Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win7: Firefox Addon HDStreamer vollständig löschen (https://www.trojaner-board.de/153433-win7-firefox-addon-hdstreamer-vollstaendig-loeschen.html)

NeedHelp08 04.05.2014 17:09
Win7: Firefox Addon HDStreamer vollständig löschen
 
Hallo liebe Community,

Ich habe mir irgendwie das Addon HDStreamer 1.1.4.0 eingefangen und es lässt sich mit herkömmlichen Mitteln nicht löschen. Mit herkömmlichen Mitteln meine ich, ein Klick auf Entfernen im Addon-Fenster von Firefox.

Ich würde mich sehr freuen, wenn ein Teammitglied einen Teil seiner Freizeit opfert, um mir beim Löschen dieses hartnäckigen Addons behilflich zu sein.

Vielen herzlichen Dank im Voraus
Viele Grüße
NH

schrauber 04.05.2014 17:35
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


NeedHelp08 04.05.2014 19:17
Hallo Schrauber...

Vielen Dank, hier sind die Logs.

Grüße und ein schönes Restwochenende

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-05-2014
Ran by Cena (administrator) on CENA-PC on 04-05-2014 18:58:44
Running from C:\Users\Cena\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(EnablerService) C:\Program Files (x86)\Addon Enabler\EnablerService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AppWork GmbH) C:\Users\Cena\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-05-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-28] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\54eeb805-77e3-450b-958f-11bfe29d1713.exe /check [181136 2014-05-03] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB53A02624DD5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HD Streamer - {E6062A33-016E-4BDA-A6F1-890D989F8656} - C:\Program Files (x86)\HD Streamer\ScriptHost64.dll (HD Streamer)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HD Streamer - {E6062A33-016E-4BDA-A6F1-890D989F8656} - C:\Program Files (x86)\HD Streamer\ScriptHost.dll (HD Streamer)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "64.34.14.28"
FF NetworkProxy: "backup.ftp_port", 7808
FF NetworkProxy: "backup.socks", "64.34.14.28"
FF NetworkProxy: "backup.socks_port", 7808
FF NetworkProxy: "backup.ssl", "64.34.14.28"
FF NetworkProxy: "backup.ssl_port", 7808
FF NetworkProxy: "ftp", "68.71.76.242"
FF NetworkProxy: "ftp_port", 8082
FF NetworkProxy: "http", "68.71.76.242"
FF NetworkProxy: "http_port", 8082
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "68.71.76.242"
FF NetworkProxy: "socks_port", 8082
FF NetworkProxy: "ssl", "68.71.76.242"
FF NetworkProxy: "ssl_port", 8082
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HD Streamer - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\hd_streamer@iMedia [2014-05-04]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\ich@maltegoetz.de [2013-12-19]
FF Extension: EPUBReader - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-03]
FF Extension: WOT - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: Check4Change - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\check4change-owner@mozdev.org.xpi [2014-03-03]
FF Extension: Adblock Plus - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-08]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-28] (AVAST Software)
R2 EnablerService; C:\Program Files (x86)\Addon Enabler\EnablerService.exe [623616 2014-04-13] (EnablerService)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-12-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-12-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-28] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-04 18:58 - 2014-05-04 18:58 - 00016919 _____ () C:\Users\Cena\Downloads\FRST.txt
2014-05-04 18:58 - 2014-05-04 18:58 - 00000000 ____D () C:\FRST
2014-05-04 18:57 - 2014-05-04 18:57 - 02062336 _____ (Farbar) C:\Users\Cena\Downloads\FRST64.exe
2014-05-04 18:18 - 2014-05-04 18:18 - 00000000 ____D () C:\Users\Cena\Downloads\RezeptefürdenBestenkuchen
2014-05-04 18:17 - 2014-05-04 18:17 - 00795792 _____ () C:\Users\Cena\Downloads\RezeptefürdenBestenkuchen.rar
2014-05-04 11:07 - 2014-05-04 11:07 - 00000000 ____D () C:\Users\Cena\Desktop\Matthias_Reim-Die_Leichtigkeit_Des_Seins-2CD-DE-2014-VOiCE
2014-05-03 21:28 - 2014-05-03 21:28 - 00000795 _____ () C:\Windows\setupact.log
2014-05-03 21:28 - 2014-05-03 21:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-03 19:36 - 2014-05-03 19:36 - 08761447 _____ () C:\Users\Cena\Downloads\01 They Dont Love You No More (feat..m4a
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\Users\Cena\AppData\Local\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-03 19:26 - 2014-05-03 19:26 - 00000877 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-03 19:20 - 2014-05-03 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 19:18 - 2014-05-03 19:18 - 00001942 _____ () C:\DelFix.txt
2014-05-03 18:58 - 2014-05-03 18:58 - 00000000 ____D () C:\Program Files (x86)\HD Streamer
2014-05-03 18:26 - 2014-05-03 18:41 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 18:26 - 2014-05-03 18:26 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-03 18:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-03 18:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-03 17:26 - 2014-05-03 19:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 20:19 - 2014-04-29 20:19 - 00000000 ____D () C:\Program Files (x86)\Addon Enabler
2014-04-29 09:23 - 2014-04-29 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-28 10:17 - 2014-04-28 10:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-28 10:17 - 2014-04-28 10:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-28 10:17 - 2014-04-28 10:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-26 19:31 - 2014-04-26 19:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 19:31 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-26 19:31 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-26 18:17 - 2014-04-26 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-23 12:44 - 2014-04-23 12:44 - 00000000 ____D () C:\Users\Cena\dwhelper
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-04-18 20:46 - 2014-04-18 21:03 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-04-18 20:46 - 2014-04-18 21:03 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-04-18 20:46 - 2014-04-18 20:46 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-04-18 20:46 - 2014-04-18 20:46 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-04-18 09:06 - 2014-03-08 06:54 - 17848832 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-18 09:06 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 09:06 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 09:06 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 09:06 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 09:06 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-18 09:06 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-18 09:06 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-18 09:06 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 09:06 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-18 09:06 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-18 09:06 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 09:06 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 09:06 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-18 09:06 - 2014-03-08 05:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-18 09:06 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-18 09:06 - 2014-03-08 01:51 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-18 09:06 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-18 09:06 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-18 09:06 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 09:06 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-18 09:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-18 09:06 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-18 09:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-18 09:06 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-18 09:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-18 09:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-18 09:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-18 09:06 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-18 09:06 - 2014-03-08 00:52 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-18 09:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-18 09:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-18 09:03 - 2014-04-18 09:03 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 09:03 - 2014-04-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 09:03 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 09:03 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 09:03 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 09:03 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 17:01 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 17:01 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 17:01 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 17:01 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 17:01 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 17:01 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 17:01 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 17:01 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 17:01 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 17:01 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 17:01 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 17:01 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 17:01 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-04 18:58 - 2014-05-04 18:58 - 00016919 _____ () C:\Users\Cena\Downloads\FRST.txt
2014-05-04 18:58 - 2014-05-04 18:58 - 00000000 ____D () C:\FRST
2014-05-04 18:57 - 2014-05-04 18:57 - 02062336 _____ (Farbar) C:\Users\Cena\Downloads\FRST64.exe
2014-05-04 18:54 - 2012-12-08 16:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-04 18:41 - 2014-03-28 10:08 - 00000000 ____D () C:\Users\Cena\AppData\Local\JDownloader 2.0
2014-05-04 18:29 - 2013-01-08 12:33 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-05-04 18:29 - 2012-12-08 09:55 - 01394471 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 18:18 - 2014-05-04 18:18 - 00000000 ____D () C:\Users\Cena\Downloads\RezeptefürdenBestenkuchen
2014-05-04 18:17 - 2014-05-04 18:17 - 00795792 _____ () C:\Users\Cena\Downloads\RezeptefürdenBestenkuchen.rar
2014-05-04 11:07 - 2014-05-04 11:07 - 00000000 ____D () C:\Users\Cena\Desktop\Matthias_Reim-Die_Leichtigkeit_Des_Seins-2CD-DE-2014-VOiCE
2014-05-04 11:06 - 2012-12-29 20:20 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\FileZilla
2014-05-03 21:29 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-03 21:29 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-03 21:29 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-03 21:28 - 2014-05-03 21:28 - 00000795 _____ () C:\Windows\setupact.log
2014-05-03 21:28 - 2014-05-03 21:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-03 19:36 - 2014-05-03 19:36 - 08761447 _____ () C:\Users\Cena\Downloads\01 They Dont Love You No More (feat..m4a
2014-05-03 19:30 - 2014-01-13 11:00 - 00000000 ____D () C:\Users\Cena\Downloads\fitness
2014-05-03 19:30 - 2013-03-06 14:09 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Notepad++
2014-05-03 19:29 - 2013-04-28 17:25 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\Users\Cena\AppData\Local\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-03 19:28 - 2013-04-28 17:25 - 00000000 ____D () C:\ProgramData\Skype
2014-05-03 19:28 - 2012-12-19 12:09 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-05-03 19:27 - 2013-03-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-05-03 19:27 - 2013-03-18 18:21 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-05-03 19:26 - 2014-05-03 19:26 - 00000877 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-03 19:24 - 2012-12-08 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-03 19:23 - 2012-12-08 15:33 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-03 19:22 - 2012-12-08 15:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-03 19:20 - 2014-05-03 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 19:18 - 2014-05-03 19:18 - 00001942 _____ () C:\DelFix.txt
2014-05-03 19:18 - 2014-05-03 17:26 - 00000000 ____D () C:\Windows\ERUNT
2014-05-03 19:05 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-03 19:05 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-03 18:58 - 2014-05-03 18:58 - 00000000 ____D () C:\Program Files (x86)\HD Streamer
2014-05-03 18:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 18:57 - 2012-12-21 13:52 - 00000000 ____D () C:\Users\Cena\.gimp-2.8
2014-05-03 18:41 - 2014-05-03 18:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 18:26 - 2014-05-03 18:26 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 18:04 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-29 20:19 - 2014-04-29 20:19 - 00000000 ____D () C:\Program Files (x86)\Addon Enabler
2014-04-29 15:00 - 2012-12-18 21:53 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Mp3tag
2014-04-29 09:55 - 2012-12-08 16:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 09:54 - 2012-12-08 16:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 09:54 - 2012-12-08 16:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 09:23 - 2014-04-29 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-29 09:23 - 2012-12-18 21:51 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-28 15:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-28 13:31 - 2013-10-23 19:21 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\vlc
2014-04-28 10:17 - 2014-04-28 10:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-28 10:17 - 2014-04-28 10:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-28 10:17 - 2014-04-28 10:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-28 10:17 - 2013-12-27 10:08 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-28 10:17 - 2013-03-05 17:30 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-28 10:17 - 2013-03-05 17:30 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-28 10:17 - 2012-12-08 15:31 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-26 19:31 - 2014-04-26 19:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 18:17 - 2014-04-26 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-25 13:58 - 2013-10-14 17:55 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-25 13:58 - 2013-05-14 10:45 - 00002006 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-04-25 13:58 - 2013-05-14 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-24 17:07 - 2013-03-18 18:21 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Winamp
2014-04-23 17:24 - 2012-12-19 12:10 - 00001953 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-04-23 17:24 - 2012-12-19 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-04-23 17:24 - 2012-12-19 12:10 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-04-23 17:24 - 2012-12-19 12:09 - 00000000 ____D () C:\Users\Cena\AppData\Local\Downloaded Installations
2014-04-23 12:44 - 2014-04-23 12:44 - 00000000 ____D () C:\Users\Cena\dwhelper
2014-04-23 12:44 - 2012-12-08 09:55 - 00000000 ____D () C:\Users\Cena
2014-04-18 21:49 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Cena\Desktop\858HDJES
2014-04-18 21:31 - 2013-11-14 17:41 - 00000000 ____D () C:\Users\Cena\AppData\Local\Adobe
2014-04-18 21:03 - 2014-04-18 20:46 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-04-18 21:03 - 2014-04-18 20:46 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-04-18 20:58 - 2012-12-08 16:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-04-18 20:46 - 2014-04-18 20:46 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-04-18 20:46 - 2014-04-18 20:46 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-04-18 09:11 - 2013-08-15 18:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-18 09:08 - 2012-12-16 19:24 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-18 09:05 - 2013-10-19 20:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 09:03 - 2014-04-18 09:03 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 09:03 - 2014-04-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 09:03 - 2014-03-28 10:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 16:53 - 2012-12-08 17:46 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-17 16:53 - 2012-12-08 17:46 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-14 20:13 - 2014-04-18 09:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 09:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 09:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 09:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 04:24 - 2014-04-26 19:31 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-26 19:31 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Cena\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 10:03

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Addition Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-05-2014
Ran by Cena at 2014-05-04 18:59:07
Running from C:\Users\Cena\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

3.3 (HKLM\...\Virtual Printer SDK Patch_is1) (Version:  - )
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_is1) (Version:  - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{EA5D1265-C23C-4410-B722-19314A654B13}) (Version: 0.9.14 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: 7.3.393 - Softland)
DVDFab 9.1.2.5 (22/01/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.)
Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 10.7.16.1_WHQL (HKLM\...\Elantech) (Version: 10.7.16.1 - ELAN Microelectronic Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.2.75.126 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.4.217 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
HD Streamer (HKLM-x32\...\HD Streamer) (Version: 1.1.5.0 - HD Streamer)
Infix PDF Editor Version 5.2.3.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.3.0 - Iceni Technology)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.8.0.0548 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software Driver (Version: 15.08.0000.0320 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.08.0000.0196 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
JabRef 2.9.2 (HKLM-x32\...\JabRef 2.9.2) (Version: 2.9.2 - JabRef Team)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MediaInfo 0.7.67 (HKLM\...\MediaInfo) (Version: 0.7.67 - MediaArea.net)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Room Arranger (HKLM-x32\...\Room Arranger) (Version: 7.2.7 - Jan Adamec)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.09 - Samsung Electronics Co., Ltd.)
Samsung ML-2950 Series (HKLM-x32\...\Samsung ML-2950 Series) (Version: 1.14 (08.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 24.1.75100 - Sonos, Inc.)
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Texmaker (HKLM-x32\...\Texmaker) (Version:  - )
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
XMedia Recode Version 3.1.6.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.6.9 - XMedia Recode)

==================== Restore Points  =========================

03-05-2014 17:18:29 Ende der Bereinigung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-02 15:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02D361B3-9DA3-455E-BCA0-4ADAA684E7C5} - \Plus-HD-9.3-codedownloader No Task File <==== ATTENTION
Task: {03B18264-03FF-4293-83AF-102C79F92E1F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {05588EB3-6274-4E62-9FC9-868CB3A3CBC4} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics)
Task: {2078003F-6F0D-44CD-9169-39536F2314A4} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2013-01-22] (Samsung Electronics CO., LTD.)
Task: {20E1703D-5BD2-49FA-B804-AE60AC101EA2} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.)
Task: {3D8C55D6-0140-4F49-ADAC-29DE168D9D81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {59DF0DEB-A37C-4642-AAA4-CF7FE55D630D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CB60D0A-1426-45EF-96DA-8859D35C9696} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {83789ED7-9537-4744-8FCE-0B85D99A86D4} - \Plus-HD-9.3-firefoxinstaller No Task File <==== ATTENTION
Task: {8449ADBC-CE3C-4923-9972-BAC97B9D1439} - \Plus-HD-9.3-enabler No Task File <==== ATTENTION
Task: {88D76921-E137-446B-8828-17D05D6F597B} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {95CAB01D-86E6-4753-9816-34F4401C2057} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC)
Task: {95F9981D-9B1D-488A-B76B-02A29D09CB9E} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.)
Task: {9B6C803C-EF24-4275-A5D0-0731DD968E64} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.)
Task: {AAADB195-5F45-437B-9B2E-781D5066657C} - \Plus-HD-9.3-updater No Task File <==== ATTENTION
Task: {ADAAF081-8CA0-45AF-A851-1B333D8ECEAC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-28] (AVAST Software)
Task: {C46BCF0B-485B-495E-9E0E-377B25C59F0B} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics)
Task: {D9BD0AFC-62E8-49D1-B823-8D292AC02937} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {E41468DB-966B-4099-ACA0-6713A5AB6BEB} - \Plus-HD-9.3-chromeinstaller No Task File <==== ATTENTION
Task: {E55DA3A3-2A2D-4402-9487-C1DF0CF7E56A} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.)
Task: {EF0072A7-633F-444A-93B7-B39643C18A5A} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.)
Task: {F0E9977B-8730-4938-8F9A-4ACCF859902D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-01-13] ()
Task: {FFC51EC1-AC47-4EF3-A3EF-9720BD9B565F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) =============

2014-03-05 11:44 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-11 14:26 - 2011-04-11 14:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2011-04-01 04:30 - 2011-04-01 04:30 - 00034304 _____ () C:\Windows\System32\ssk3mlm.dll
2011-11-24 01:06 - 2011-11-24 01:06 - 01061888 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\spd__du.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2010-12-17 19:13 - 2010-12-17 19:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-12-17 19:13 - 2010-12-17 19:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2012-12-08 17:46 - 2012-12-08 17:45 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-12-08 18:05 - 2012-02-13 16:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
2012-03-26 18:33 - 2012-12-08 16:49 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-05-04 08:46 - 2014-05-04 08:46 - 00566439 _____ () C:\Users\Cena\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2014-05-04 08:46 - 2014-05-04 08:46 - 04078962 _____ () C:\Users\Cena\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2012-03-26 19:08 - 2012-12-08 16:49 - 17226240 _____ () C:\Windows\system32\ig7icd64.dll
2012-03-23 07:35 - 2013-07-26 08:42 - 01372160 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssk3mdu.dll
2012-03-23 07:35 - 2013-07-26 08:42 - 01385472 _____ () C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\SSK3MUM.DLL
2014-05-04 16:51 - 2014-05-04 16:51 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14050400\algo.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-05 11:38 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-12-08 18:05 - 2011-02-17 02:03 - 00203776 _____ () C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
2013-10-21 18:29 - 2013-10-21 18:29 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-08 18:05 - 2006-08-12 13:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
2012-12-08 17:46 - 2012-12-08 17:45 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-05-03 19:20 - 2014-05-03 19:20 - 03845232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Cena^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: EPSON SX100 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE /FU "C:\Windows\TEMP\E_SF0E6.tmp" /EF "HKCU"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2014 09:36:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3026

Error: (05/04/2014 09:36:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3026

Error: (05/04/2014 09:36:59 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2014 09:36:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028

Error: (05/04/2014 09:36:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028

Error: (05/04/2014 09:36:58 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2014 09:36:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (05/04/2014 09:36:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (05/04/2014 09:36:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2014 04:37:55 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15912


System errors:
=============
Error: (05/03/2014 06:04:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/03/2014 06:02:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/03/2014 05:54:09 PM) (Source: Service Control Manager) (User: )
Description: Dienst "SamsungDeviceConfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/03/2014 05:51:40 PM) (Source: Service Control Manager) (User: )
Description: Dienst "SW Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/04/2014 09:36:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3026

Error: (05/04/2014 09:36:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3026

Error: (05/04/2014 09:36:59 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2014 09:36:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028

Error: (05/04/2014 09:36:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028

Error: (05/04/2014 09:36:58 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2014 09:36:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (05/04/2014 09:36:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (05/04/2014 09:36:57 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2014 04:37:55 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15912


CodeIntegrity Errors:
===================================
  Date: 2014-05-02 15:58:58.348
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-02 15:58:58.182
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-02 15:58:58.019
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-02 15:58:57.855
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-03 17:45:04.733
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-03 17:45:04.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 7973.54 MB
Available physical RAM: 5575.39 MB
Total Pagefile: 15945.25 MB
Available Pagefile: 13210.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:299.9 GB) (Free:235.52 GB) NTFS
Drive d: (Cache) (Fixed) (Total:7.46 GB) (Free:0.09 GB) NTFS
Drive e: (Daten) (Fixed) (Total:373.45 GB) (Free:202.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: FABDED4A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=373 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=25 GB) - (Type=27)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 05.05.2014 16:32
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

NeedHelp08 06.05.2014 14:43
Hallo...

Hier sind die Logs in der von dir gewünschten Reihenfolge.

Dankeschön

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 06.05.2014
Suchlauf-Zeit: 14:18:20
Logdatei: protokoll.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.06.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Cena

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 300963
Verstrichene Zeit: 23 Min, 46 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 60
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\CLSID\{CACBAC2D-FDC3-4608-A289-6F281F471B83}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CACBAC2D-FDC3-4608-A289-6F281F471B83}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\TYPELIB\{73BB74C6-8886-4245-BCDA-448137D75D42}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{73BB74C6-8886-4245-BCDA-448137D75D42}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\HD Streamer.Tool.1, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\HD Streamer.Tool, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.Tool, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.Tool.1, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\HD Streamer.ScriptHostObject.1, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\HD Streamer.ScriptHostObject, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.ScriptHostObject, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E6062A33-016E-4BDA-A6F1-890D989F8656}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E6062A33-016E-4BDA-A6F1-890D989F8656}, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.ScriptHostObject.1, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}\INPROCSERVER32, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3868E0C2-3E75-445F-B748-C97BB82300AC}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\TYPELIB\{6D697641-4C65-49F0-8CED-FE8180B5E37E}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6D697641-4C65-49F0-8CED-FE8180B5E37E}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\HD Streamer.Navbar.1, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\HD Streamer.Navbar, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.Navbar, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\HD Streamer.Navbar.1, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\CLSID\{3868E0C2-3E75-445F-B748-C97BB82300AC}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7ABCD91-74F6-45AD-968B-A45EB265072C}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{045F91B3-695F-423A-98C7-8DE3C47AA020}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{045F91B3-695F-423A-98C7-8DE3C47AA020}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1440EC3-F0FA-407A-B811-DE6668C06D29}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C815E3DA-0823-49B0-9270-D1771D58B317}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E4A994B0-5550-4680-A4C6-B9470B888069}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F9EB11AB-9384-4736-9B33-993940F88895}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7ABCD91-74F6-45AD-968B-A45EB265072C}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\CLASSES\TYPELIB\{5375FB9F-DF09-444B-9DC0-C6ED079C2577}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5375FB9F-DF09-444B-9DC0-C6ED079C2577}, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HD Streamer, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 5
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\skin, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],

Dateien: 54
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\ScriptHost64.dll, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\ScriptHost.dll, In Quarantäne, [728e37c9e41c8d73de3cef32659d956b],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\background.html, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\ButtonSite.dll, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\ButtonSite64.dll, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\128.png, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\16.ico, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\16.png, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\18.png, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\32.ico, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\32.png, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\48.png, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\AddonsFramework.Typelib.dll, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\AddonsFramework.Typelib64.dll, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\BackgroundHost.exe, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\BackgroundHost64.exe, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\bg.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\config.xml, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\content.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\jquery-1.9.1.min.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\json2.min.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\options.htm, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\settings.html, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\settings.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\settings_128.png, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\uninstall.exe, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\updater.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer, C:\Program Files (x86)\HD Streamer\updaterWrapper.js, In Quarantäne, [b0500df32cd40ef28a7a375454ae59a7],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome.manifest, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\icon.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\install.rdf, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\128.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\16.ico, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\16.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\18.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\32.ico, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\32.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\48.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\background.html, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\bg.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\button.xml, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\config.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\content.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\framework.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\framework.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\framework.xul, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\jquery-1.9.1.min.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\options.xul, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\settings.html, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\settings.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\settings.json, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\settings_128.png, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\content\subscriptloader.js, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],
PUP.Optional.HDStreamer.A, C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\extensions\hd_streamer@iMedia\chrome\skin\framework.css, In Quarantäne, [cb354cb4758b659b1ceab7b851b1d828],

Physische Sektoren: 0
(No malicious items detected)


(end)
AdwCleaner Logfile:
Code:
# AdwCleaner v3.207 - Bericht erstellt am 06/05/2014 um 14:29:57
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Cena - CENA-PC
# Gestartet von : C:\Users\Cena\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : EnablerService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Addon Enabler
Ordner Gelöscht : C:\Program Files (x86)\HD Streamer

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BBBE01ED-0F1E-44DB-88C1-5CC1AEE3B462}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4A994B0-5550-4680-A4C6-B9470B888069}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F9EB11AB-9384-4736-9B33-993940F88895}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6062A33-016E-4BDA-A6F1-890D989F8656}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD Streamer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\HD Streamer

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16545


-\\ Mozilla Firefox v29.0 (de)

[ Datei : C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\prefs.js ]


*************************

AdwCleaner[R0].txt - [5011 octets] - [06/05/2014 14:26:40]
AdwCleaner[S0].txt - [4860 octets] - [06/05/2014 14:29:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4920 octets] ##########
--- --- ---

[/CODE]

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Cena on 06.05.2014 at 14:33:53,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Cena\AppData\Roaming\mozilla\firefox\profiles\l96ctmzd.default-1381765439836\minidumps [6 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.05.2014 at 14:53:19,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und die FRST.txt


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Cena (administrator) on CENA-PC on 06-05-2014 14:54:44
Running from C:\Users\Cena\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Thisisu) C:\Users\Cena\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-05-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-28] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB53A02624DD5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "64.34.14.28"
FF NetworkProxy: "backup.ftp_port", 7808
FF NetworkProxy: "backup.socks", "64.34.14.28"
FF NetworkProxy: "backup.socks_port", 7808
FF NetworkProxy: "backup.ssl", "64.34.14.28"
FF NetworkProxy: "backup.ssl_port", 7808
FF NetworkProxy: "ftp", "68.71.76.242"
FF NetworkProxy: "ftp_port", 8082
FF NetworkProxy: "http", "68.71.76.242"
FF NetworkProxy: "http_port", 8082
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "68.71.76.242"
FF NetworkProxy: "socks_port", 8082
FF NetworkProxy: "ssl", "68.71.76.242"
FF NetworkProxy: "ssl_port", 8082
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HD Streamer - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\hd_streamer@iMedia [2014-05-06]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\ich@maltegoetz.de [2013-12-19]
FF Extension: EPUBReader - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-03]
FF Extension: WOT - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: Check4Change - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\check4change-owner@mozdev.org.xpi [2014-03-03]
FF Extension: Adblock Plus - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-08]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-28] (AVAST Software)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-12-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-12-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-28] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-06 14:54 - 2014-05-06 14:54 - 00000000 ____D () C:\Users\Cena\Downloads\FRST-OlderVersion
2014-05-06 14:53 - 2014-05-06 14:53 - 00000768 _____ () C:\Users\Cena\Desktop\JRT.txt
2014-05-06 14:32 - 2014-05-06 14:32 - 01016261 _____ (Thisisu) C:\Users\Cena\Downloads\JRT.exe
2014-05-06 14:26 - 2014-05-06 14:30 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:25 - 2014-05-06 14:25 - 01316991 _____ () C:\Users\Cena\Downloads\adwcleaner.exe
2014-05-06 14:23 - 2014-05-06 14:23 - 00020452 _____ () C:\Users\Cena\Downloads\mbam.txt
2014-05-06 14:19 - 2014-05-06 14:30 - 00019560 _____ () C:\Windows\PFRO.log
2014-05-05 23:23 - 2014-05-05 23:25 - 00000000 ____D () C:\Users\Cena\Desktop\musik
2014-05-05 12:54 - 2014-04-29 13:39 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-05 12:54 - 2014-04-29 13:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 12:54 - 2014-04-29 12:28 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 12:54 - 2014-04-29 12:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 11:51 - 2014-05-05 11:51 - 00001268 _____ () C:\Users\Public\Desktop\Nero Burning ROM.lnk
2014-05-05 11:50 - 2014-05-05 11:50 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-05 11:08 - 2014-05-05 11:08 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\30593
2014-05-05 11:00 - 2014-05-05 11:11 - 00000000 ____D () C:\Users\Cena\Documents\DVDFab9
2014-05-04 18:59 - 2014-05-04 18:59 - 00029105 _____ () C:\Users\Cena\Downloads\Addition.txt
2014-05-04 18:58 - 2014-05-06 14:54 - 00016313 _____ () C:\Users\Cena\Downloads\FRST.txt
2014-05-04 18:58 - 2014-05-06 14:54 - 00000000 ____D () C:\FRST
2014-05-04 18:57 - 2014-05-06 14:54 - 02063872 _____ (Farbar) C:\Users\Cena\Downloads\FRST64.exe
2014-05-04 11:07 - 2014-05-04 11:07 - 00000000 ____D () C:\Users\Cena\Desktop\Matthias_Reim-Die_Leichtigkeit_Des_Seins-2CD-DE-2014-VOiCE
2014-05-03 21:28 - 2014-05-06 14:30 - 00001299 _____ () C:\Windows\setupact.log
2014-05-03 21:28 - 2014-05-03 21:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-03 19:36 - 2014-05-03 19:36 - 08761447 _____ () C:\Users\Cena\Downloads\01 They Dont Love You No More (feat..m4a
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\Users\Cena\AppData\Local\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-03 19:26 - 2014-05-03 19:26 - 00000877 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-03 19:20 - 2014-05-03 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 19:18 - 2014-05-03 19:18 - 00001942 _____ () C:\DelFix.txt
2014-05-03 18:26 - 2014-05-06 14:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 18:26 - 2014-05-03 18:26 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-03 18:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-03 18:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-03 17:26 - 2014-05-03 19:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 09:23 - 2014-04-29 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-28 10:17 - 2014-04-28 10:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-28 10:17 - 2014-04-28 10:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-28 10:17 - 2014-04-28 10:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-26 19:31 - 2014-04-26 19:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 19:31 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-26 19:31 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-26 18:17 - 2014-04-26 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-23 12:44 - 2014-04-23 12:44 - 00000000 ____D () C:\Users\Cena\dwhelper
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-04-18 20:46 - 2014-04-18 21:03 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-04-18 20:46 - 2014-04-18 21:03 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-04-18 20:46 - 2014-04-18 20:46 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-04-18 20:46 - 2014-04-18 20:46 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-04-18 09:06 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 09:06 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 09:06 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 09:06 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 09:06 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-18 09:06 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-18 09:06 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-18 09:06 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 09:06 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-18 09:06 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-18 09:06 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 09:06 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 09:06 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-18 09:06 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-18 09:06 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-18 09:06 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-18 09:06 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 09:06 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-18 09:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-18 09:06 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-18 09:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-18 09:06 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-18 09:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-18 09:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-18 09:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-18 09:06 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-18 09:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-18 09:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-18 09:03 - 2014-04-18 09:03 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 09:03 - 2014-04-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 09:03 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 09:03 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 09:03 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 09:03 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 17:01 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 17:01 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 17:01 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 17:01 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 17:01 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 17:01 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 17:01 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 17:01 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 17:01 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 17:01 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 17:01 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 17:01 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 17:01 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-06 14:54 - 2014-05-06 14:54 - 00000000 ____D () C:\Users\Cena\Downloads\FRST-OlderVersion
2014-05-06 14:54 - 2014-05-04 18:58 - 00016313 _____ () C:\Users\Cena\Downloads\FRST.txt
2014-05-06 14:54 - 2014-05-04 18:58 - 00000000 ____D () C:\FRST
2014-05-06 14:54 - 2014-05-04 18:57 - 02063872 _____ (Farbar) C:\Users\Cena\Downloads\FRST64.exe
2014-05-06 14:54 - 2012-12-08 16:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-06 14:53 - 2014-05-06 14:53 - 00000768 _____ () C:\Users\Cena\Desktop\JRT.txt
2014-05-06 14:38 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 14:38 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 14:35 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-06 14:35 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-06 14:35 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 14:32 - 2014-05-06 14:32 - 01016261 _____ (Thisisu) C:\Users\Cena\Downloads\JRT.exe
2014-05-06 14:30 - 2014-05-06 14:26 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:30 - 2014-05-06 14:19 - 00019560 _____ () C:\Windows\PFRO.log
2014-05-06 14:30 - 2014-05-03 21:28 - 00001299 _____ () C:\Windows\setupact.log
2014-05-06 14:30 - 2012-12-08 09:55 - 01436382 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 14:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-06 14:25 - 2014-05-06 14:25 - 01316991 _____ () C:\Users\Cena\Downloads\adwcleaner.exe
2014-05-06 14:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 14:23 - 2014-05-06 14:23 - 00020452 _____ () C:\Users\Cena\Downloads\mbam.txt
2014-05-06 14:22 - 2014-05-03 18:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-06 14:19 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\CSC
2014-05-06 08:55 - 2013-01-08 12:33 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-05-05 23:25 - 2014-05-05 23:23 - 00000000 ____D () C:\Users\Cena\Desktop\musik
2014-05-05 23:21 - 2012-12-08 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-05 12:54 - 2014-03-28 10:08 - 00000000 ____D () C:\Users\Cena\AppData\Local\JDownloader 2.0
2014-05-05 11:51 - 2014-05-05 11:51 - 00001268 _____ () C:\Users\Public\Desktop\Nero Burning ROM.lnk
2014-05-05 11:51 - 2013-02-26 15:10 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Nero
2014-05-05 11:50 - 2014-05-05 11:50 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-05 11:13 - 2012-12-29 20:20 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\FileZilla
2014-05-05 11:11 - 2014-05-05 11:00 - 00000000 ____D () C:\Users\Cena\Documents\DVDFab9
2014-05-05 11:08 - 2014-05-05 11:08 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\30593
2014-05-05 11:00 - 2013-10-23 19:21 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\vlc
2014-05-04 18:59 - 2014-05-04 18:59 - 00029105 _____ () C:\Users\Cena\Downloads\Addition.txt
2014-05-04 11:07 - 2014-05-04 11:07 - 00000000 ____D () C:\Users\Cena\Desktop\Matthias_Reim-Die_Leichtigkeit_Des_Seins-2CD-DE-2014-VOiCE
2014-05-03 21:28 - 2014-05-03 21:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-03 19:36 - 2014-05-03 19:36 - 08761447 _____ () C:\Users\Cena\Downloads\01 They Dont Love You No More (feat..m4a
2014-05-03 19:30 - 2014-01-13 11:00 - 00000000 ____D () C:\Users\Cena\Downloads\fitness
2014-05-03 19:30 - 2013-03-06 14:09 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Notepad++
2014-05-03 19:29 - 2013-04-28 17:25 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\Users\Cena\AppData\Local\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-03 19:28 - 2013-04-28 17:25 - 00000000 ____D () C:\ProgramData\Skype
2014-05-03 19:28 - 2012-12-19 12:09 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-05-03 19:27 - 2013-03-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-05-03 19:27 - 2013-03-18 18:21 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-05-03 19:26 - 2014-05-03 19:26 - 00000877 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-05-03 19:23 - 2012-12-08 15:33 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-03 19:22 - 2012-12-08 15:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-03 19:20 - 2014-05-03 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 19:18 - 2014-05-03 19:18 - 00001942 _____ () C:\DelFix.txt
2014-05-03 19:18 - 2014-05-03 17:26 - 00000000 ____D () C:\Windows\ERUNT
2014-05-03 18:57 - 2012-12-21 13:52 - 00000000 ____D () C:\Users\Cena\.gimp-2.8
2014-05-03 18:26 - 2014-05-03 18:26 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 18:04 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-29 15:00 - 2012-12-18 21:53 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Mp3tag
2014-04-29 13:39 - 2014-05-05 12:54 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 13:15 - 2014-05-05 12:54 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 12:28 - 2014-05-05 12:54 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 12:07 - 2014-05-05 12:54 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 09:55 - 2012-12-08 16:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 09:54 - 2012-12-08 16:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 09:54 - 2012-12-08 16:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 09:23 - 2014-04-29 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-29 09:23 - 2012-12-18 21:51 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-28 15:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-28 10:17 - 2014-04-28 10:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-28 10:17 - 2014-04-28 10:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-28 10:17 - 2014-04-28 10:17 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-28 10:17 - 2013-12-27 10:08 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-28 10:17 - 2013-03-05 17:30 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-28 10:17 - 2013-03-05 17:30 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-28 10:17 - 2012-12-08 15:31 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-26 19:31 - 2014-04-26 19:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 18:17 - 2014-04-26 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-25 13:58 - 2013-10-14 17:55 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-25 13:58 - 2013-05-14 10:45 - 00002006 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-04-25 13:58 - 2013-05-14 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-24 17:07 - 2013-03-18 18:21 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Winamp
2014-04-23 17:24 - 2012-12-19 12:10 - 00001953 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-04-23 17:24 - 2012-12-19 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-04-23 17:24 - 2012-12-19 12:10 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-04-23 17:24 - 2012-12-19 12:09 - 00000000 ____D () C:\Users\Cena\AppData\Local\Downloaded Installations
2014-04-23 12:44 - 2014-04-23 12:44 - 00000000 ____D () C:\Users\Cena\dwhelper
2014-04-23 12:44 - 2012-12-08 09:55 - 00000000 ____D () C:\Users\Cena
2014-04-18 21:49 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Cena\Desktop\858HDJES
2014-04-18 21:31 - 2013-11-14 17:41 - 00000000 ____D () C:\Users\Cena\AppData\Local\Adobe
2014-04-18 21:03 - 2014-04-18 20:46 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-04-18 21:03 - 2014-04-18 20:46 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-04-18 20:58 - 2012-12-08 16:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-04-18 20:46 - 2014-04-18 20:46 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-04-18 20:46 - 2014-04-18 20:46 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-04-18 09:11 - 2013-08-15 18:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-18 09:08 - 2012-12-16 19:24 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-18 09:05 - 2013-10-19 20:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 09:03 - 2014-04-18 09:03 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 09:03 - 2014-04-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 09:03 - 2014-03-28 10:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 16:53 - 2012-12-08 17:46 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-17 16:53 - 2012-12-08 17:46 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-14 20:13 - 2014-04-18 09:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 09:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 09:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 09:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 04:24 - 2014-04-26 19:31 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-26 19:31 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Cena\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Cena\AppData\Local\Temp\Quarantine.exe
C:\Users\Cena\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 10:03

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 07.05.2014 08:57

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

NeedHelp08 07.05.2014 11:48
Hallo Schrauber

Das hartnäckige Addon ist nun verschwunden. Vielen herzlichen Dank. Vollständigkeitshalber hier noch die letzten von dir gewünschten Logs.

Code:
ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=648c9efb14766e44a55a5161234d7bcb
# engine=18165
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-07 10:11:05
# local_time=2014-05-07 12:11:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 76 769704 784420 0 0
# compatibility_mode=5893 16776573 100 94 170171 151087315 0 0
# scanned=246087
# found=0
# cleaned=0
# scan_time=4256
Beim Ausführen von SecurityCheck wurde das Programm geschlossen, nachdem die Meldung UNSUPPORTED OPERATING SYSTEM! ABORTED! angezeigt wurde. Daher gibt es hierfür keine Log.


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014
Ran by Cena (administrator) on CENA-PC on 07-05-2014 12:21:33
Running from C:\Users\Cena\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AppWork GmbH) C:\Users\Cena\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-05-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-28] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs:  C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB53A02624DD5CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Samsung BHO Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836
FF Homepage: about:home
FF NetworkProxy: "backup.ftp", "64.34.14.28"
FF NetworkProxy: "backup.ftp_port", 7808
FF NetworkProxy: "backup.socks", "64.34.14.28"
FF NetworkProxy: "backup.socks_port", 7808
FF NetworkProxy: "backup.ssl", "64.34.14.28"
FF NetworkProxy: "backup.ssl_port", 7808
FF NetworkProxy: "ftp", "68.71.76.242"
FF NetworkProxy: "ftp_port", 8082
FF NetworkProxy: "http", "68.71.76.242"
FF NetworkProxy: "http_port", 8082
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "68.71.76.242"
FF NetworkProxy: "socks_port", 8082
FF NetworkProxy: "ssl", "68.71.76.242"
FF NetworkProxy: "ssl_port", 8082
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\ich@maltegoetz.de [2013-12-19]
FF Extension: EPUBReader - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-03]
FF Extension: WOT - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: DownloadHelper - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: Check4Change - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\check4change-owner@mozdev.org.xpi [2014-03-03]
FF Extension: Adblock Plus - C:\Users\Cena\AppData\Roaming\Mozilla\Firefox\Profiles\l96ctmzd.default-1381765439836\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-12-08]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-28] (AVAST Software)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-12-08] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-12-08] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-05-08] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3385584 2013-05-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-28] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 12:21 - 2014-05-07 12:21 - 00016333 _____ () C:\Users\Cena\Downloads\FRST.txt
2014-05-07 12:15 - 2014-05-07 12:15 - 00855379 _____ () C:\Users\Cena\Downloads\SecurityCheck.exe
2014-05-06 14:32 - 2014-05-06 14:32 - 01016261 _____ (Thisisu) C:\Users\Cena\Downloads\JRT.exe
2014-05-06 14:26 - 2014-05-06 14:30 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:25 - 2014-05-06 14:25 - 01316991 _____ () C:\Users\Cena\Downloads\adwcleaner.exe
2014-05-06 14:19 - 2014-05-06 14:30 - 00019560 _____ () C:\Windows\PFRO.log
2014-05-05 23:23 - 2014-05-05 23:25 - 00000000 ____D () C:\Users\Cena\Desktop\musik
2014-05-05 12:54 - 2014-04-29 13:39 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-05 12:54 - 2014-04-29 13:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-05 12:54 - 2014-04-29 12:28 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 12:54 - 2014-04-29 12:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 11:50 - 2014-05-05 11:50 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-05 11:08 - 2014-05-05 11:08 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\30593
2014-05-04 18:58 - 2014-05-07 12:21 - 00000000 ____D () C:\FRST
2014-05-04 18:57 - 2014-05-06 14:54 - 02063872 _____ (Farbar) C:\Users\Cena\Downloads\FRST64.exe
2014-05-04 11:07 - 2014-05-04 11:07 - 00000000 ____D () C:\Users\Cena\Desktop\Matthias_Reim-Die_Leichtigkeit_Des_Seins-2CD-DE-2014-VOiCE
2014-05-03 21:28 - 2014-05-06 14:30 - 00001299 _____ () C:\Windows\setupact.log
2014-05-03 21:28 - 2014-05-03 21:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-03 19:36 - 2014-05-03 19:36 - 08761447 _____ () C:\Users\Cena\Downloads\01 They Dont Love You No More (feat..m4a
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\Users\Cena\AppData\Local\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-03 19:20 - 2014-05-03 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 19:18 - 2014-05-03 19:18 - 00001942 _____ () C:\DelFix.txt
2014-05-03 18:26 - 2014-05-06 14:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-03 18:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-03 18:26 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-03 17:26 - 2014-05-03 19:18 - 00000000 ____D () C:\Windows\ERUNT
2014-04-29 09:23 - 2014-04-29 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-28 10:17 - 2014-04-28 10:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-28 10:17 - 2014-04-28 10:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-26 19:31 - 2014-04-26 19:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 19:31 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-26 19:31 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-26 18:17 - 2014-04-26 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-23 12:44 - 2014-04-23 12:44 - 00000000 ____D () C:\Users\Cena\dwhelper
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-04-18 20:46 - 2014-04-18 21:03 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-04-18 20:46 - 2014-04-18 21:03 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-04-18 20:46 - 2014-04-18 20:46 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-04-18 20:46 - 2014-04-18 20:46 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-04-18 09:06 - 2014-03-08 06:06 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-18 09:06 - 2014-03-08 05:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-18 09:06 - 2014-03-08 05:41 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-18 09:06 - 2014-03-08 05:40 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-18 09:06 - 2014-03-08 05:39 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-18 09:06 - 2014-03-08 05:38 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-18 09:06 - 2014-03-08 05:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-18 09:06 - 2014-03-08 05:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-18 09:06 - 2014-03-08 05:34 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-18 09:06 - 2014-03-08 05:33 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-18 09:06 - 2014-03-08 05:32 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-18 09:06 - 2014-03-08 05:32 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-18 09:06 - 2014-03-08 05:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-18 09:06 - 2014-03-08 05:24 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-18 09:06 - 2014-03-08 01:20 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-18 09:06 - 2014-03-08 01:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-18 09:06 - 2014-03-08 01:03 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 09:06 - 2014-03-08 01:02 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-18 09:06 - 2014-03-08 01:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-18 09:06 - 2014-03-08 01:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-18 09:06 - 2014-03-08 00:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-18 09:06 - 2014-03-08 00:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-18 09:06 - 2014-03-08 00:57 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-18 09:06 - 2014-03-08 00:56 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-18 09:06 - 2014-03-08 00:54 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-18 09:06 - 2014-03-08 00:53 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-18 09:06 - 2014-03-08 00:52 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-18 09:06 - 2014-03-08 00:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-18 09:03 - 2014-04-18 09:03 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 09:03 - 2014-04-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 09:03 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-18 09:03 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-18 09:03 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-18 09:03 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 17:01 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-17 17:01 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-17 17:01 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-17 17:01 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-17 17:01 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-17 17:01 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-17 17:01 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-17 17:01 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-17 17:01 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-17 17:01 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-17 17:01 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-17 17:01 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-17 17:01 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-17 17:01 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-07 12:21 - 2014-05-07 12:21 - 00016333 _____ () C:\Users\Cena\Downloads\FRST.txt
2014-05-07 12:21 - 2014-05-04 18:58 - 00000000 ____D () C:\FRST
2014-05-07 12:15 - 2014-05-07 12:15 - 00855379 _____ () C:\Users\Cena\Downloads\SecurityCheck.exe
2014-05-07 11:54 - 2012-12-08 16:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 11:41 - 2012-12-08 09:55 - 01564764 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 20:01 - 2012-12-29 20:20 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\FileZilla
2014-05-06 19:06 - 2014-03-28 10:08 - 00000000 ____D () C:\Users\Cena\AppData\Local\JDownloader 2.0
2014-05-06 14:54 - 2014-05-04 18:57 - 02063872 _____ (Farbar) C:\Users\Cena\Downloads\FRST64.exe
2014-05-06 14:38 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-06 14:38 - 2009-07-14 06:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-06 14:35 - 2011-04-12 09:43 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-06 14:35 - 2011-04-12 09:43 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-06 14:35 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 14:32 - 2014-05-06 14:32 - 01016261 _____ (Thisisu) C:\Users\Cena\Downloads\JRT.exe
2014-05-06 14:30 - 2014-05-06 14:26 - 00000000 ____D () C:\AdwCleaner
2014-05-06 14:30 - 2014-05-06 14:19 - 00019560 _____ () C:\Windows\PFRO.log
2014-05-06 14:30 - 2014-05-03 21:28 - 00001299 _____ () C:\Windows\setupact.log
2014-05-06 14:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-06 14:25 - 2014-05-06 14:25 - 01316991 _____ () C:\Users\Cena\Downloads\adwcleaner.exe
2014-05-06 14:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-06 14:22 - 2014-05-03 18:26 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-06 14:19 - 2011-04-12 09:55 - 00000000 ____D () C:\Windows\CSC
2014-05-06 08:55 - 2013-01-08 12:33 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-05-05 23:25 - 2014-05-05 23:23 - 00000000 ____D () C:\Users\Cena\Desktop\musik
2014-05-05 23:21 - 2012-12-08 16:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-05 11:51 - 2013-02-26 15:10 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Nero
2014-05-05 11:50 - 2014-05-05 11:50 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-05-05 11:08 - 2014-05-05 11:08 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\30593
2014-05-05 11:00 - 2013-10-23 19:21 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\vlc
2014-05-04 11:07 - 2014-05-04 11:07 - 00000000 ____D () C:\Users\Cena\Desktop\Matthias_Reim-Die_Leichtigkeit_Des_Seins-2CD-DE-2014-VOiCE
2014-05-03 21:28 - 2014-05-03 21:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-03 19:36 - 2014-05-03 19:36 - 08761447 _____ () C:\Users\Cena\Downloads\01 They Dont Love You No More (feat..m4a
2014-05-03 19:30 - 2014-01-13 11:00 - 00000000 ____D () C:\Users\Cena\Downloads\fitness
2014-05-03 19:30 - 2013-03-06 14:09 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Notepad++
2014-05-03 19:29 - 2013-04-28 17:25 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\Users\Cena\AppData\Local\Skype
2014-05-03 19:28 - 2014-05-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-03 19:28 - 2013-04-28 17:25 - 00000000 ____D () C:\ProgramData\Skype
2014-05-03 19:28 - 2012-12-19 12:09 - 00000000 ____D () C:\ProgramData\Sonos,_Inc
2014-05-03 19:27 - 2013-03-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-05-03 19:27 - 2013-03-18 18:21 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-05-03 19:23 - 2012-12-08 15:33 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-05-03 19:22 - 2012-12-08 15:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-05-03 19:20 - 2014-05-03 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 19:18 - 2014-05-03 19:18 - 00001942 _____ () C:\DelFix.txt
2014-05-03 19:18 - 2014-05-03 17:26 - 00000000 ____D () C:\Windows\ERUNT
2014-05-03 18:57 - 2012-12-21 13:52 - 00000000 ____D () C:\Users\Cena\.gimp-2.8
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-03 18:26 - 2014-05-03 18:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-03 18:04 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-29 15:00 - 2012-12-18 21:53 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Mp3tag
2014-04-29 13:39 - 2014-05-05 12:54 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 13:15 - 2014-05-05 12:54 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 12:28 - 2014-05-05 12:54 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 12:07 - 2014-05-05 12:54 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 09:55 - 2012-12-08 16:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 09:54 - 2012-12-08 16:13 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 09:54 - 2012-12-08 16:13 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 09:23 - 2014-04-29 09:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-29 09:23 - 2012-12-18 21:51 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-28 15:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-28 10:17 - 2014-04-28 10:17 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-28 10:17 - 2014-04-28 10:17 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-28 10:17 - 2013-12-27 10:08 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-28 10:17 - 2013-03-05 17:30 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-28 10:17 - 2013-03-05 17:30 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-28 10:17 - 2012-12-08 15:31 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-28 10:17 - 2012-12-08 15:31 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-26 19:31 - 2014-04-26 19:31 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-26 18:17 - 2014-04-26 18:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-04-25 13:58 - 2013-10-14 17:55 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-25 13:58 - 2013-05-14 10:45 - 00002006 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-04-25 13:58 - 2013-05-14 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-24 17:07 - 2013-03-18 18:21 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Winamp
2014-04-23 17:24 - 2012-12-19 12:10 - 00001953 _____ () C:\Users\Public\Desktop\Sonos.lnk
2014-04-23 17:24 - 2012-12-19 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonos
2014-04-23 17:24 - 2012-12-19 12:10 - 00000000 ____D () C:\Program Files (x86)\Sonos
2014-04-23 17:24 - 2012-12-19 12:09 - 00000000 ____D () C:\Users\Cena\AppData\Local\Downloaded Installations
2014-04-23 12:44 - 2014-04-23 12:44 - 00000000 ____D () C:\Users\Cena\dwhelper
2014-04-23 12:44 - 2012-12-08 09:55 - 00000000 ____D () C:\Users\Cena
2014-04-18 21:49 - 2014-03-29 08:53 - 00000000 ____D () C:\Users\Cena\Desktop\858HDJES
2014-04-18 21:31 - 2013-11-14 17:41 - 00000000 ____D () C:\Users\Cena\AppData\Local\Adobe
2014-04-18 21:03 - 2014-04-18 20:46 - 00000000 ____D () C:\Users\Cena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
2014-04-18 21:03 - 2014-04-18 20:46 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2014-04-18 20:58 - 2012-12-08 16:05 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-04-18 20:51 - 2014-04-18 20:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-04-18 20:46 - 2014-04-18 20:46 - 00027760 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggsemc.sys
2014-04-18 20:46 - 2014-04-18 20:46 - 00014448 _____ (Sony Ericsson Mobile Communications) C:\Windows\system32\Drivers\ggflt.sys
2014-04-18 09:11 - 2013-08-15 18:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-18 09:08 - 2012-12-16 19:24 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-18 09:05 - 2013-10-19 20:16 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-18 09:03 - 2014-04-18 09:03 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-18 09:03 - 2014-04-18 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-18 09:03 - 2014-03-28 10:33 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 16:53 - 2012-12-08 17:46 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-04-17 16:53 - 2012-12-08 17:46 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-04-14 20:13 - 2014-04-18 09:03 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-18 09:03 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-18 09:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-18 09:03 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 04:24 - 2014-04-26 19:31 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-26 19:31 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Cena\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Cena\AppData\Local\Temp\Quarantine.exe
C:\Users\Cena\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 10:03

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 08.05.2014 08:20
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 17:31 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19