| mrmister | 14.08.2014 20:38 |
Vielen Dank erstmal, für die zeitnahe Hilfe!
Hier die gewünschten Logfiles in der o.g. Reihenfolge: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 14.08.2014
Suchlauf-Zeit: 20:48:50
Logdatei: mbm.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.14.09
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Oliver
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 331244
Verstrichene Zeit: 5 Min, 33 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 4
Trojan.BHO, HKU\S-1-5-21-956886985-2695973545-304803630-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [463b2f97017a78beaf8585fba75b07f9],
Trojan.BHO, HKU\S-1-5-21-956886985-2695973545-304803630-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB}, In Quarantäne, [463b2f97017a78beaf8585fba75b07f9],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [b4cd92345c1fc07684df4d21c9397d83],
PUP.Optional.MBot.A, HKLM\SOFTWARE\MYBESTOFFERSTODAY, In Quarantäne, [d8a9b70f1b60270f74d37e5e788a09f7],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 3
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config, In Quarantäne, [add443831863f83e326ab132c63caf51],
PUP.Optional.Fabulous.Discounts.T, C:\Users\Oliver\AppData\Local\fabulous_08101004, In Quarantäne, [156c972f641776c0d7eaf9d79969639d],
PUP.Optional.GenesisOffers, C:\Users\Oliver\AppData\Local\Genesis_08101016, In Quarantäne, [1f628640e5961026f2c4ba1fdf235fa1],
Dateien: 2
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\ver.xml, In Quarantäne, [add443831863f83e326ab132c63caf51],
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\uninstinethnfd.exe, In Quarantäne, [add443831863f83e326ab132c63caf51],
Physische Sektoren: 0
(No malicious items detected)
(end)
Code:
# AdwCleaner v3.305 - Bericht erstellt am 14/08/2014 um 21:09:49
# Aktualisiert 14/08/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : Oliver - OLIVER-PC
# Gestartet von : C:\Users\Oliver\Desktop\adwcleaner_3.305.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\prefs.js ]
[ Datei : C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\so6lk7hb.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [39501 octets] - [13/11/2013 18:28:19]
AdwCleaner[R1].txt - [1205 octets] - [14/08/2014 21:09:04]
AdwCleaner[S0].txt - [38056 octets] - [13/11/2013 18:28:47]
AdwCleaner[S1].txt - [1126 octets] - [14/08/2014 21:09:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1186 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Oliver on 14.08.2014 at 21:23:12,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Oliver\AppData\Roaming\mozilla\firefox\profiles\cfg85hsu.default-1402174875213\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.08.2014 at 21:28:42,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014
Ran by Oliver (administrator) on OLIVER-PC on 14-08-2014 21:30:55
Running from C:\Users\Oliver\Desktop\Virus\FRST
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
() C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Oliver\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Realtek) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor Corp.) C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtWLan.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-10] (Microsoft Corporation)
Startup: C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Download videos and MP3s from YouTube - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} [2014-08-09]
FF Extension: PDF Updater Free - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\Extensions\{c5518a8b-51fa-437a-9f4d-34a5beb015eb}.xpi [2014-07-20]
FF Extension: Adblock Plus - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-07]
FF Extension: {d3d8eb04-2a7c-4d14-84b4-f701af9beb83} - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\Extensions\{d3d8eb04-2a7c-4d14-84b4-f701af9beb83}.xpi [2014-07-17]
FF Extension: Fox!Box - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\cfg85hsu.default-1402174875213\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-08-10]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-03-02]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2014-08-09]
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-04-02] () [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Realtek11nSU; C:\Program Files\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2007-12-17] ()
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-14] (Atheros Communications, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-08-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-06-20] (Duplex Secure Ltd.)
S3 catchme; \??\C:\Users\Oliver\AppData\Local\Temp\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 21:28 - 2014-08-14 21:28 - 00000768 _____ () C:\Users\Oliver\Desktop\JRT.txt
2014-08-14 21:28 - 2014-08-14 21:28 - 00000768 _____ () C:\Users\Oliver\Desktop\JRT.txe.txt
2014-08-14 21:17 - 2014-08-14 21:17 - 00001266 _____ () C:\Users\Oliver\Desktop\AdwCleaner[S1].txt
2014-08-14 21:06 - 2014-08-14 21:06 - 00002527 _____ () C:\Users\Oliver\Desktop\mbam.txt.txt
2014-08-14 20:47 - 2014-08-14 21:20 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-14 20:47 - 2014-08-14 20:47 - 01356107 _____ () C:\Users\Oliver\Desktop\adwcleaner_3.305.exe
2014-08-14 20:47 - 2014-08-14 20:47 - 01016261 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT.exe
2014-08-14 20:45 - 2014-08-14 20:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Oliver\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-14 20:45 - 2014-08-14 20:45 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-14 20:45 - 2014-08-14 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-14 20:45 - 2014-08-14 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-14 20:45 - 2014-08-14 20:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-14 20:45 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-14 20:45 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-14 20:45 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-13 21:48 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 21:48 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 21:48 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 21:48 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 19:32 - 2014-08-13 19:32 - 00019705 _____ () C:\ComboFix.txt
2014-08-13 19:14 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-13 19:14 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-13 19:14 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-13 19:14 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-13 19:14 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-13 19:14 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-13 19:14 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-13 19:14 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-13 19:12 - 2014-08-13 19:12 - 05569662 ____R (Swearware) C:\Users\Oliver\Desktop\ComboFix.exe
2014-08-13 19:06 - 2014-08-13 19:32 - 00000000 ____D () C:\Qoobox
2014-08-13 19:06 - 2014-08-13 19:31 - 00000000 ____D () C:\Windows\erdnt
2014-08-13 17:31 - 2014-08-13 17:31 - 00000176 _____ () C:\Users\Oliver\defogger_reenable
2014-08-13 17:07 - 2014-08-13 17:07 - 00144584 _____ () C:\Windows\Minidump\081314-16676-01.dmp
2014-08-13 17:00 - 2014-08-14 21:30 - 00000000 ____D () C:\FRST
2014-08-13 16:59 - 2014-08-13 19:33 - 00000000 ____D () C:\Users\Oliver\Desktop\Virus
2014-08-12 18:32 - 2014-08-12 18:32 - 00000000 ____D () C:\Program Files\ESET
2014-08-12 18:26 - 2014-08-12 18:26 - 00000000 ____D () C:\Windows\ERUNT
2014-08-10 12:59 - 2014-08-12 17:57 - 00000000 ____D () C:\Windows\AutoKMS
2014-08-09 20:29 - 2014-08-09 20:38 - 238945732 _____ () C:\Users\Oliver\Desktop\PLANET E_ ABENTEUER - MALLORCA, TEIL 1.avi
2014-08-09 20:19 - 2014-08-09 20:29 - 230164014 _____ () C:\Users\Oliver\Desktop\PLANET E_ ABENTEUER - MALLORCA, TEIL 2.avi
2014-08-09 18:33 - 2014-08-10 11:09 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Skype
2014-08-09 18:33 - 2014-08-10 11:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-09 18:33 - 2014-08-09 18:33 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Skype
2014-08-09 18:32 - 2014-08-09 18:32 - 00002176 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-08-08 20:27 - 2014-08-08 20:27 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-07 17:39 - 2014-08-07 17:39 - 00367576 _____ () C:\Windows\Minidump\080714-19905-01.dmp
2014-07-31 21:40 - 2014-07-31 21:40 - 00367568 _____ () C:\Windows\Minidump\073114-20872-01.dmp
2014-07-29 21:49 - 2014-07-29 21:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-19 21:20 - 2014-07-20 12:24 - 00000000 ____D () C:\Users\Oliver\Desktop\Urlaub
2014-07-17 22:13 - 2014-07-17 22:15 - 00000000 ____D () C:\Users\Oliver\Desktop\backup
2014-07-17 22:13 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\Desktop\converted
2014-07-17 22:13 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1______
2014-07-17 22:13 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e___
2014-07-17 22:05 - 2014-07-17 22:05 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e__
2014-07-17 22:04 - 2014-07-17 22:04 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1_____
2014-07-17 22:02 - 2014-07-17 22:02 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1____
2014-07-17 21:34 - 2014-07-17 21:34 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e_
2014-07-17 21:32 - 2014-07-17 21:32 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1___
2014-07-17 21:31 - 2014-07-17 22:15 - 00000223 _____ () C:\Users\Oliver\Desktop\WhatsAppMigrator.conf
2014-07-17 21:30 - 2014-07-17 21:30 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1__
2014-07-17 21:03 - 2014-07-17 21:03 - 00371736 _____ () C:\Windows\Minidump\071714-27690-01.dmp
2014-07-17 20:49 - 2014-07-17 20:49 - 00002013 _____ () C:\Users\Oliver\Desktop\iDevice Manager.lnk
2014-07-17 20:49 - 2014-07-17 20:49 - 00000000 ____D () C:\Users\Oliver\AppData\Local\IsolatedStorage
2014-07-17 20:49 - 2014-07-17 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2014-07-17 20:49 - 2014-07-17 20:49 - 00000000 ____D () C:\Program Files\iDevice Manager
2014-07-17 20:47 - 2014-07-17 20:47 - 00961360 _____ (Chip Digital GmbH) C:\Users\Oliver\Desktop\iDevice Manager iPhone Explorer - CHIP-Installer.exe
2014-07-17 20:34 - 2014-07-17 20:42 - 00000000 ____D () C:\Users\Oliver\AppData\Local\pangu
2014-07-17 20:33 - 2014-07-17 20:34 - 35956160 _____ () C:\Users\Oliver\Desktop\Pangu_v1.1.exe
2014-07-17 20:23 - 2014-07-17 20:23 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-17 20:23 - 2014-07-17 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-17 20:22 - 2014-07-17 20:23 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-17 20:22 - 2014-07-17 20:23 - 00000000 ____D () C:\Program Files\iTunes
2014-07-17 20:22 - 2014-07-17 20:22 - 00000000 ____D () C:\Program Files\iPod
2014-07-17 19:27 - 2014-07-17 22:12 - 00000000 ____D () C:\Users\Oliver\Desktop\Whatsapp
2014-07-17 19:24 - 2014-07-19 19:22 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\GHISLER
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1_
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempd60233d1130df8bd03cd6d2e3c2fc7d1
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Temp82152e590ca5570bb7bf75cfa8125e90
2014-07-17 19:18 - 2014-07-17 22:16 - 00004078 _____ () C:\Users\Oliver\Desktop\WhatsAppMigrator.log
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\Oliver\ChromeExtensions
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 21:30 - 2014-08-13 17:00 - 00000000 ____D () C:\FRST
2014-08-14 21:28 - 2014-08-14 21:28 - 00000768 _____ () C:\Users\Oliver\Desktop\JRT.txt
2014-08-14 21:28 - 2014-08-14 21:28 - 00000768 _____ () C:\Users\Oliver\Desktop\JRT.txe.txt
2014-08-14 21:26 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-14 21:26 - 2009-07-14 06:34 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-14 21:22 - 2014-02-08 18:59 - 01264732 _____ () C:\Windows\WindowsUpdate.log
2014-08-14 21:20 - 2014-08-14 20:47 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-14 21:20 - 2014-02-08 21:00 - 00000000 ___RD () C:\Users\Oliver\Dropbox
2014-08-14 21:20 - 2014-02-08 20:57 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Dropbox
2014-08-14 21:19 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-14 21:19 - 2009-07-14 06:39 - 00047864 _____ () C:\Windows\setupact.log
2014-08-14 21:17 - 2014-08-14 21:17 - 00001266 _____ () C:\Users\Oliver\Desktop\AdwCleaner[S1].txt
2014-08-14 21:16 - 2014-02-10 20:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-14 21:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-08-14 21:10 - 2014-02-09 11:38 - 00026024 _____ () C:\Windows\PFRO.log
2014-08-14 21:09 - 2013-11-13 18:28 - 00000000 ____D () C:\AdwCleaner
2014-08-14 21:06 - 2014-08-14 21:06 - 00002527 _____ () C:\Users\Oliver\Desktop\mbam.txt.txt
2014-08-14 20:56 - 2009-07-14 10:56 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-08-14 20:47 - 2014-08-14 20:47 - 01356107 _____ () C:\Users\Oliver\Desktop\adwcleaner_3.305.exe
2014-08-14 20:47 - 2014-08-14 20:47 - 01016261 _____ (Thisisu) C:\Users\Oliver\Desktop\JRT.exe
2014-08-14 20:45 - 2014-08-14 20:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Oliver\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-14 20:45 - 2014-08-14 20:45 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-14 20:45 - 2014-08-14 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-14 20:45 - 2014-08-14 20:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-14 20:45 - 2014-08-14 20:45 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-08-14 20:44 - 2014-02-16 18:38 - 00000000 ____D () C:\Users\Oliver\Desktop\Börsenkurse
2014-08-13 21:51 - 2014-02-09 10:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 21:49 - 2014-02-09 10:57 - 96303304 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 21:49 - 2014-02-09 10:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 21:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-13 21:45 - 2014-02-08 20:31 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\KeePass
2014-08-13 19:33 - 2014-08-13 16:59 - 00000000 ____D () C:\Users\Oliver\Desktop\Virus
2014-08-13 19:32 - 2014-08-13 19:32 - 00019705 _____ () C:\ComboFix.txt
2014-08-13 19:32 - 2014-08-13 19:06 - 00000000 ____D () C:\Qoobox
2014-08-13 19:32 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-08-13 19:32 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-08-13 19:31 - 2014-08-13 19:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-13 19:29 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-08-13 19:24 - 2009-07-14 04:03 - 57409536 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-08-13 19:24 - 2009-07-14 04:03 - 17301504 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-08-13 19:24 - 2009-07-14 04:03 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-08-13 19:24 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-08-13 19:24 - 2009-07-14 04:03 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-08-13 19:23 - 2014-02-08 19:32 - 00000000 ____D () C:\Users\Oliver
2014-08-13 19:12 - 2014-08-13 19:12 - 05569662 ____R (Swearware) C:\Users\Oliver\Desktop\ComboFix.exe
2014-08-13 17:31 - 2014-08-13 17:31 - 00000176 _____ () C:\Users\Oliver\defogger_reenable
2014-08-13 17:30 - 2014-02-08 19:13 - 01628044 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-13 17:07 - 2014-08-13 17:07 - 00144584 _____ () C:\Windows\Minidump\081314-16676-01.dmp
2014-08-13 17:07 - 2014-03-16 15:02 - 00000000 ____D () C:\Windows\Minidump
2014-08-13 17:07 - 2014-03-16 15:01 - 357774381 _____ () C:\Windows\MEMORY.DMP
2014-08-12 18:32 - 2014-08-12 18:32 - 00000000 ____D () C:\Program Files\ESET
2014-08-12 18:26 - 2014-08-12 18:26 - 00000000 ____D () C:\Windows\ERUNT
2014-08-12 17:57 - 2014-08-10 12:59 - 00000000 ____D () C:\Windows\AutoKMS
2014-08-10 12:18 - 2014-03-02 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-10 12:18 - 2014-03-02 14:52 - 00001797 _____ () C:\ProgramData\hpzinstall.log
2014-08-10 12:18 - 2014-03-02 14:52 - 00000000 ____D () C:\Program Files\HP
2014-08-10 11:09 - 2014-08-09 18:33 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Skype
2014-08-10 11:09 - 2014-08-09 18:33 - 00000000 ____D () C:\ProgramData\Skype
2014-08-09 21:18 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-09 20:38 - 2014-08-09 20:29 - 238945732 _____ () C:\Users\Oliver\Desktop\PLANET E_ ABENTEUER - MALLORCA, TEIL 1.avi
2014-08-09 20:29 - 2014-08-09 20:19 - 230164014 _____ () C:\Users\Oliver\Desktop\PLANET E_ ABENTEUER - MALLORCA, TEIL 2.avi
2014-08-09 18:39 - 2014-06-07 09:13 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\vlc
2014-08-09 18:33 - 2014-08-09 18:33 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Skype
2014-08-09 18:33 - 2014-06-01 12:03 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\DVDVideoSoft
2014-08-09 18:32 - 2014-08-09 18:32 - 00002176 _____ () C:\Users\Public\Desktop\Free YouTube Download.lnk
2014-08-09 18:32 - 2014-06-01 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-09 18:32 - 2014-06-01 12:05 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-08-09 18:32 - 2014-06-01 12:05 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-08-08 20:34 - 2014-02-08 19:48 - 00110056 _____ () C:\Users\Oliver\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-08 20:33 - 2009-07-14 06:33 - 00410352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-08 20:27 - 2014-08-08 20:27 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-08-08 20:27 - 2014-02-09 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-08-08 20:27 - 2014-02-09 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-08 20:26 - 2009-07-14 10:56 - 00000000 ____D () C:\Windows\ShellNew
2014-08-08 20:26 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-08-08 20:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-08-08 20:23 - 2009-07-14 04:04 - 00000615 _____ () C:\Windows\win.ini
2014-08-07 17:39 - 2014-08-07 17:39 - 00367576 _____ () C:\Windows\Minidump\080714-19905-01.dmp
2014-08-04 19:14 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-31 21:40 - 2014-07-31 21:40 - 00367568 _____ () C:\Windows\Minidump\073114-20872-01.dmp
2014-07-31 17:14 - 2014-02-08 19:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-29 21:49 - 2014-07-29 21:49 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-29 13:02 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-29 08:04 - 2014-02-09 13:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-28 18:40 - 2014-02-09 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 18:11 - 2014-02-08 20:58 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-28 18:11 - 2013-01-03 18:51 - 00001021 _____ () C:\Users\Oliver\Desktop\Dropbox.lnk
2014-07-20 21:40 - 2014-03-10 18:59 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-20 21:40 - 2014-03-10 18:59 - 00001048 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-20 16:17 - 2014-02-08 20:55 - 00000000 ____D () C:\Users\Oliver\Documents\Meine Scans
2014-07-20 12:24 - 2014-07-19 21:20 - 00000000 ____D () C:\Users\Oliver\Desktop\Urlaub
2014-07-19 19:22 - 2014-07-17 19:24 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\GHISLER
2014-07-17 22:31 - 2014-04-19 17:28 - 00000000 ____D () C:\Program Files\i-Funbox DevTeam
2014-07-17 22:16 - 2014-07-17 19:18 - 00004078 _____ () C:\Users\Oliver\Desktop\WhatsAppMigrator.log
2014-07-17 22:15 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\Desktop\backup
2014-07-17 22:15 - 2014-07-17 21:31 - 00000223 _____ () C:\Users\Oliver\Desktop\WhatsAppMigrator.conf
2014-07-17 22:13 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\Desktop\converted
2014-07-17 22:13 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1______
2014-07-17 22:13 - 2014-07-17 22:13 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e___
2014-07-17 22:12 - 2014-07-17 19:27 - 00000000 ____D () C:\Users\Oliver\Desktop\Whatsapp
2014-07-17 22:05 - 2014-07-17 22:05 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e__
2014-07-17 22:04 - 2014-07-17 22:04 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1_____
2014-07-17 22:02 - 2014-07-17 22:02 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1____
2014-07-17 21:34 - 2014-07-17 21:34 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e_
2014-07-17 21:32 - 2014-07-17 21:32 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1___
2014-07-17 21:30 - 2014-07-17 21:30 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1__
2014-07-17 21:11 - 2014-04-19 17:28 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\iFunbox_UserCache
2014-07-17 21:03 - 2014-07-17 21:03 - 00371736 _____ () C:\Windows\Minidump\071714-27690-01.dmp
2014-07-17 20:49 - 2014-07-17 20:49 - 00002013 _____ () C:\Users\Oliver\Desktop\iDevice Manager.lnk
2014-07-17 20:49 - 2014-07-17 20:49 - 00000000 ____D () C:\Users\Oliver\AppData\Local\IsolatedStorage
2014-07-17 20:49 - 2014-07-17 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager
2014-07-17 20:49 - 2014-07-17 20:49 - 00000000 ____D () C:\Program Files\iDevice Manager
2014-07-17 20:47 - 2014-07-17 20:47 - 00961360 _____ (Chip Digital GmbH) C:\Users\Oliver\Desktop\iDevice Manager iPhone Explorer - CHIP-Installer.exe
2014-07-17 20:42 - 2014-07-17 20:34 - 00000000 ____D () C:\Users\Oliver\AppData\Local\pangu
2014-07-17 20:34 - 2014-07-17 20:33 - 35956160 _____ () C:\Users\Oliver\Desktop\Pangu_v1.1.exe
2014-07-17 20:23 - 2014-07-17 20:23 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-17 20:23 - 2014-07-17 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-17 20:23 - 2014-07-17 20:22 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-17 20:23 - 2014-07-17 20:22 - 00000000 ____D () C:\Program Files\iTunes
2014-07-17 20:22 - 2014-07-17 20:22 - 00000000 ____D () C:\Program Files\iPod
2014-07-17 20:22 - 2014-05-04 11:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1_
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempd60233d1130df8bd03cd6d2e3c2fc7d1
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempb3e4a92b2fa33cb7a7281f2eb2a6c78e
2014-07-17 19:21 - 2014-07-17 19:21 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Temp82152e590ca5570bb7bf75cfa8125e90
2014-07-17 19:19 - 2014-07-13 12:10 - 00000000 ____D () C:\Users\Oliver\.gimp-2.8
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\Oliver\ChromeExtensions
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Tempde97d1ecad57e6a299c82b803e0e23e1
2014-07-16 22:01 - 2014-02-08 20:14 - 00001075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
2014-07-16 22:01 - 2014-02-08 20:14 - 00000000 ____D () C:\Program Files\KeePass Password Safe 2
2014-07-16 22:01 - 2013-10-20 11:29 - 00001063 _____ () C:\Users\Oliver\Desktop\KeePass 2.lnk
2014-07-15 21:30 - 2014-06-13 16:10 - 00000000 ____D () C:\Users\Oliver\Desktop\WM
Some content of TEMP:
====================
C:\Users\Oliver\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnntjw5.dll
C:\Users\Oliver\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 18:05
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-08-2014
Ran by Oliver at 2014-08-14 21:31:32
Running from C:\Users\Oliver\Desktop\Virus\FRST
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
Adobe Flash Player 10 ActiveX (HKLM\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2796CF4-6517-00C1-9F70-6A9C50680D29}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{B5D724AD-AC50-46B4-AAA7-62EF18F0CDFE}) (Version: 1.44.0 - Kovid Goyal)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CloudReading (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.1.47.1220 - Foxit Corporation)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Creo Elements/Direct Modeling Express 4.0 (HKLM\...\{B4531C1A-9721-416A-A3BD-C0C600155176}) (Version: 40.0.10020 - Parametric Technology GmbH)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (Version: 130.0.365.000 - Hewlett-Packard) Hidden
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM\...\dreamboxEDIT) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
EPU-6 Engine (HKLM\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.01.14 - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
F2100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (Version: 90.0.222.000 - Hewlett-Packard) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Free WMA to MP3 Converter 1.16 (HKLM\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Free YouTube Download version 3.2.43.806 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.43.806 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
FRITZ!Box-Fernzugang einrichten (HKLM\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Designjet 3D Software Solution 1.1 (HKLM\...\{3100A54E-7256-4D77-96B6-F51E910425F4}) (Version: 1.1 - Hewlett-Packard)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.7.2386.747 - )
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.27 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.27 - Dominik Reichl)
LightScribe System Software (HKLM\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero ControlCenter (Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (Version: 11.0.20200 - Nero AG) Hidden
Nero CoverDesigner (HKLM\...\{3143E3EB-17A5-48F9-90FC-D7CA556CA210}) (Version: 12.0.01500 - Nero AG)
Nero CoverDesigner (Version: 12.0.10003 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (Version: 12.0.2000 - Nero AG) Hidden
Nero Update (Version: 11.0.11800.31.0 - Nero AG) Hidden
Prerequisite installer (Version: 12.0.0003 - Nero AG) Hidden
REALTEK Wireless LAN Driver and Utility (HKLM\...\{9C049499-055C-4a0c-A916-1D8CA1FF45EB}) (Version: 1.00.0175 - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.14044_15 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TIPP10 Version 2.1.0 (HKLM\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Oliver\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Oliver\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-956886985-2695973545-304803630-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Oliver\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
01-08-2014 18:43:56 Windows Update
05-08-2014 19:27:19 Windows Update
08-08-2014 18:21:18 Configured Microsoft Office Professional Plus 2010
10-08-2014 09:03:10 Windows Update
10-08-2014 09:09:26 Removed Skype™ 6.18
10-08-2014 10:02:55 Uniblue SpeedUpMyPC installation
13-08-2014 17:14:46 ComboFix created restore point
13-08-2014 17:40:44 Windows Update
13-08-2014 19:45:35 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2014-08-13 19:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1E53F79C-86D1-4F91-A72E-5C16E03333B0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {20777A6D-966D-41ED-8DCA-97B01DB18C99} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe [2009-05-25] ()
Task: {3C0228AF-F8E5-4205-B9C4-5BDE4AE1C940} - \AutoKMS No Task File <==== ATTENTION
Task: {3E423C2E-9348-41D3-AF66-B84627CD3870} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {5A44A6F8-E1A4-43C5-9F9E-C93159962FDA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {63225ABD-F84F-4C8F-8F4F-8704FADC65CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {9612E598-CC56-4176-B702-4381D362F24C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {A7766A69-D134-4673-9E4A-D76784D0423A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {E01649FF-E8C1-4508-98C3-A412E8630422} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-09 10:56 - 2009-05-25 11:33 - 06017024 _____ () C:\Program Files\ASUS\EPU-6 Engine\SixEngine.exe
2014-02-09 10:56 - 2009-04-22 21:20 - 00179712 _____ () C:\Program Files\ASUS\EPU-6 Engine\ASUSSERVICE.DLL
2014-02-09 10:56 - 2009-04-20 14:55 - 00565248 _____ () C:\Program Files\ASUS\EPU-6 Engine\pngio.dll
2014-02-09 10:56 - 2006-01-10 17:50 - 00024576 _____ () C:\Windows\system32\AsIo.dll
2014-02-09 10:56 - 2009-04-20 14:55 - 00053248 _____ () C:\Program Files\ASUS\EPU-6 Engine\AsSpindownTimeout.dll
2014-02-09 10:56 - 2009-04-02 13:27 - 00090112 _____ () C:\Program Files\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
2014-08-14 21:19 - 2014-08-14 21:19 - 00043008 _____ () c:\users\oliver\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnntjw5.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Oliver\AppData\Roaming\Dropbox\bin\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-08 19:42 - 2009-12-09 22:20 - 00126976 _____ () C:\Program Files\REALTEK\11n USB Wireless LAN Utility\EnumDevLib.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Oliver\Desktop\2014-05-25 14.58.09.jpg:com.dropbox.attributes
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Oliver^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 31%
Total physical RAM: 3327.05 MB
Available physical RAM: 2270.32 MB
Total Pagefile: 6652.4 MB
Available Pagefile: 5447.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:365.16 GB) (Free:122.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:465.76 GB) (Free:98.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149 GB) (Disk ID: 000148CA)
Partition 1: (Active) - (Size=145 GB) - (Type=83)
Partition 2: (Not Active) - (Size=4 GB) - (Type=05)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: BA51F4EA)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 16251625)
Partition 1: (Active) - (Size=365 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=101 GB) - (Type=05)
==================== End Of Log ============================
Schönen Abend noch.
Oliver |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
So funktioniert es:
