Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware
Datenbank Version: v2013.12.25.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Viereck :: VIERECK-PC [Administrator]
29.12.2013 11:22:56
mbam-log-2013-12-29 (11-22-56).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 363058
Laufzeit: 53 Minute(n), 6 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
FRST Logfile:
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-12-2013
Ran by Viereck (administrator) on VIERECK-PC on 29-12-2013 12:26:41
Running from C:\Users\Viereck\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgwdsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() D:\mysql\bin\mysqld-nt.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nullsoft, Inc.) C:\Winamp\winampa.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\AVG\AVG2014\avgemca.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Viereck\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7936032 2009-06-26] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM-x32\...\Run: [AVG_UI] - C:\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WinampAgent] - C:\Winamp\winampa.exe [74752 2010-12-08] (Nullsoft, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [761024 2013-12-13] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Facebook Update] - C:\Users\Viereck\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-10-22] (Facebook Inc.)
HKCU\...\Run: [Google Update] - C:\Users\Viereck\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-22] (Google Inc.)
HKCU\...\Run: [EPSON Stylus DX4400 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE /FU "C:\Windows\TEMP\E_S3036.tmp" /EF "HKCU"
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [17877168 2012-11-09] (Skype Technologies S.A.)
HKCU\...\Run: [DT Emphelungstool] - "C:\Users\Viereck\AppData\Local\Deutsche Telekom\Empfehlungstool\DTEmpfehlungstool.exe" 2
HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\Viereck\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=ac40f3456d6647d38c4e95ceba3a8f5d-0cbe179a12631bcc9780820713abc6186a7388cb /CMPID=1213b
MountPoints2: L - L:\Setup.exe
MountPoints2: {e125f955-3e4e-11e3-80d2-4487fcde66ae} - L:\Setup.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1387727807&from=cor&uid=HitachiXHDS721010CLA332_JP2940HD295URC295URCX&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9D768A065CFCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1387727807&from=cor&uid=HitachiXHDS721010CLA332_JP2940HD295URC295URCX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = AARTEMIS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = AARTEMIS
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1387727807&from=cor&uid=HitachiXHDS721010CLA332_JP2940HD295URC295URCX&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1387727807&from=cor&uid=HitachiXHDS721010CLA332_JP2940HD295URC295URCX&q={searchTerms}
SearchScopes: HKLM-x32 - {40439b93-f815-4122-8073-d03bed94c303} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-shoutcast-chromesbox-en-us
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=73435ef1-066d-3b8c-9a17-db778bf96efc&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {40439b93-f815-4122-8073-d03bed94c303} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-shoutcast-chromesbox-en-us
BHO: SuperLyrics-16 - {11111111-1111-1111-1111-110411411162} - C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-bho64.dll No File
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR RestoreOnStartup: "https://www.google.de/", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=73435ef1-066d-3b8c-9a17-db778bf96efc&searchtype=hp&installDate=09/11/2013", "hxxp://aartemis.com/?type=hp&ts=1387727807&from=cor&uid=HitachiXHDS721010CLA332_JP2940HD295URC295URCX"
CHR Extension: (Snap.Do ) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (Google Drive) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (TV) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0
CHR Extension: (WOT) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.4.4_0
CHR Extension: (YouTube) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Extended Protection) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml\1.3_0
CHR Extension: (Google Search) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (SuperLyrics-16) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.19_0
CHR Extension: (Google Wallet) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Viereck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MySql; D:\mysql\bin\mysqld-nt.exe [1126400 2002-02-22] ()
==================== Drivers (Whitelisted) ====================
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [x]
S3 motandroidusb; System32\Drivers\motoandroid.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-29 12:26 - 2013-12-29 12:27 - 00013378 _____ C:\Users\Viereck\Downloads\FRST.txt
2013-12-29 12:26 - 2013-12-29 12:26 - 01931262 _____ (Farbar) C:\Users\Viereck\Downloads\FRST64.exe
2013-12-29 12:26 - 2013-12-29 12:26 - 00000000 ____D C:\FRST
2013-12-29 12:25 - 2013-12-29 12:25 - 01064131 _____ (Farbar) C:\Users\Viereck\Downloads\FRST.exe
2013-12-27 09:02 - 2013-12-27 09:05 - 00000000 ____D C:\Users\Viereck\Desktop\Neuer Ordner (3)
2013-12-25 18:35 - 2013-12-25 18:52 - 1215299584 _____ C:\Users\Viereck\Downloads\linuxmint-16-cinnamon-dvd-32bit.iso
2013-12-25 15:54 - 2013-12-25 15:55 - 78388136 _____ (AVG) C:\Users\Viereck\Downloads\avg_tuh_stf_all_2014_204_24c28.exe
2013-12-23 22:46 - 2013-12-23 22:51 - 00000000 ____D C:\linuxmint-16-cinnamon-dvd-32bit
2013-12-23 22:38 - 2013-12-29 09:35 - 00001456 _____ C:\Windows\setupact.log
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 _____ C:\Windows\setuperr.log
2013-12-23 22:31 - 2013-12-23 22:31 - 00004410 _____ C:\Windows\PFRO.log
2013-12-22 17:09 - 2013-12-22 17:09 - 03514912 _____ C:\Users\Viereck\Desktop\sbsetup.exe
2013-12-22 17:01 - 2013-12-22 17:01 - 00000000 ____D C:\Program Files\Motorola Inc
2013-12-22 16:57 - 2013-12-25 14:59 - 00000000 ____D C:\Users\Viereck\AppData\Local\Mobogenie
2013-12-22 16:57 - 2013-12-23 22:31 - 00000000 ____D C:\ProgramData\WPM
2013-12-22 16:57 - 2013-12-23 18:09 - 00001344 _____ C:\Users\Viereck\daemonprocess.txt
2013-12-22 16:57 - 2013-12-22 17:07 - 00000000 ____D C:\Users\Viereck\AppData\Local\genienext
2013-12-22 16:57 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\Documents\Mobogenie
2013-12-22 16:57 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\AppData\Local\cache
2013-12-22 16:57 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\.android
2013-12-22 16:56 - 2013-12-23 19:36 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-22 16:49 - 2013-12-22 16:49 - 00810316 _____ C:\Users\Viereck\Documents\AVGInstLog.cab
2013-12-22 16:42 - 2013-12-22 16:42 - 00000000 ____D C:\Users\Viereck\AppData\Local\Avg2013
2013-12-22 16:35 - 2013-12-23 22:04 - 00000000 ____D C:\Program Files (x86)\Serials 2000
2013-12-22 16:35 - 2013-12-22 16:35 - 00003108 _____ C:\Windows\System32\Tasks\{C121FD3D-DBAD-4A7A-BC62-8D33FE7BC117}
2013-12-22 16:35 - 2013-12-22 16:35 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serials 2000
2013-12-17 16:10 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-17 16:10 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-17 16:10 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-17 16:10 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-17 16:08 - 2013-11-15 03:09 - 17847296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-17 16:08 - 2013-11-15 02:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-17 16:08 - 2013-11-15 02:37 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-17 16:08 - 2013-11-15 02:29 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-17 16:08 - 2013-11-15 02:29 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-17 16:08 - 2013-11-15 02:28 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-17 16:08 - 2013-11-15 02:28 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-17 16:08 - 2013-11-15 02:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-17 16:08 - 2013-11-15 02:22 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-17 16:08 - 2013-11-15 02:20 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 16:08 - 2013-11-15 02:20 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-17 16:08 - 2013-11-15 02:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-17 16:08 - 2013-11-15 02:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 16:08 - 2013-11-15 02:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-17 16:08 - 2013-11-15 02:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-17 16:08 - 2013-11-15 02:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-17 16:08 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-17 16:08 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-17 16:08 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-17 16:08 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-17 16:08 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-17 16:08 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-17 16:08 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-17 16:08 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-17 16:08 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 16:08 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-17 16:08 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-17 16:08 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 16:08 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-17 16:08 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-17 16:08 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-17 16:08 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-17 16:06 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-17 16:06 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-17 16:06 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-17 16:06 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-17 16:06 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-17 16:06 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-17 16:06 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-17 16:06 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-17 16:06 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-17 16:06 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-17 16:06 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-17 16:05 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-17 16:05 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-17 16:05 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-17 16:05 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-17 16:05 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-17 16:05 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-17 16:05 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-17 16:05 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-16 20:33 - 2007-10-27 20:01 - 00000000 ____D C:\Users\Viereck\Downloads\Highland
2013-12-16 20:30 - 2013-12-16 20:31 - 69998393 _____ C:\Users\Viereck\Downloads\Highland.rar
2013-12-16 18:55 - 2013-12-26 23:15 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\ClubCooee
2013-12-16 18:55 - 2013-12-16 18:55 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Club Cooee
2013-12-16 18:54 - 2013-12-26 20:15 - 00000000 ____D C:\Users\Viereck\AppData\Local\ClubCooee
2013-12-16 18:52 - 2013-12-16 18:53 - 26711264 _____ (cooee GmbH) C:\Users\Viereck\Downloads\ClubCooeeSetup.exe
2013-12-04 19:24 - 2013-12-23 19:36 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Yahoo!
2013-12-04 19:24 - 2013-12-04 19:24 - 00001101 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-12-04 19:24 - 2013-12-04 19:24 - 00000000 ____D C:\ProgramData\Yahoo!
2013-12-04 19:22 - 2013-12-23 19:36 - 00000000 ____D C:\Program Files (x86)\Yahoo!
==================== One Month Modified Files and Folders =======
2013-12-29 12:27 - 2013-12-29 12:26 - 00013378 _____ C:\Users\Viereck\Downloads\FRST.txt
2013-12-29 12:26 - 2013-12-29 12:26 - 01931262 _____ (Farbar) C:\Users\Viereck\Downloads\FRST64.exe
2013-12-29 12:26 - 2013-12-29 12:26 - 00000000 ____D C:\FRST
2013-12-29 12:25 - 2013-12-29 12:25 - 01064131 _____ (Farbar) C:\Users\Viereck\Downloads\FRST.exe
2013-12-29 11:43 - 2013-10-22 22:38 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA.job
2013-12-29 11:30 - 2013-10-22 23:13 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA.job
2013-12-29 11:20 - 2013-11-01 12:14 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Winamp
2013-12-29 10:56 - 2009-07-14 18:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2013-12-29 10:56 - 2009-07-14 18:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2013-12-29 10:56 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-29 10:53 - 2013-11-01 12:02 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Skype
2013-12-29 09:40 - 2013-10-22 21:49 - 00000000 ____D C:\ProgramData\MFAData
2013-12-29 09:40 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-29 09:40 - 2009-07-14 05:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-29 09:39 - 2013-10-22 21:24 - 01324970 _____ C:\Windows\WindowsUpdate.log
2013-12-29 09:35 - 2013-12-23 22:38 - 00001456 _____ C:\Windows\setupact.log
2013-12-29 09:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-28 21:37 - 2013-10-29 21:16 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\TS3Client
2013-12-28 08:29 - 2013-10-22 23:13 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core.job
2013-12-27 09:05 - 2013-12-27 09:02 - 00000000 ____D C:\Users\Viereck\Desktop\Neuer Ordner (3)
2013-12-26 23:43 - 2013-10-22 22:38 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core.job
2013-12-26 23:15 - 2013-12-16 18:55 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\ClubCooee
2013-12-26 20:15 - 2013-12-16 18:54 - 00000000 ____D C:\Users\Viereck\AppData\Local\ClubCooee
2013-12-25 18:52 - 2013-12-25 18:35 - 1215299584 _____ C:\Users\Viereck\Downloads\linuxmint-16-cinnamon-dvd-32bit.iso
2013-12-25 15:57 - 2013-11-15 13:21 - 00000000 ____D C:\Users\Viereck\AppData\Local\Avg2014
2013-12-25 15:55 - 2013-12-25 15:54 - 78388136 _____ (AVG) C:\Users\Viereck\Downloads\avg_tuh_stf_all_2014_204_24c28.exe
2013-12-25 14:59 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\AppData\Local\Mobogenie
2013-12-24 09:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-24 09:22 - 2013-10-26 14:46 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-12-23 22:51 - 2013-12-23 22:46 - 00000000 ____D C:\linuxmint-16-cinnamon-dvd-32bit
2013-12-23 22:38 - 2013-12-23 22:38 - 00000000 _____ C:\Windows\setuperr.log
2013-12-23 22:31 - 2013-12-23 22:31 - 00004410 _____ C:\Windows\PFRO.log
2013-12-23 22:31 - 2013-12-22 16:57 - 00000000 ____D C:\ProgramData\WPM
2013-12-23 22:07 - 2013-11-01 12:01 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-23 22:07 - 2013-11-01 12:01 - 00000000 ____D C:\ProgramData\Skype
2013-12-23 22:07 - 2013-10-23 07:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-12-23 22:05 - 2013-11-13 20:34 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2013-12-23 22:04 - 2013-12-22 16:35 - 00000000 ____D C:\Program Files (x86)\Serials 2000
2013-12-23 19:36 - 2013-12-22 16:56 - 00000000 ____D C:\Program Files (x86)\Mobogenie
2013-12-23 19:36 - 2013-12-04 19:24 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Yahoo!
2013-12-23 19:36 - 2013-12-04 19:22 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2013-12-23 18:09 - 2013-12-22 16:57 - 00001344 _____ C:\Users\Viereck\daemonprocess.txt
2013-12-22 17:13 - 2013-10-22 21:43 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\SlimBrowser
2013-12-22 17:09 - 2013-12-22 17:09 - 03514912 _____ C:\Users\Viereck\Desktop\sbsetup.exe
2013-12-22 17:07 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\AppData\Local\genienext
2013-12-22 17:01 - 2013-12-22 17:01 - 00000000 ____D C:\Program Files\Motorola Inc
2013-12-22 16:57 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\Documents\Mobogenie
2013-12-22 16:57 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\AppData\Local\cache
2013-12-22 16:57 - 2013-12-22 16:57 - 00000000 ____D C:\Users\Viereck\.android
2013-12-22 16:57 - 2013-10-22 21:28 - 00000000 ____D C:\Users\Viereck
2013-12-22 16:56 - 2013-10-22 23:13 - 00002576 _____ C:\Users\Viereck\Desktop\Google Chrome.lnk
2013-12-22 16:49 - 2013-12-22 16:49 - 00810316 _____ C:\Users\Viereck\Documents\AVGInstLog.cab
2013-12-22 16:42 - 2013-12-22 16:42 - 00000000 ____D C:\Users\Viereck\AppData\Local\Avg2013
2013-12-22 16:35 - 2013-12-22 16:35 - 00003108 _____ C:\Windows\System32\Tasks\{C121FD3D-DBAD-4A7A-BC62-8D33FE7BC117}
2013-12-22 16:35 - 2013-12-22 16:35 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Serials 2000
2013-12-22 16:34 - 2009-07-14 19:18 - 00000000 ____D C:\Windows\ShellNew
2013-12-22 16:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2013-12-22 14:10 - 2013-10-23 08:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-22 14:10 - 2013-10-22 21:45 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-20 15:08 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-20 15:07 - 2009-07-14 05:45 - 00295824 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-17 16:08 - 2013-10-23 07:49 - 00000000 ____D C:\Windows\system32\MRT
2013-12-17 16:07 - 2010-02-09 23:33 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-16 20:31 - 2013-12-16 20:30 - 69998393 _____ C:\Users\Viereck\Downloads\Highland.rar
2013-12-16 18:55 - 2013-12-16 18:55 - 00000000 ____D C:\Users\Viereck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Club Cooee
2013-12-16 18:53 - 2013-12-16 18:52 - 26711264 _____ (cooee GmbH) C:\Users\Viereck\Downloads\ClubCooeeSetup.exe
2013-12-06 10:00 - 2013-11-12 20:18 - 00092160 ____H C:\Users\Viereck\Desktop\photothumb.db
2013-12-05 08:25 - 2013-10-22 23:13 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA
2013-12-05 08:25 - 2013-10-22 23:13 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core
2013-12-04 19:25 - 2013-10-22 21:28 - 00000000 ____D C:\Users\Viereck\AppData\Local\VirtualStore
2013-12-04 19:24 - 2013-12-04 19:24 - 00001101 _____ C:\Users\Public\Desktop\Yahoo! Messenger.lnk
2013-12-04 19:24 - 2013-12-04 19:24 - 00000000 ____D C:\ProgramData\Yahoo!
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-24 09:15
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
Zitat:
Zitat von schrauber
(Beitrag 1221001)
hi,
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
- Starte jetzt FRST.
- Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
- Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
- Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
|
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-12-2013
Ran by Viereck at 2013-12-29 12:27:38
Running from C:\Users\Viereck\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 3.9.0.1210)
Adobe Download Assistant (x32 Version: 1.2.6)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
CCleaner (Version: 4.00)
Club Cooee (HKCU Version: 1.6.11.0)
EPSON Attach To Email (x32 Version: 1.01.0000)
EPSON Scan Assistant (x32 Version: 1.10.00)
EPSON-Drucker-Software
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
Firebird 2.5.0.26074 (Win32) (x32 Version: 2.5.0.26074)
FlashPeak SlimBrowser (x32 Version: 7.00.071)
Flatcast Producer Plugin 5.2.2.471 (x32)
Free Audio CD Burner version 1.4.7 (x32)
Free Audio Converter version 2.2.13 (x32)
Free YouTube to MP3 Converter version 3.9.32 (x32)
Google Chrome (HKCU Version: 31.0.1650.63)
Google Update Helper (x32 Version: 1.3.23.0)
Hauppauge MCE XP/Vista Software Encoder (2.0.26057) (x32 Version: 2.0.26057)
IsoBuster 3.3 (x32 Version: 3.3)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JDownloader 0.9 (x32 Version: 0.9)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SkyDrive (HKCU Version: 16.4.6010.0727)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0)
MSI to redistribute MS VS2005 CRT libraries (x32 Version: 8.0.50727.42)
MySQL Installer (x32 Version: 1.1.7.0)
MySQL Servers and Clients 3.23.49 (x32)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
PhotoScape (x32)
Realtek 8136 8168 8169 Ethernet Driver (x32 Version: 1.00.0006)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5882)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30123)
SAM Broadcaster (remove only) (x32)
SHOUTcast Source DSP 1.9.1 (remove only) (x32)
Skype™ 6.0 (x32 Version: 6.0.126)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 3 Client (Version: 3.0.13)
TeamViewer 8 (x32 Version: 8.0.22298)
Uninstall 1.0.0.1 (x32)
UseNeXT by Tangysoft (x32)
VideoPlayer v2.0.6 (x32 Version: v2.0.6)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Winamp (x32 Version: 5.601 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
WinRAR 5.00 beta 1 (32-bit) (x32 Version: 5.00.1)
Wyzo (x32 Version: 3.6.4)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
==================== Restore Points =========================
25-12-2013 16:35:29 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {136A73E1-1497-4B81-92FD-AAAE0827F402} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {204D8694-4601-4892-91A4-4461680775AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA => C:\Users\Viereck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.)
Task: {2E40458A-536B-42B7-A767-9D7C92793679} - System32\Tasks\UpdaterEX => C:\Users\Viereck\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE
Task: {3913F39C-DC87-42A3-BFE3-66513944F1EB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core => C:\Users\Viereck\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-22] (Facebook Inc.)
Task: {610CC1C1-50B7-4C5D-B128-C3B6E6E8DD4A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA => C:\Users\Viereck\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-22] (Facebook Inc.)
Task: {9C9BF566-1491-4C64-BACA-3E7080936CD8} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {BFCEA008-6EE4-4EFE-AB1B-263584E4F1BD} - System32\Tasks\DealPly => C:\Users\Viereck\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {EB9A687F-8D8E-4355-8B28-85F4118B03A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core => C:\Users\Viereck\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-22] (Google Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core.job => C:\Users\Viereck\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA.job => C:\Users\Viereck\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001Core.job => C:\Users\Viereck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2905640226-3162487372-3156939738-1001UA.job => C:\Users\Viereck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Viereck\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE
==================== Loaded Modules (whitelisted) =============
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () D:\FileZilla FTP Client\fzshellext_64.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () D:\FileZilla FTP Client\fzshellext.dll
2013-12-04 20:28 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\Viereck\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-04 20:28 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\Viereck\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-04 20:28 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\Viereck\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-04 20:28 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\Viereck\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-04 20:28 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\Viereck\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-04 19:24 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
2013-12-04 19:24 - 2012-05-25 04:25 - 00078336 _____ () C:\Program Files (x86)\Yahoo!\Messenger\pcre.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2013 11:49:43 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "(I:)" wurde aufgrund eines Fehlers nicht defragmentiert: Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 09:19:42 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "TOSHIBA EXT (H:)" wurde aufgrund eines Fehlers nicht defragmentiert: Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 09:17:50 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "(I:)" wurde aufgrund eines Fehlers nicht defragmentiert: Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 05:28:30 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "(I:)" wurde aufgrund eines Fehlers nicht defragmentiert: Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 03:33:46 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "(I:)" wurde aufgrund eines Fehlers nicht defragmentiert: Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/24/2013 09:15:54 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Volume "(I:)" wurde aufgrund eines Fehlers nicht defragmentiert: Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/23/2013 10:41:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/23/2013 10:36:52 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
.
Error: (12/23/2013 10:07:27 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Wpm Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (12/23/2013 10:07:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Wpm Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (12/28/2013 05:33:04 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/27/2013 11:28:59 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/27/2013 02:43:28 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "VIERECK-2013",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{46AC40C2-A9C2-428F-B797-BE250B5E213F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/27/2013 02:22:29 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/26/2013 07:57:23 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "VIERECK-2013",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{46AC40C2-A9C2-428F-B797-BE250B5E213F}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/26/2013 07:29:25 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 26.12.2013 um 19:27:41 unerwartet heruntergefahren.
Error: (12/25/2013 07:57:12 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 25.12.2013 um 19:54:42 unerwartet heruntergefahren.
Error: (12/25/2013 03:48:41 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (12/25/2013 03:46:40 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/25/2013 02:44:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVG Firewall" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805289.
Microsoft Office Sessions:
=========================
Error: (12/26/2013 11:49:43 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (I:)Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 09:19:42 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: TOSHIBA EXT (H:)Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 09:17:50 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (I:)Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 05:28:30 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (I:)Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/25/2013 03:33:46 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (I:)Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/24/2013 09:15:54 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: (I:)Der Datenträger wurde vom System getrennt. (0x89000011)
Error: (12/23/2013 10:41:20 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestK:\SoftonicDownloader_fuer_kubuntu.exe
Error: (12/23/2013 10:36:52 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
Error: (12/23/2013 10:07:27 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Wpm Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (12/23/2013 10:07:11 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Wpm Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
==================== Memory info ===========================
Percentage of memory in use: 77%
Total physical RAM: 1821.24 MB
Available physical RAM: 403.88 MB
Total Pagefile: 3879.48 MB
Available Pagefile: 1266.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.73 GB) (Free:14.55 GB) NTFS
Drive d: () (Fixed) (Total:416.93 GB) (Free:337.68 GB) NTFS
Drive e: (Musik 1) (Fixed) (Total:465.75 GB) (Free:413.58 GB) NTFS
Drive h: (TOSHIBA EXT) (Fixed) (Total:931.51 GB) (Free:67.26 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: ADCBCBD5)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=417 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: A4EF908B)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- ---
AdwCleaner auf deinen Desktop.
