| suppenhuhn68 | 22.01.2014 18:41 |
Hallo Cosinus,
hier die Logfiles:
AdwCleaner-Logfile: Code:
# AdwCleaner v3.017 - Bericht erstellt am 22/01/2014 um 17:43:04
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : VAG - VAG-PC
# Gestartet von : C:\Users\VAG\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Searchprotect
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Searchprotect
Ordner Gelöscht : C:\Program Files (x86)\DivX_Browser_Bar_DE
Ordner Gelöscht : C:\Users\VAG\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\VAG\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\VAG\AppData\LocalLow\DivX_Browser_Bar_DE
Ordner Gelöscht : C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\FoxTab
Ordner Gelöscht : C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Smartbar
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3297265
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F663448B-1B58-43EA-8EF6-A410B6E82DEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F663448B-1B58-43EA-8EF6-A410B6E82DEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBE04DF6-15EC-4548-A6B7-E9C02603D7EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C4138FDC-445C-4B92-903F-60DFA9EE19B6}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6DAD39C6-F4AC-4984-8E9B-F666269B9EB1}]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\SearchProtect
Schlüssel Gelöscht : HKCU\Software\DivX_Browser_Bar_DE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar_DE
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\DivX_Browser_Bar_DE
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DivX_Browser_Bar_DE Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\prefs.js ]
Zeile gelöscht : user_pref("CT3297265.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3297265.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3297265.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3297265.FirstTime", "true");
Zeile gelöscht : user_pref("CT3297265.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT3297265.UserID", "UN36299595932309217");
Zeile gelöscht : user_pref("CT3297265.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3297265.addressUrlXPETakeover", "true");
Zeile gelöscht : user_pref("CT3297265.autoDisableScopes", -1);
Zeile gelöscht : user_pref("CT3297265.defaultSearch", "false");
Zeile gelöscht : user_pref("CT3297265.embeddedsData", "[{\"appId\":\"130102701223206401\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gelöscht : user_pref("CT3297265.enableAlerts", "true");
Zeile gelöscht : user_pref("CT3297265.enableFix404ByUser", "TRUE");
Zeile gelöscht : user_pref("CT3297265.enableSearchFromAddressBar", "true");
Zeile gelöscht : user_pref("CT3297265.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT3297265.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT3297265.fixPageNotFoundErrorByUser", "true");
Zeile gelöscht : user_pref("CT3297265.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT3297265.fixUrls", true);
Zeile gelöscht : user_pref("CT3297265.installDate", "21/5/2013 22:40:29");
Zeile gelöscht : user_pref("CT3297265.installId", "stub.exe");
Zeile gelöscht : user_pref("CT3297265.installSessionId", "{391ACFDB-BF8C-4C07-B434-FFFEB493F980}");
Zeile gelöscht : user_pref("CT3297265.installSp", "true");
Zeile gelöscht : user_pref("CT3297265.installType", "conduitnsisintegration");
Zeile gelöscht : user_pref("CT3297265.installUsage", "2013-05-21T23:41:05.4665268+03:00");
Zeile gelöscht : user_pref("CT3297265.installUsageEarly", "2013-05-21T23:41:02.6428906+03:00");
Zeile gelöscht : user_pref("CT3297265.installerVersion", "1.4.2.3");
Zeile gelöscht : user_pref("CT3297265.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT3297265.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3297265.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT3297265.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3297265.keyword", "true");
Zeile gelöscht : user_pref("CT3297265.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3297265&octid=CT3297265&SearchSource=15&CUI=UN36299595932309217&SSPV=EB_SSPV&Lay=1&UM=[...]
Zeile gelöscht : user_pref("CT3297265.lastVersion", "10.16.2.10");
Zeile gelöscht : user_pref("CT3297265.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Zeile gelöscht : user_pref("CT3297265.migrateAppsAndComponents", true);
Zeile gelöscht : user_pref("CT3297265.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://DivXBrowserBarDE.OurTool[...]
Zeile gelöscht : user_pref("CT3297265.openThankYouPage", "false");
Zeile gelöscht : user_pref("CT3297265.openUninstallPage", "true");
Zeile gelöscht : user_pref("CT3297265.originalSearchAddressUrl", "hxxp://de.search.yahoo.com/search?fr=mcafee&p=");
Zeile gelöscht : user_pref("CT3297265.revertSettingsEnabled", "false");
Zeile gelöscht : user_pref("CT3297265.search.searchAppId", "130102701223206401");
Zeile gelöscht : user_pref("CT3297265.search.searchCount", "0");
Zeile gelöscht : user_pref("CT3297265.searchInNewTabEnabledByUser", "false");
Zeile gelöscht : user_pref("CT3297265.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3297265.searchRevert", "false");
Zeile gelöscht : user_pref("CT3297265.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3297265.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3297265\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DivXBrowserBarDE.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DivX Browser Bar DE\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1369168867974");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_appsMetadata_lastUpdate", "1369168867595");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1369168867504");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1369168865437");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1369168868573");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_location_lastUpdate", "1369168865390");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_login_10.16.2.10_lastUpdate", "1369168868191");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1369168867662");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_searchAPI_lastUpdate", "1369168865657");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_serviceMap_lastUpdate", "1369168861672");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_toolbarContextMenu_lastUpdate", "1369168867202");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_toolbarSettings_lastUpdate", "1369168865460");
Zeile gelöscht : user_pref("CT3297265.serviceLayer_services_translation_lastUpdate", "1369168867741");
Zeile gelöscht : user_pref("CT3297265.settingsINI", true);
Zeile gelöscht : user_pref("CT3297265.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT3297265.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT3297265.smartbar.CTID", "CT3297265");
Zeile gelöscht : user_pref("CT3297265.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT3297265.smartbar.toolbarName", "DivX Browser Bar DE ");
Zeile gelöscht : user_pref("CT3297265.startPage", "false");
Zeile gelöscht : user_pref("CT3297265.toolbarBornServerTime", "21-5-2013");
Zeile gelöscht : user_pref("CT3297265.toolbarCurrentServerTime", "21-5-2013");
Zeile gelöscht : user_pref("CT3297265.toolbarDisabled", "true");
Zeile gelöscht : user_pref("CT3297265.toolbarLoginClientTime", "Tue May 21 2013 22:41:08 GMT+0200");
Zeile gelöscht : user_pref("CT3297265.versionFromInstaller", "10.16.2.10");
Zeile gelöscht : user_pref("CT3297265_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1369168891775,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://de.search.yahoo.com/search?fr=mcafee&p=");
Zeile gelöscht : user_pref("smartbar.addressBarOwnerCTID", "CT3297265");
Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3297265&SearchSource=2&CUI=UN36299595932309217&UM=2&q=");
Zeile gelöscht : user_pref("smartbar.machineId", "G3MGATSCWUOSZJM5HSU+ENIJQXQFEA58UEJOB/D+8FZKLFTZMTGHKVSFAXGVV9JDHMBZITM8LRWPFL93EHNLWQ");
*************************
AdwCleaner[R0].txt - [12020 octets] - [22/01/2014 17:41:06]
AdwCleaner[S0].txt - [11788 octets] - [22/01/2014 17:43:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11849 octets] ##########
JRT-Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by VAG on 22.01.2014 at 17:55:55,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3BE2202E-F1A9-44C7-BBB2-E25D5D7F854A}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\VAG\AppData\Roaming\mozilla\firefox\profiles\ma1s586n.default\minidumps [47 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.01.2014 at 17:59:20,90
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST-Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 01
Ran by VAG (administrator) on VAG-PC on 22-01-2014 18:06:01
Running from C:\Users\VAG\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 5\HelperService.exe
(LULU Software Limited) C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\FanaLEDs\FanaLEDs.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Razer USA Ltd.) C:\Program Files (x86)\n52te\n52teHid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\n52te\n52teTra.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Jomantha] - C:\Program Files (x86)\n52te\n52teHid.exe [159744 2008-06-13] (Razer USA Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [FanaLEDs] - C:\Program Files (x86)\FanaLEDs\FanaLEDs.exe [809472 2013-11-28] ()
Startup: C:\Users\VAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {1C30929B-9BCE-480C-86E7-ABAE1BF07E76} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll (LULU Software Limited)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll (LULU Software Limited)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&type=A111DE0&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Forecastfox - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-01-26]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-12-18]
FF Extension: WOT - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: FastestFox - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\smarterwiki@wikiatic.com.xpi [2013-01-26]
FF Extension: Google Translator for Firefox - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\translator@zoli.bod.xpi [2013-01-26]
FF Extension: NoScript - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-01-23]
FF Extension: Right Links - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{B5F5E8D3-AE31-49A1-AC42-78B7B1CC5CDC}.xpi [2013-01-26]
FF Extension: Adblock Plus - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-01-23]
FF Extension: Tab Mix Plus - C:\Users\VAG\AppData\Roaming\Mozilla\Firefox\Profiles\ma1s586n.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-01-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-01-21]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-05-21]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDF5Converter@sodapdf.com] - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext
FF Extension: Soda PDF 5 Converter For Firefox - C:\Program Files (x86)\Soda PDF 5\FFSoda5Ext [2013-11-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-01-21]
==================== Services (Whitelisted) =================
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-07] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-09-24] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1017016 2013-09-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Soda PDF 5 Helper Service; C:\Program Files (x86)\Soda PDF 5\HelperService.exe [1097544 2013-06-12] (LULU Software Limited)
R2 Soda PDF 5 Service; C:\Program Files (x86)\Soda PDF 5\ConversionService.exe [794440 2013-06-12] (LULU Software Limited)
==================== Drivers (Whitelisted) ====================
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 JmtFltr; C:\Windows\System32\drivers\JmtFltr.sys [46464 2007-09-29] ()
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 vhidmini; C:\Windows\System32\DRIVERS\vhidmini.sys [13952 2007-09-29] (Windows (R) Codename Longhorn DDK provider)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-22 18:06 - 2014-01-22 18:06 - 00018260 _____ C:\Users\VAG\Desktop\FRST.txt
2014-01-22 18:05 - 2014-01-22 18:05 - 00000000 ____D C:\FRST
2014-01-22 18:03 - 2014-01-22 18:03 - 02077184 _____ (Farbar) C:\Users\VAG\Desktop\FRST64.exe
2014-01-22 17:59 - 2014-01-22 17:59 - 00000923 _____ C:\Users\VAG\Desktop\JRT.txt
2014-01-22 17:51 - 2014-01-22 17:51 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:50 - 2014-01-22 17:50 - 01037068 _____ (Thisisu) C:\Users\VAG\Desktop\JRT.exe
2014-01-22 17:41 - 2014-01-22 17:43 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:39 - 2014-01-22 17:39 - 01236282 _____ C:\Users\VAG\Desktop\adwcleaner.exe
2014-01-21 18:30 - 2014-01-21 18:30 - 00030253 _____ C:\ComboFix.txt
2014-01-21 18:03 - 2014-01-21 18:31 - 00000000 ____D C:\Qoobox
2014-01-21 18:03 - 2014-01-21 18:26 - 00000000 ____D C:\Windows\erdnt
2014-01-21 18:03 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-21 18:03 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-21 18:03 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-21 18:03 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-21 18:03 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-21 18:03 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-21 18:03 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-21 18:03 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-19 21:25 - 2014-01-19 21:25 - 00000000 ____D C:\Users\VAG\AppData\Roaming\OpenOffice
2014-01-19 21:24 - 2014-01-19 21:24 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-19 21:23 - 2014-01-19 21:23 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2014-01-19 21:18 - 2014-01-19 21:18 - 00000000 ____D C:\Users\VAG\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-19 21:16 - 2014-01-19 21:17 - 163606685 _____ C:\Users\VAG\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-19 18:10 - 2014-01-19 22:27 - 00019722 _____ C:\Users\VAG\Documents\RPG-Anzeige.odt
2014-01-19 16:04 - 2014-01-19 16:04 - 00000000 ___RD C:\Users\VAG\AppData\Roaming\Brother
2014-01-19 15:43 - 2014-01-19 21:26 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx
2014-01-19 15:43 - 2014-01-19 15:43 - 00000241 _____ C:\Windows\Brpfx04a.ini
2014-01-19 15:43 - 2014-01-19 15:43 - 00000093 _____ C:\Windows\brpcfx.ini
2014-01-19 15:43 - 2014-01-19 15:43 - 00000050 _____ C:\Windows\system32\bd7320.dat
2014-01-19 15:43 - 2006-07-07 12:40 - 00073728 ____N (Brother Industories Ltd. P&S Company) C:\Windows\SysWOW64\BRCrypt.dll
2014-01-19 15:42 - 2014-01-19 15:43 - 00000066 _____ C:\Windows\Brfaxrx.ini
2014-01-19 15:42 - 2014-01-19 15:43 - 00000000 ____D C:\Program Files (x86)\Brother
2014-01-19 15:42 - 2009-01-15 19:20 - 00003072 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2014-01-19 15:42 - 2008-10-17 20:04 - 00179712 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrfxDA5b.dll
2014-01-19 15:42 - 2008-08-23 19:17 - 00118784 ____N (Brother Industries,LTD.) C:\Windows\SysWOW64\BrMfNt.dll
2014-01-19 15:42 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2014-01-19 15:42 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2014-01-19 15:42 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2014-01-19 15:42 - 2003-11-28 18:57 - 00000000 _____ C:\Windows\brdfxspd.dat
2014-01-19 15:42 - 2002-11-26 13:43 - 00106496 ____N C:\Windows\SysWOW64\BrMuSNMP.dll
2014-01-19 15:41 - 2014-01-19 15:41 - 00000000 ____D C:\Users\VAG\Downloads\mflpro
2014-01-19 15:41 - 2014-01-19 15:41 - 00000000 ____D C:\ProgramData\Brother
2014-01-19 15:40 - 2014-01-19 15:40 - 43298658 _____ (A.I.SOFT,INC.) C:\Users\VAG\Downloads\MFC-7320-inst-win7-A2.EXE
2014-01-19 15:35 - 2014-01-19 16:31 - 00000432 _____ C:\Windows\BRWMARK.INI
2014-01-19 15:35 - 2014-01-19 15:35 - 00000034 _____ C:\Windows\SysWOW64\BD7320.DAT
2014-01-17 20:02 - 2014-01-17 20:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-17 13:38 - 2014-01-22 18:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-17 13:38 - 2014-01-17 13:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-16 17:03 - 2014-01-16 17:03 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 17:03 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-16 17:03 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-16 17:03 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-16 17:03 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-15 16:46 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:46 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:46 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:46 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:46 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:46 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:46 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:46 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 16:46 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-11 17:28 - 2014-01-12 16:36 - 00000000 ____D C:\Users\VAG\AppData\Roaming\Awesomium
2014-01-08 23:56 - 2014-01-08 23:56 - 00000000 ____D C:\Users\VAG\Documents\XXXXXX
2014-01-08 23:56 - 2014-01-08 23:56 - 00000000 ____D C:\ProgramData\XXXXXX
2014-01-08 22:00 - 2014-01-08 22:00 - 00000852 _____ C:\Users\VAG\Desktop\XXXXXX
2014-01-08 21:56 - 2014-01-08 21:56 - 55903624 _____ ( ) C:\Users\VAG\Downloads\XXXXXX.exe
2014-01-05 22:38 - 2014-01-05 22:38 - 00000222 _____ C:\Users\VAG\Desktop\Kerbal Space Program Demo.url
2014-01-03 00:43 - 2014-01-04 01:42 - 00000000 ____D C:\Users\VAG\Downloads\Skyrim Mods
2014-01-02 21:09 - 2014-01-02 21:09 - 00000000 ____D C:\ProgramData\Solidshield
2014-01-02 21:08 - 2014-01-02 21:08 - 00000000 ____D C:\Users\VAG\AppData\Roaming\Ubisoft
2014-01-02 21:06 - 2014-01-02 21:06 - 00000221 _____ C:\Users\VAG\Desktop\Anno 2070.url
2014-01-01 16:33 - 2014-01-01 16:33 - 00000000 ____D C:\Users\VAG\Downloads\Better Sorting v-2-06-2730-2-06
2014-01-01 16:32 - 2014-01-01 16:33 - 00666203 _____ C:\Users\VAG\Downloads\Better Sorting v-2-06-2730-2-06.rar
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Users\VAG\Downloads\CategorizedFavoritesMenu v0_1_18-4862-0-1-17
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Users\VAG\Downloads\Categorized Favorites Menu DV 2-2-16372-2-2
2014-01-01 16:17 - 2014-01-01 16:17 - 00011319 _____ C:\Users\VAG\Downloads\Categorized Favorites Menu DV 2-2-16372-2-2.7z
2014-01-01 16:16 - 2014-01-01 16:17 - 00353984 _____ C:\Users\VAG\Downloads\CategorizedFavoritesMenu v0_1_18-4862-0-1-17.zip
2014-01-01 16:07 - 2014-01-01 16:07 - 00000000 ____D C:\Users\VAG\Downloads\Better Sorting DV v1_30-3271-1-30
2014-01-01 16:05 - 2014-01-01 16:05 - 00026402 _____ C:\Users\VAG\Downloads\Better Sorting DV v1_30-3271-1-30.zip
2013-12-31 17:42 - 2013-12-31 17:42 - 00000000 ____D C:\Users\VAG\Downloads\deutscheNamen
2013-12-31 17:41 - 2013-12-31 17:41 - 00056678 _____ C:\Users\VAG\Downloads\deutscheNamen.7z
2013-12-28 19:31 - 2013-12-28 19:31 - 00000000 ____D C:\Users\VAG\Downloads\LMSkyrimBalancing3_4
2013-12-28 19:31 - 2013-12-28 19:31 - 00000000 ____D C:\Users\VAG\Downloads\LMImprovements-1_1
2013-12-28 19:30 - 2013-12-28 19:30 - 03972697 _____ C:\Users\VAG\Downloads\LMImprovements-1_1.7z
2013-12-28 19:29 - 2013-12-28 19:30 - 05968341 _____ C:\Users\VAG\Downloads\LMSkyrimBalancing3_4.7z
2013-12-25 23:41 - 2013-12-25 23:41 - 00000000 ____D C:\Users\VAG\Downloads\SOS - Komplett-36798-07-05-13
2013-12-25 23:40 - 2013-12-25 23:40 - 00428283 _____ C:\Users\VAG\Downloads\SOS - Komplett-36798-07-05-13.rar
2013-12-25 23:37 - 2013-12-25 23:37 - 00061721 _____ C:\Users\VAG\Downloads\Compatibility Patches-20193-1-02.zip
2013-12-25 23:37 - 2013-12-25 23:37 - 00000000 ____D C:\Users\VAG\Downloads\Compatibility Patches-Civilization-20193-1-02
2013-12-25 23:29 - 2013-12-26 00:14 - 00000000 ____D C:\Users\VAG\Downloads\Compatibility Patches-Wilds-10886-1-13
2013-12-25 23:28 - 2013-12-25 23:28 - 00048695 _____ C:\Users\VAG\Downloads\Compatibility Patches-10886-1-13.zip
2013-12-25 23:21 - 2013-12-25 23:22 - 00000000 ____D C:\Users\VAG\Downloads\Compatibility Patches-Dungeons-8601-1-23
2013-12-25 23:20 - 2013-12-25 23:20 - 00026887 _____ C:\Users\VAG\Downloads\Compatibility Patches-8601-1-23.zip
2013-12-24 00:50 - 2013-12-24 00:51 - 00000000 ____D C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut-3.4-14026
2013-12-24 00:50 - 2013-12-24 00:50 - 00000000 ____D C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a
2013-12-24 00:47 - 2013-12-24 00:47 - 59315028 _____ C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-12-24 00:46 - 2013-12-24 00:47 - 107878313 _____ C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
==================== One Month Modified Files and Folders =======
2014-01-22 18:07 - 2014-01-17 13:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-22 18:06 - 2014-01-22 18:06 - 00018260 _____ C:\Users\VAG\Desktop\FRST.txt
2014-01-22 18:05 - 2014-01-22 18:05 - 00000000 ____D C:\FRST
2014-01-22 18:03 - 2014-01-22 18:03 - 02077184 _____ (Farbar) C:\Users\VAG\Desktop\FRST64.exe
2014-01-22 18:02 - 2009-07-14 05:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-22 18:02 - 2009-07-14 05:45 - 00013552 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-22 17:59 - 2014-01-22 17:59 - 00000923 _____ C:\Users\VAG\Desktop\JRT.txt
2014-01-22 17:59 - 2013-01-21 00:25 - 00001844 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-01-22 17:58 - 2013-01-20 16:36 - 01345366 _____ C:\Windows\WindowsUpdate.log
2014-01-22 17:55 - 2013-01-23 17:46 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-22 17:55 - 2013-01-20 16:43 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-22 17:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-22 17:55 - 2009-07-14 05:51 - 00070737 _____ C:\Windows\setupact.log
2014-01-22 17:51 - 2014-01-22 17:51 - 00000000 ____D C:\Windows\ERUNT
2014-01-22 17:50 - 2014-01-22 17:50 - 01037068 _____ (Thisisu) C:\Users\VAG\Desktop\JRT.exe
2014-01-22 17:44 - 2013-01-20 20:13 - 00083900 _____ C:\Windows\PFRO.log
2014-01-22 17:43 - 2014-01-22 17:41 - 00000000 ____D C:\AdwCleaner
2014-01-22 17:39 - 2014-01-22 17:39 - 01236282 _____ C:\Users\VAG\Desktop\adwcleaner.exe
2014-01-21 18:31 - 2014-01-21 18:03 - 00000000 ____D C:\Qoobox
2014-01-21 18:30 - 2014-01-21 18:30 - 00030253 _____ C:\ComboFix.txt
2014-01-21 18:26 - 2014-01-21 18:03 - 00000000 ____D C:\Windows\erdnt
2014-01-21 18:18 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-20 01:59 - 2009-07-14 05:45 - 00305664 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-19 23:40 - 2013-02-17 14:17 - 00000000 ____D C:\Users\VAG\AppData\Roaming\TS3Client
2014-01-19 23:03 - 2013-02-04 09:06 - 00064024 _____ C:\Users\VAG\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-19 22:27 - 2014-01-19 18:10 - 00019722 _____ C:\Users\VAG\Documents\RPG-Anzeige.odt
2014-01-19 21:26 - 2014-01-19 15:43 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx
2014-01-19 21:25 - 2014-01-19 21:25 - 00000000 ____D C:\Users\VAG\AppData\Roaming\OpenOffice
2014-01-19 21:24 - 2014-01-19 21:24 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk
2014-01-19 21:23 - 2014-01-19 21:23 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2014-01-19 21:19 - 2013-01-20 16:37 - 00000000 ___RD C:\Users\VAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-19 21:18 - 2014-01-19 21:18 - 00000000 ____D C:\Users\VAG\Desktop\OpenOffice 4.0.1 (de) Installation Files
2014-01-19 21:17 - 2014-01-19 21:16 - 163606685 _____ C:\Users\VAG\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2014-01-19 16:31 - 2014-01-19 15:35 - 00000432 _____ C:\Windows\BRWMARK.INI
2014-01-19 16:04 - 2014-01-19 16:04 - 00000000 ___RD C:\Users\VAG\AppData\Roaming\Brother
2014-01-19 15:43 - 2014-01-19 15:43 - 00000241 _____ C:\Windows\Brpfx04a.ini
2014-01-19 15:43 - 2014-01-19 15:43 - 00000093 _____ C:\Windows\brpcfx.ini
2014-01-19 15:43 - 2014-01-19 15:43 - 00000050 _____ C:\Windows\system32\bd7320.dat
2014-01-19 15:43 - 2014-01-19 15:42 - 00000066 _____ C:\Windows\Brfaxrx.ini
2014-01-19 15:43 - 2014-01-19 15:42 - 00000000 ____D C:\Program Files (x86)\Brother
2014-01-19 15:42 - 2013-07-14 01:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-19 15:41 - 2014-01-19 15:41 - 00000000 ____D C:\Users\VAG\Downloads\mflpro
2014-01-19 15:41 - 2014-01-19 15:41 - 00000000 ____D C:\ProgramData\Brother
2014-01-19 15:40 - 2014-01-19 15:40 - 43298658 _____ (A.I.SOFT,INC.) C:\Users\VAG\Downloads\MFC-7320-inst-win7-A2.EXE
2014-01-19 15:35 - 2014-01-19 15:35 - 00000034 _____ C:\Windows\SysWOW64\BD7320.DAT
2014-01-17 20:03 - 2013-02-10 17:10 - 00000000 ____D C:\Users\VAG\AppData\Local\Adobe
2014-01-17 20:03 - 2013-02-10 16:50 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-17 20:02 - 2014-01-17 20:02 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-17 20:02 - 2013-02-10 16:48 - 00000000 ____D C:\ProgramData\Adobe
2014-01-17 17:20 - 2013-03-04 16:48 - 00000000 ____D C:\Program Files\WinRAR
2014-01-17 13:39 - 2014-01-17 13:38 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-17 13:39 - 2013-01-23 16:10 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-17 13:39 - 2013-01-23 16:10 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-17 13:38 - 2013-05-21 21:53 - 00001070 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-17 13:37 - 2013-03-04 16:48 - 00001120 _____ C:\Users\Public\Desktop\WinRAR.lnk
2014-01-17 13:37 - 2013-03-04 16:48 - 00000000 ____D C:\Users\VAG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-16 17:04 - 2013-10-16 22:26 - 00000000 ____D C:\ProgramData\Oracle
2014-01-16 17:03 - 2014-01-16 17:03 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-16 17:03 - 2013-02-17 13:58 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-15 20:42 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-15 19:17 - 2013-07-26 13:25 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 19:16 - 2013-01-20 19:43 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-12 16:36 - 2014-01-11 17:28 - 00000000 ____D C:\Users\VAG\AppData\Roaming\Awesomium
2014-01-11 22:16 - 2013-07-14 01:22 - 00000000 ____D C:\Users\VAG\AppData\Roaming\n52te
2014-01-11 20:58 - 2013-01-21 00:22 - 00000000 ____D C:\Program Files (x86)\McAfee
2014-01-08 23:56 - 2014-01-08 23:56 - 00000000 ____D C:\Users\VAG\Documents\XXXXXX
2014-01-08 23:56 - 2014-01-08 23:56 - 00000000 ____D C:\ProgramData\XXXXXX
2014-01-08 22:00 - 2014-01-08 22:00 - 00000852 _____ C:\Users\VAG\Desktop\XXXXXX
2014-01-08 21:56 - 2014-01-08 21:56 - 55903624 _____ ( ) C:\Users\VAG\Downloads\XXXXXX.exe
2014-01-05 22:38 - 2014-01-05 22:38 - 00000222 _____ C:\Users\VAG\Desktop\Kerbal Space Program Demo.url
2014-01-04 01:42 - 2014-01-03 00:43 - 00000000 ____D C:\Users\VAG\Downloads\Skyrim Mods
2014-01-02 21:09 - 2014-01-02 21:09 - 00000000 ____D C:\ProgramData\Solidshield
2014-01-02 21:08 - 2014-01-02 21:08 - 00000000 ____D C:\Users\VAG\AppData\Roaming\Ubisoft
2014-01-02 21:07 - 2013-05-05 01:29 - 00253383 _____ C:\Windows\DirectX.log
2014-01-02 21:06 - 2014-01-02 21:06 - 00000221 _____ C:\Users\VAG\Desktop\Anno 2070.url
2014-01-01 16:33 - 2014-01-01 16:33 - 00000000 ____D C:\Users\VAG\Downloads\Better Sorting v-2-06-2730-2-06
2014-01-01 16:33 - 2014-01-01 16:32 - 00666203 _____ C:\Users\VAG\Downloads\Better Sorting v-2-06-2730-2-06.rar
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Users\VAG\Downloads\CategorizedFavoritesMenu v0_1_18-4862-0-1-17
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Users\VAG\Downloads\Categorized Favorites Menu DV 2-2-16372-2-2
2014-01-01 16:17 - 2014-01-01 16:17 - 00011319 _____ C:\Users\VAG\Downloads\Categorized Favorites Menu DV 2-2-16372-2-2.7z
2014-01-01 16:17 - 2014-01-01 16:16 - 00353984 _____ C:\Users\VAG\Downloads\CategorizedFavoritesMenu v0_1_18-4862-0-1-17.zip
2014-01-01 16:07 - 2014-01-01 16:07 - 00000000 ____D C:\Users\VAG\Downloads\Better Sorting DV v1_30-3271-1-30
2014-01-01 16:05 - 2014-01-01 16:05 - 00026402 _____ C:\Users\VAG\Downloads\Better Sorting DV v1_30-3271-1-30.zip
2013-12-31 17:42 - 2013-12-31 17:42 - 00000000 ____D C:\Users\VAG\Downloads\deutscheNamen
2013-12-31 17:41 - 2013-12-31 17:41 - 00056678 _____ C:\Users\VAG\Downloads\deutscheNamen.7z
2013-12-28 19:31 - 2013-12-28 19:31 - 00000000 ____D C:\Users\VAG\Downloads\LMSkyrimBalancing3_4
2013-12-28 19:31 - 2013-12-28 19:31 - 00000000 ____D C:\Users\VAG\Downloads\LMImprovements-1_1
2013-12-28 19:30 - 2013-12-28 19:30 - 03972697 _____ C:\Users\VAG\Downloads\LMImprovements-1_1.7z
2013-12-28 19:30 - 2013-12-28 19:29 - 05968341 _____ C:\Users\VAG\Downloads\LMSkyrimBalancing3_4.7z
2013-12-26 00:14 - 2013-12-25 23:29 - 00000000 ____D C:\Users\VAG\Downloads\Compatibility Patches-Wilds-10886-1-13
2013-12-25 23:41 - 2013-12-25 23:41 - 00000000 ____D C:\Users\VAG\Downloads\SOS - Komplett-36798-07-05-13
2013-12-25 23:40 - 2013-12-25 23:40 - 00428283 _____ C:\Users\VAG\Downloads\SOS - Komplett-36798-07-05-13.rar
2013-12-25 23:37 - 2013-12-25 23:37 - 00061721 _____ C:\Users\VAG\Downloads\Compatibility Patches-20193-1-02.zip
2013-12-25 23:37 - 2013-12-25 23:37 - 00000000 ____D C:\Users\VAG\Downloads\Compatibility Patches-Civilization-20193-1-02
2013-12-25 23:28 - 2013-12-25 23:28 - 00048695 _____ C:\Users\VAG\Downloads\Compatibility Patches-10886-1-13.zip
2013-12-25 23:22 - 2013-12-25 23:21 - 00000000 ____D C:\Users\VAG\Downloads\Compatibility Patches-Dungeons-8601-1-23
2013-12-25 23:20 - 2013-12-25 23:20 - 00026887 _____ C:\Users\VAG\Downloads\Compatibility Patches-8601-1-23.zip
2013-12-24 00:51 - 2013-12-24 00:50 - 00000000 ____D C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut-3.4-14026
2013-12-24 00:50 - 2013-12-24 00:50 - 00000000 ____D C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a
2013-12-24 00:47 - 2013-12-24 00:47 - 59315028 _____ C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut_-_Unofficial_High_Resolution_Patch-1.1.3a.7z
2013-12-24 00:47 - 2013-12-24 00:46 - 107878313 _____ C:\Users\VAG\Downloads\Skyrim_-_Directors_Cut-3.4-14026.7z
Some content of TEMP:
====================
C:\Users\VAG\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-20 03:36
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
XXXXXX -> unkenntlich gemacht da Beta-NDA
Addition-Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2014 01
Ran by VAG at 2014-01-22 18:07:19
Running from C:\Users\VAG\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
4 Elements (x32 Version: - Playrix Entertainment)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Anno 2070 (x32 Version: - BlueByte)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-7320 (x32 Version: 1.0.1.0 - Brother Industries, Ltd.)
Crusader Kings II Demo (x32 Version: - Paradox Interactive)
DivX-Setup (x32 Version: 2.6.1.44 - DivX, LLC)
Dropbox (HKCU Version: 2.0.26 - Dropbox, Inc.)
Dungeon Siege III (x32 Version: - Obsidian Entertainment)
Eador. Masters of the Broken World (x32 Version: - Snowbird Games)
ElsterFormular (x32 Version: 14.0.0.10960 - Landesfinanzdirektion Thüringen)
Euro Truck Simulator 2 (x32 Version: - SCS Software)
FanaLEDs (x32 Version: 2.1 - Gerben bol & Dirk Teurlings)
Farming Simulator 2013 (x32 Version: - Giants Software)
FIFA 14 (x32 Version: 1.0.0.3 - Electronic Arts)
FINAL FANTASY XIV - A Realm Reborn (x32 Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FTL: Faster Than Light (x32 Version: - Subset Games)
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 17 (64-bit) (Version: 7.0.170 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kerbal Space Program Demo (x32 Version: - Squad)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 5.10 (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.46 (Version: 8.46.27 - Logitech Inc.)
Magic: The Gathering - Duels of the Planeswalkers 2013 (x32 Version: - Stainless Games)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Internet Security (x32 Version: 12.8.856 - McAfee, Inc.)
McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version: - McAfee, Inc.) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Might & Magic X - Legacy (x32 Version: - Ubisoft)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
n52te Editor (x32 Version: 5.01 - Razer USA Ltd.)
Notepad++ (x32 Version: 6.4.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.07 (Version: 314.07 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1407 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.07 (Version: 314.07 - NVIDIA Corporation) Hidden
NVIDIA Update 1.12.12 (Version: 1.12.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
OpenAL (x32 Version: - )
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Orcs Must Die! 2 (x32 Version: - Robot Entertainment)
Origin (x32 Version: 9.3.10.4710 - Electronic Arts, Inc.)
Path of Exile (x32 Version: - Grinding Gear Games)
Patrizier IV (x32 Version: 1.3.0.0 - Kalypso Media)
Prison Architect (x32 Version: - Introversion Software)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RAGE (x32 Version: - id Software)
RollerCoaster Tycoon 3: Platinum! (x32 Version: - Frontier)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Sins of a Solar Empire: Rebellion (x32 Version: - Ironclad Games)
Soda PDF 5 (x32 Version: 5.1.192.10803 - LULU Software Limited)
Space Hulk (x32 Version: - Full Control Studios)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
XXXXXX Beta (XXXXXX)
The Elder Scrolls V: Skyrim (x32 Version: - Bethesda Game Studios)
Towns (x32 Version: - Xavi Canal, Ben Palgi)
Unepic (x32 Version: - Francisco Téllez de Meneses)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Uplay (x32 Version: 3.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)
==================== Restore Points =========================
15-01-2014 18:15:49 Windows Update
16-01-2014 16:02:37 Installed Java 7 Update 51
17-01-2014 12:37:22 McAfee Vulnerability Scanner
17-01-2014 18:59:34 Removed Adobe Reader XI (11.0.05) - Deutsch.
17-01-2014 19:00:10 Removed Adobe Reader XI (11.0.05) - Deutsch.
19-01-2014 14:42:03 Installiert MFL-Pro Suite
19-01-2014 14:43:22 Gerätetreiber-Paketinstallation: Brother Drucker
19-01-2014 20:19:08 OpenOffice 4.0.1 wird installiert
21-01-2014 17:03:48 ComboFix created restore point
==================== Hosts content: ==========================
2009-07-14 03:34 - 2014-01-21 18:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {3F4D36BB-E5DB-4B5A-A007-9E66101F702C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-17] (Adobe Systems Incorporated)
Task: {6DABF1B5-DEA7-4B65-A5F0-0B71428530A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FD431FB4-4BB5-4723-99BF-FBEA8914B7A3} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3855468430-4198627689-2776709585-1001
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-08 21:33 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 21:33 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2013-12-12 23:04 - 00716800 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-01-23 17:47 - 2014-01-07 22:00 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-01-23 17:47 - 2013-12-12 23:04 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-01-23 17:47 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-01-23 17:47 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-01-23 17:47 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-02-13 03:38 - 2013-02-13 03:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-01-19 15:42 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-01-21 18:14:09.711
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-21 18:14:09.617
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 8191.05 MB
Available physical RAM: 5923.61 MB
Total Pagefile: 16380.27 MB
Available Pagefile: 14182.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:540.79 GB) (Free:343.53 GB) NTFS
Drive d: (iTunes) (Fixed) (Total:465.76 GB) (Free:345.44 GB) NTFS
Drive e: (MMORPG) (Fixed) (Total:390.62 GB) (Free:353.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 466 GB) (Disk ID: 21575639)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 33FCE583)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=541 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=391 GB) - (Type=07 NTFS)
==================== End Of Log ============================
XXXXXX -> unkenntlich gemacht da Beta-NDA
Folgendes hat McAfee nach heutigem Computerstart und vor der Ausführung der 3 von Dir angegebenen Programmen isoliert: Zitat:
$RN0L8TO.exe
Artemis! 495923CD184E
22.01.2014 17:37
Entdeckt
| |
AdwCleaner auf deinen Desktop.
FRST 32-Bit | FRST 64-Bit
TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
WARNUNG an die MITLESER: 
