktiv?

divix 28.01.2014 20:03
firefox, ja noscript aktiv, musste eure hp freigeben :rolleyes:
dann denke ich wir sind damit erstmal durch, wenn noch was sein sollte, melde ich mich wieder,
bis dahin cu ( ich freu mich voll alles läuft wieder puhh dank dir :abklatsch: )

schrauber 29.01.2014 12:14
Gern Geschehen :)

divix 15.02.2014 09:29
mhh wieder etwas neues, oder immer noch was altes :schrei:

http://img5.fotos-hochladen.net/uplo...had2bixfjq.png


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by divix (administrator) on DIVIX-PC on 15-02-2014 09:26:52
Running from C:\Users\divix\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(AMD) C:\Windows\system32\atieclxx.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Google Inc.) C:\Users\divix\AppData\Local\Google\Update\GoogleUpdate.exe
(ICQ) C:\Users\divix\AppData\Roaming\ICQM\icq.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [621440 2009-09-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-11-27] (IDT, Inc.)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656 2009-10-27] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-22] (Google Inc.)
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\Run: [Google Update] - C:\Users\divix\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-18] (Google Inc.)
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\Run: [icq] - C:\Users\divix\AppData\Roaming\ICQM\icq.exe [27310440 2013-06-21] (ICQ)
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\MountPoints2: {26649006-778d-11e1-82d1-20cf30537901} - F:\AutoPlay.exe -auto
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\MountPoints2: {7bf17c05-4b35-11e0-bb61-20cf30537901} - G:\setup.exe -a
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\MountPoints2: {e55cf47b-75a7-11e1-87d9-20cf30537901} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\MountPoints2: {ebb4e9d7-7535-11e1-8229-20cf30537901} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2965242652-2433012516-4194544714-1000\...\MountPoints2: {ebb4ea5d-7535-11e1-8229-20cf30537901} - F:\setup_vmc_lite.exe /checkApplicationPresence
AppInit_DLLs: C:\PROGRA~3\INTERE~1\INTERE~2.DLL => C:\ProgramData\Interenet Optimizer\InterenetOptimizer_x64.dll [4516352 2013-12-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchab.com/?aff=7&uid=cc2459e5-6a23-11e2-9387-20cf30537901&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchab.com/?aff=7&uid=cc2459e5-6a23-11e2-9387-20cf30537901&q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT_de
BHO: ReegulArDeAlls - {9811164E-9F5C-EF2C-7BD2-4346A65CC664} - C:\ProgramData\ReegulArDeAlls\2.x64.dll No File
BHO: CohEapMe - {F6F474E1-F0D4-4F68-2D43-8A25397F1CFA} - C:\ProgramData\CohEapMe\h3T.x64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\divix\AppData\Roaming\Mozilla\Firefox\Profiles\r2hsj80b.default-1390653890126
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\divix\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\divix\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\divix\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\divix\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\divix\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\divix\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\divix\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\divix\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\divix\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\divix\AppData\Roaming\Mozilla\Firefox\Profiles\r2hsj80b.default-1390653890126\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-27]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-08-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-02]
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF Extension: Web Check - C:\Program Files (x86)\Web Check\WebCheck.xpi [2013-08-12]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\divix\AppData\Local\Google\Chrome\User Data\Default\Extensions\igokkodkajnaagigmfhkdckikbodmmna [2013-12-31]
CHR Extension: (CohEapMe) - C:\ProgramData\mcinojjhkcjgibcofpcpkjfkkchbkmgo [2013-12-31]
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx [2013-08-12]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 0c632643; C:\ProgramData\Interenet Optimizer\InterenetOptimizerSvc.dll [178512 2013-12-29] ()
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-03-26] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3993576 2011-11-17] (INCA Internet Co., Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe [243712 2009-11-27] (IDT, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-26] (DT Soft Ltd)
S4 Elxsbnes; No ImagePath
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [416768 2009-06-10] (Realtek Semiconductor Corporation                          )
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1799680 2009-08-12] ()
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 dump_wmimmc; \??\C:\Program Files (x86)\ShotOnline\GameGuard\dump_wmimmc.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 motccgp; system32\DRIVERS\motccgp.sys [X]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X]
S3 motmodem; system32\DRIVERS\motmodem.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X]
U3 tmlwf;
U3 tmwfp;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-15 09:26 - 2014-02-15 09:27 - 00019484 _____ () C:\Users\divix\Downloads\FRST.txt
2014-02-15 09:26 - 2014-02-15 09:26 - 00000000 ___DC () C:\FRST
2014-02-15 09:25 - 2014-02-15 09:25 - 02152960 _____ (Farbar) C:\Users\divix\Downloads\FRST64.exe
2014-02-14 21:50 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 21:50 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 21:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 21:49 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 21:49 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 21:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 21:49 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 21:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 21:49 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 21:49 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 21:49 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 21:49 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 21:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 21:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 21:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 21:49 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 21:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 21:49 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 21:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 21:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 21:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 21:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 21:49 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 21:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 21:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 21:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 21:49 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 21:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 21:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 21:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 21:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 21:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 21:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 21:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 21:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 21:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-14 21:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 21:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 21:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 21:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 21:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 19:53 - 2014-02-14 19:53 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-14 19:52 - 2014-02-14 19:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-14 19:52 - 2014-02-14 19:53 - 00000000 ____D () C:\Program Files\iTunes
2014-02-14 19:52 - 2014-02-14 19:53 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-14 19:52 - 2014-02-14 19:52 - 00000000 ____D () C:\Program Files\iPod
2014-02-14 19:44 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 19:44 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 19:44 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 19:44 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 19:44 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 19:44 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 19:44 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 19:44 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 19:44 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 19:44 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 19:44 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 19:44 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 19:44 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 19:44 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 19:44 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 19:44 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 19:44 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 19:44 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 19:43 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 19:43 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 19:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 19:43 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 19:43 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 19:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 19:43 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 19:43 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 19:43 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 19:43 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-08 22:11 - 2014-02-08 22:12 - 22462733 _____ () C:\Users\divix\Downloads\6th_nguoi_ban_do.exe
2014-02-06 21:33 - 2014-02-06 21:33 - 31008258 _____ () C:\Users\divix\Downloads\tp-rails.exe
2014-02-06 21:31 - 2014-02-06 21:32 - 25361850 _____ () C:\Users\divix\Downloads\laram_valley(1).exe
2014-02-06 21:31 - 2014-02-06 21:31 - 00000000 _____ () C:\Users\divix\Downloads\laram_valley.exe
2014-02-06 21:12 - 2014-02-06 21:12 - 09701909 _____ () C:\Users\divix\Downloads\[jpv]medicpatrolb3.exe
2014-02-06 21:06 - 2014-02-06 21:06 - 07499992 _____ () C:\Users\divix\Downloads\[vck]sunrisece.exe
2014-02-03 21:15 - 2014-02-03 21:16 - 08039581 _____ () C:\Users\divix\Downloads\(trx)halongbeach.exe
2014-02-01 23:46 - 2014-02-01 23:46 - 02739789 _____ () C:\Users\divix\Downloads\=sfx=combatarena.exe
2014-01-30 20:06 - 2014-01-30 20:06 - 08556599 _____ () C:\Users\divix\Downloads\peppers_ton-kin_canyon.exe
2014-01-27 19:10 - 2014-01-27 19:10 - 00000874 ____C () C:\DelFix.txt
2014-01-25 13:33 - 2014-01-25 13:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-23 21:41 - 2013-12-18 06:13 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-21 18:10 - 2014-01-21 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-01-21 17:38 - 2014-01-21 17:39 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\divix\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-20 17:03 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-20 17:03 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-20 17:03 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-20 17:03 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-20 17:03 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-20 17:03 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-20 17:03 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-20 17:02 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-20 17:02 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-19 13:59 - 2014-01-19 14:16 - 00000000 ____D () C:\Windows\erdnt
2014-01-19 11:42 - 2014-01-19 13:55 - 00000000 ____D () C:\Users\divix\Documents\Anti-Malware

==================== One Month Modified Files and Folders =======

2014-02-15 09:27 - 2014-02-15 09:26 - 00019484 _____ () C:\Users\divix\Downloads\FRST.txt
2014-02-15 09:26 - 2014-02-15 09:26 - 00000000 ___DC () C:\FRST
2014-02-15 09:25 - 2014-02-15 09:25 - 02152960 _____ (Farbar) C:\Users\divix\Downloads\FRST64.exe
2014-02-15 09:24 - 2012-09-13 19:54 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000UA.job
2014-02-15 09:24 - 2012-01-03 18:14 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000UA.job
2014-02-15 09:24 - 2011-01-21 15:40 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-15 09:22 - 2013-11-21 18:07 - 00001089 _____ () C:\Users\divix\Desktop\vietcong.exe - Verknüpfung.lnk
2014-02-15 09:06 - 2010-09-22 02:16 - 01849026 _____ () C:\Windows\WindowsUpdate.log
2014-02-15 09:04 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-15 09:04 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-15 09:00 - 2011-01-21 15:40 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 08:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-15 08:58 - 2013-10-11 11:05 - 00010696 _____ () C:\Windows\setupact.log
2014-02-14 21:59 - 2009-08-04 10:51 - 00654852 _____ () C:\Windows\system32\perfh007.dat
2014-02-14 21:59 - 2009-08-04 10:51 - 00130434 _____ () C:\Windows\system32\perfc007.dat
2014-02-14 21:59 - 2009-07-14 06:13 - 01522286 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-14 21:48 - 2013-04-17 09:56 - 00000000 ____D () C:\Users\divix\AppData\Roaming\SoftGrid Client
2014-02-14 21:38 - 2012-03-29 01:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-14 19:53 - 2014-02-14 19:53 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-14 19:53 - 2014-02-14 19:52 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-14 19:53 - 2014-02-14 19:52 - 00000000 ____D () C:\Program Files\iTunes
2014-02-14 19:53 - 2014-02-14 19:52 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-14 19:52 - 2014-02-14 19:52 - 00000000 ____D () C:\Program Files\iPod
2014-02-14 19:48 - 2010-12-27 22:44 - 00000000 ____D () C:\ProgramData\Apple
2014-02-11 21:11 - 2012-10-14 16:50 - 00000000 ____D () C:\Users\divix\Desktop\ANNETT
2014-02-11 16:24 - 2012-09-13 19:54 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000Core.job
2014-02-08 22:12 - 2014-02-08 22:11 - 22462733 _____ () C:\Users\divix\Downloads\6th_nguoi_ban_do.exe
2014-02-06 21:33 - 2014-02-06 21:33 - 31008258 _____ () C:\Users\divix\Downloads\tp-rails.exe
2014-02-06 21:32 - 2014-02-06 21:31 - 25361850 _____ () C:\Users\divix\Downloads\laram_valley(1).exe
2014-02-06 21:31 - 2014-02-06 21:31 - 00000000 _____ () C:\Users\divix\Downloads\laram_valley.exe
2014-02-06 21:12 - 2014-02-06 21:12 - 09701909 _____ () C:\Users\divix\Downloads\[jpv]medicpatrolb3.exe
2014-02-06 21:06 - 2014-02-06 21:06 - 07499992 _____ () C:\Users\divix\Downloads\[vck]sunrisece.exe
2014-02-06 13:16 - 2014-02-14 21:49 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 21:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 21:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 21:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 21:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 21:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 21:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 21:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 21:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 21:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 21:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 21:49 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 21:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 21:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 21:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 21:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 21:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 21:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 21:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 21:49 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 21:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 21:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 21:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 21:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 21:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 21:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-14 21:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-14 21:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 21:49 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 21:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 21:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 21:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 21:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 21:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 21:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 21:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 21:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 19:38 - 2012-03-29 01:31 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 19:38 - 2012-03-29 01:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-05 19:38 - 2011-06-02 09:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 18:19 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-03 21:16 - 2014-02-03 21:15 - 08039581 _____ () C:\Users\divix\Downloads\(trx)halongbeach.exe
2014-02-02 00:31 - 2012-01-03 18:14 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000Core.job
2014-02-01 23:46 - 2014-02-01 23:46 - 02739789 _____ () C:\Users\divix\Downloads\=sfx=combatarena.exe
2014-01-30 20:06 - 2014-01-30 20:06 - 08556599 _____ () C:\Users\divix\Downloads\peppers_ton-kin_canyon.exe
2014-01-27 19:10 - 2014-01-27 19:10 - 00000874 ____C () C:\DelFix.txt
2014-01-26 10:56 - 2012-03-22 18:36 - 00035280 _____ () C:\Windows\PFRO.log
2014-01-25 13:34 - 2010-12-07 22:42 - 00000000 ____D () C:\Users\divix\AppData\Roaming\Mozilla
2014-01-25 13:33 - 2014-01-25 13:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-25 13:33 - 2010-12-07 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-24 18:11 - 2010-09-22 02:32 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-01-21 18:10 - 2014-01-21 18:10 - 00000000 ____D () C:\Windows\ERUNT
2014-01-21 18:04 - 2010-12-16 20:53 - 00000000 ____D () C:\ProgramData\ICQ
2014-01-21 18:04 - 2010-12-07 20:51 - 00000997 _____ () C:\Users\divix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-21 17:39 - 2014-01-21 17:38 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\divix\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-21 17:39 - 2014-01-15 19:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 01:53 - 2013-12-29 10:24 - 00000000 ____D () C:\ProgramData\Interenet Optimizer
2014-01-21 01:53 - 2013-12-23 17:56 - 00000000 ____D () C:\Program Files (x86)\Web Check
2014-01-21 01:53 - 2013-02-27 12:11 - 00000000 ____D () C:\Windows\SysWOW64\Cfg
2014-01-21 01:53 - 2011-08-27 22:51 - 00000000 ____D () C:\ProgramData\InstallMate
2014-01-21 01:53 - 2010-12-07 20:57 - 00000000 ____D () C:\Users\divix\AppData\Roaming\Adobe
2014-01-21 01:53 - 2010-12-07 20:43 - 00000000 ____D () C:\Users\divix
2014-01-21 01:53 - 2010-09-22 02:58 - 00000000 ____D () C:\ProgramData\P4G
2014-01-21 01:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-01-21 01:52 - 2014-01-15 19:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-21 01:52 - 2010-09-22 02:32 - 00000000 ____D () C:\ProgramData\Adobe
2014-01-20 20:51 - 2009-07-14 05:45 - 00271096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-20 19:20 - 2013-10-01 14:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-20 19:18 - 2010-12-10 17:50 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-19 14:16 - 2014-01-19 13:59 - 00000000 ____D () C:\Windows\erdnt
2014-01-19 13:55 - 2014-01-19 11:42 - 00000000 ____D () C:\Users\divix\Documents\Anti-Malware
2014-01-18 19:34 - 2010-12-07 22:39 - 00000000 ____D () C:\Users\divix\AppData\Local\Adobe

Some content of TEMP:
====================
C:\Users\divix\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 21:51

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by divix at 2014-02-15 09:27:30
Running from C:\Users\divix\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (x32 Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (x32 Version: 2.0.0.0 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop CS (x32 Version: CS - Adobe Systems, Inc.)
Adobe Reader 9.5.5 MUI (x32 Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.615 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (x32 Version: 1.0.8 - ASUS)
ASUS AP Bank (x32 Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (x32 Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (x32 Version: 3.0.20 - ASUS)
ASUS Live Update (x32 Version: 2.5.9 - ASUS)
ASUS MultiFrame (x32 Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (Version: 1.1.27 - ASUS)
ASUS SmartLogon (x32 Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0028 - ASUS)
ASUS USB2.0 UVC VGA WebCam (Version: 5.8.53120.202 - Sonix)
ASUS Virtual Camera (x32 Version: 1.0.19 - asus)
ASUS WebStorage (x32 Version: 2.0.46.1429 - eCareme Technologies, Inc.)
ATI Catalyst Install Manager (Version: 3.0.750.0 - ATI Technologies, Inc.)
ATK Package (x32 Version: 1.0.0001 - ASUS)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Boingo Wi-Fi (x32 Version: 1.7.0048 - Boingo Wireless, Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.1543.28169 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.1542.28169 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.1543.28169 - ATI) Hidden
ccc-utility64 (Version: 2009.1111.1543.28169 - ATI) Hidden
CCleaner (Version: 3.01 - Piriform)
ControlDeck (x32 Version: 1.0.5 - ASUS)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
DAEMON Tools Lite (x32 Version: 4.45.3.0297 - DT Soft Ltd)
DivX-Setup (x32 Version: 2.6.1.8 - DivX, LLC)
EA Download Manager (x32 Version: 7.2.0.32 - Electronic Arts, Inc.)
ETDWare PS/2-x64 7.0.5.9_WHQL (Version:  - )
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Fast Boot (Version: 1.0.5 - ASUS)
Free YouTube to MP3 Converter version 3.11.35.1031 (x32 Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Game Park Console (x32 Version: 6.2.0.2 - Oberon Media, Inc.)
Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
Google Talk Plugin (x32 Version: 4.9.1.16010 - Google)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.5.4805.320 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
ICQ 8.0 (build 6003, für aktuellen Benutzer) (HKCU Version: 8.0.6003.0 - Mail.Ru)
IDT Audio (x32 Version: 1.0.6259.0 - IDT)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Interenet Optimizer (x32 Version:  - Winteam)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K_Series_ScreenSaver_EN (x32 Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.0.0 - Motorola) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
myphotobook.de (x32 Version: 1.5.0 - myphotobook GmbH) Hidden
myphotobook.de (x32 Version: 1.5.0.988 - myphotobook GmbH)
NVIDIA PhysX (x32 Version: 9.09.0203 - NVIDIA Corporation)
Overwolf.Setup.VC100CRTx64.Dist (Version: 1.0.0 - Overwolf)
Pando Media Booster (x32 Version: 2.3.5.2 - Pando Networks Inc.)
PDFCreator (x32 Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Piggly FREE (x32 Version:  - Oberon Media)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RocketDock 1.3.5 (x32 Version:  - Punk Software)
ShotOnline (x32 Version: 1.0 - OnNet)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
SopCast 3.3.2 (x32 Version: 3.3.2 - www.sopcast.com)
syncables desktop SE (x32 Version: 5.5.615.9518 - syncables)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Total Commander (Remove or Repair) (x32 Version: 7.56a - Ghisler Software GmbH)
Uninstall 1.0.0.1 (x32 Version:  - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Web Check (x32 Version:  - )
WebEnhance (x32 Version:  - )
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8118.427 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
WinFlash (x32 Version: 2.29.0 - ASUS)
WinRAR (Version:  - )
Wireless Console 3 (x32 Version: 3.0.15 - ASUS)
ZoomEx (Version: 1.0 - )

==================== Restore Points  =========================

11-02-2014 16:38:34 Windows Update
14-02-2014 18:43:48 Windows Update
14-02-2014 20:48:58 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0C6B2013-9804-4A51-B319-37435BABD025} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-21] (Google Inc.)
Task: {2902D714-9EDD-4710-9187-0C3189405974} - \Software Updater No Task File
Task: {2F6EFE0D-FCEE-4267-9600-720B9C058D2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {313EE285-5F35-4972-B1F2-F46712D5B7CC} - System32\Tasks\{DEA7021C-9717-474D-86C9-5052C15FD9E1} => C:\Program Files\Vietcong first alpha\vietcong.exe [2013-05-02] ()
Task: {39023A8F-FD76-4431-A886-682FF7DFA722} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {394B1517-E148-4A56-99C3-533B5A2E5B5E} - \Software Updater Ui No Task File
Task: {45E92975-B98D-4857-9BF4-793A1A01CC3D} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-12-24] (ATK)
Task: {569D0BE9-C428-4A1E-B049-D24407CFE3C6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5F15AD2A-125E-4C23-AC89-45957815663E} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-01-05] ()
Task: {62ED1889-56B3-4EB9-B350-104D9FB7998A} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: {661932E4-5EFA-4AE9-A467-D174BCB60AEB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000Core => C:\Users\divix\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {699E221F-990D-4116-A1EC-DA28F4E560D7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000UA => C:\Users\divix\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {70633BB4-E248-44AA-910E-5FE4A3A14856} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000UA => C:\Users\divix\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {85DB662D-71AC-4191-82E8-826198C767F1} - System32\Tasks\{7D8B581A-87FA-4F26-B5DB-0DF727C6793E} => C:\Program Files (x86)\asus\VirtualCamera\VirCam.exe [2009-09-23] ()
Task: {870D1712-A6F0-420D-8C87-8BB3FECFE7B9} - System32\Tasks\{3C2E4C0C-9DFF-481E-B6BF-0879D7B11D6A} => C:\Program Files (x86)\asus\VirtualCamera\VirCam.exe [2009-09-23] ()
Task: {9753D03A-8FE2-48CE-95F8-E050FC7F7AF7} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {991FD48F-3FAE-4FE3-99A7-C5873CC07F52} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-11-24] ()
Task: {9A8BD27B-CB7B-4E67-9282-521D9FD13F4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-21] (Google Inc.)
Task: {9B5E45C5-A418-451B-9A50-9379877968FC} - System32\Tasks\{45B66411-F4F6-4CD3-B9C1-6D5B6B5ED95B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-01-08] (Skype Technologies S.A.)
Task: {A42DD4A1-28BF-4337-AF4B-626807332A42} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {A5615AD3-6195-441D-9AF9-763A34854629} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000Core => C:\Users\divix\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {D1D9BD02-99C4-4AA4-A9A1-248031F9547F} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe
Task: {DB01DD91-A8E8-4A2A-8C00-97CDB1983C66} - System32\Tasks\{7ADFF82D-5538-4C64-97F7-EAC480AA6E47} => C:\Program Files\Vietcong\vietcong.exe
Task: {E06F392F-79D9-48E4-8F7F-31818245E0BA} - \BackgroundContainer Startup Task No Task File
Task: {E82739BF-FCDB-4A5A-96CF-5411E1A1192C} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {EAB810DC-3BA8-4740-AC4F-70FAFE7D4184} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {ED40B8E4-C3EC-461A-846D-9322D5F837ED} - System32\Tasks\{16684FD7-EA34-4F94-9923-779B27DA9B92} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.73.105.457/de/abandoninstall?page=tsProgressBar
Task: {F1B32099-FA13-4C38-B9CD-51EE77D7411F} - System32\Tasks\{4EEEB58D-A52A-4C51-A9EC-CFF4428DED66} => C:\Program Files\Vietcong first alpha\vietcong.exe [2013-05-02] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000Core.job => C:\Users\divix\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000UA.job => C:\Users\divix\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000Core.job => C:\Users\divix\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2965242652-2433012516-4194544714-1000UA.job => C:\Users\divix\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-05 01:43 - 2010-01-05 01:43 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-12-23 21:12 - 2009-12-23 21:12 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2009-12-19 03:11 - 2009-12-19 03:11 - 00033280 _____ () C:\Program Files\P4G\OvrClk.dll
2010-09-22 02:56 - 2007-11-30 19:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2008-10-01 07:02 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-11-24 21:45 - 2009-11-24 21:45 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2010-12-09 18:24 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2008-10-23 18:21 - 2008-10-23 18:21 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-22 02:47 - 2010-09-22 02:47 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-11-02 22:20 - 2009-11-02 22:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 22:23 - 2009-11-02 22:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2010-12-09 18:24 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2013-06-21 12:35 - 2013-06-21 12:35 - 00851456 _____ () C:\Users\divix\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-25 13:33 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2010-12-10 21:22 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext32.dll
2013-06-21 12:35 - 2013-06-21 12:35 - 00138576 _____ () C:\Users\divix\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:115CEE00

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Boingo Wi-Fi => "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\divix\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: facemoods => "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.10\facemoodssrv.exe" /md I
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mintw => rundll32.exe ",FInitializeRichEdit
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Syncables => C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
MSCONFIG\startupreg: Userinit => C:\Users\divix\AppData\Roaming\appconf32.exe

==================== Faulty Device Manager Devices =============

Name: ASUS USB2.0 UVC VGA WebCam
Description: ASUS USB2.0 UVC VGA WebCam
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Azureware
Service: SNP2UVC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2014 09:17:20 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/14/2014 08:22:44 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/11/2014 03:40:50 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/09/2014 07:41:04 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/08/2014 08:46:41 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/06/2014 09:05:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xe8c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (02/06/2014 08:23:42 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/05/2014 07:14:12 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/03/2014 07:31:48 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/02/2014 05:48:03 PM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24


System errors:
=============
Error: (02/02/2014 02:53:41 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/27/2014 07:03:53 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ASLDR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/24/2014 06:16:04 PM) (Source: Service Control Manager) (User: )
Description: Dienst "ASLDR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (02/15/2014 09:17:20 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/14/2014 08:22:44 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/11/2014 03:40:50 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/09/2014 07:41:04 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/08/2014 08:46:41 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/06/2014 09:05:13 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8e8c01cf236d650a90faC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllfc9fb412-8f69-11e3-8b2b-20cf30537901

Error: (02/06/2014 08:23:42 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/05/2014 07:14:12 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/03/2014 07:31:48 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (02/02/2014 05:48:03 PM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24


CodeIntegrity Errors:
===================================
  Date: 2014-01-19 14:14:49.487
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-19 14:14:49.331
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 43%
Total physical RAM: 3948.54 MB
Available physical RAM: 2245.18 MB
Total Pagefile: 7895.27 MB
Available Pagefile: 5772.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:23.69 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:260.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=330 GB) - (Type=OF Extended)

==================== End Of Log ============================

schrauber 16.02.2014 07:06
Da wir schon mal mit MBAM gescannt hatten und der Fund nicht dabei war ist der neu ;)

Ist aber nur PUP, die triffste im Inet immer.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
2014-01-21 01:53 - 2013-12-29 10:24 - 00000000 ____D () C:\ProgramData\Interenet Optimizer
2014-01-21 01:53 - 2013-12-23 17:56 - 00000000 ____D () C:\Program Files (x86)\Web Check
2014-01-21 01:53 - 2013-02-27 12:11 - 00000000 ____D () C:\Windows\SysWOW64\Cfg
2014-01-21 01:53 - 2011-08-27 22:51 - 00000000 ____D () C:\ProgramData\InstallMate

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


divix 16.02.2014 20:45
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-02-2014 01
Ran by divix at 2014-02-16 20:43:53 Run:1
Running from C:\Users\divix\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
2014-01-21 01:53 - 2013-12-29 10:24 - 00000000 ____D () C:\ProgramData\Interenet Optimizer
2014-01-21 01:53 - 2013-12-23 17:56 - 00000000 ____D () C:\Program Files (x86)\Web Check
2014-01-21 01:53 - 2013-02-27 12:11 - 00000000 ____D () C:\Windows\SysWOW64\Cfg
2014-01-21 01:53 - 2011-08-27 22:51 - 00000000 ____D () C:\ProgramData\InstallMate
       
*****************

C:\ProgramData\Interenet Optimizer => Moved successfully.
C:\Program Files (x86)\Web Check => Moved successfully.
C:\Windows\SysWOW64\Cfg => Moved successfully.
C:\ProgramData\InstallMate => Moved successfully.

==== End of Fixlog ====
für die schnelle hilfe :dankeschoen:

schrauber 17.02.2014 14:26
Gern Geschehen :)

divix 17.02.2014 18:11
wars das schon? ( wär ja super )

schrauber 18.02.2014 12:38
Jap, Baustein zum aufräumen haste ja oben :)

divix 18.02.2014 20:53
vielen dank :daumenhoc

schrauber 19.02.2014 16:30
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:59 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131