| trondheim | 12.02.2014 06:54 |
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014 01
Ran by xxxx (administrator) on OFFICEPC on 12-02-2014 06:50:48
Running from C:\Users\User\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\vsserv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\bdagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1737920 2014-01-15] (Bitdefender)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640 2013-12-20] (APN)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-11] (Bitdefender)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [SkyDrive] - C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-08-24] (Microsoft Corporation)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [Bitdefender-Geldbörse-Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [567888 2014-02-11] (Bitdefender)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [Bitdefender-Geldbörse] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1001536 2014-02-11] (Bitdefender)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [614232 2014-02-11] (Bitdefender)
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\Run: [Enhance views Hack Tool] - C:\Users\User\AppData\Local\Temp\Enhance views Hack Tool.vbs [1161270 2013-10-29] () <===== ATTENTION
HKU\S-1-5-21-1152521600-1820386124-4228260927-1000\...\MountPoints2: {cce6664e-a814-11e2-9d56-806e6f6e6963} - F:\SISetup.exe
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Enhance views Hack Tool.vbs ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x28F3F7902397CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iz036nbo.default
FF DefaultSearchEngine: AVG Secure Search
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iz036nbo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-09-10]
FF Extension: Firebug - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iz036nbo.default\Extensions\firebug@software.joehewitt.com.xpi [2013-04-18]
FF Extension: FlashGot - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iz036nbo.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-04-18]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-11]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender\bdtbext
FF Extension: bdToolbar - C:\Program Files\Bitdefender\Bitdefender\bdtbext [2014-02-11]
==================== Services (Whitelisted) =================
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2013-08-23] (AOMEI Tech Co., Ltd.)
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender\bdparentalservice.exe [77632 2013-11-21] (Bitdefender)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2013-10-07] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1507248 2014-01-23] (Bitdefender)
==================== Drivers (Whitelisted) ====================
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2013-05-07] ()
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2013-05-07] ()
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2013-02-06] ()
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-02-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-12 06:49 - 2014-02-12 06:50 - 02151424 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-11 15:59 - 2014-02-11 15:59 - 00006631 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-11 15:59 - 2014-02-11 15:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-11 15:53 - 2014-02-11 15:53 - 00001257 _____ () C:\Users\User\Desktop\Blu-ray Disc Suite.lnk
2014-02-11 09:17 - 2014-02-11 15:52 - 00000000 ____D () C:\Windows\pss
2014-02-11 08:59 - 2014-02-11 08:59 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-02-11 08:31 - 2014-02-11 08:31 - 00000000 ____D () C:\Users\User\AppData\Local\richy
2014-02-11 08:28 - 2014-02-11 08:28 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-02-11 08:27 - 2014-02-11 09:07 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-11 08:08 - 2014-02-11 08:59 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-02-11 08:08 - 2014-02-11 08:08 - 00581481 _____ () C:\ProgramData\1392102185.bdinstall.bin
2014-02-11 08:08 - 2014-02-11 08:08 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-02-11 08:08 - 2014-02-11 08:08 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-02-11 08:08 - 2014-02-11 08:08 - 00000684 ____H () C:\bdr-cf01
2014-02-11 08:08 - 2014-02-11 08:08 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-02-11 08:08 - 2014-02-11 08:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-02-11 08:08 - 2014-02-11 08:08 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-11 08:08 - 2013-12-02 11:58 - 00635392 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
2014-02-11 08:08 - 2013-12-02 11:56 - 00893440 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2014-02-11 08:08 - 2013-11-04 15:47 - 00082824 _____ (BitDefender SRL) C:\Windows\system32\Drivers\bdsandbox.sys
2014-02-11 08:08 - 2013-02-22 18:46 - 00093600 _____ (BitDefender LLC) C:\Windows\system32\Drivers\BdfNdisf6.sys
2014-02-11 08:08 - 2012-11-02 13:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2014-02-11 08:08 - 2012-04-17 13:34 - 00076944 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2014-02-11 08:08 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2014-02-11 08:04 - 2014-02-11 08:08 - 00253404 ____H () C:\bdr-ld01
2014-02-11 08:04 - 2014-02-11 08:08 - 00009216 ____H () C:\bdr-ld01.mbr
2014-02-11 08:04 - 2014-02-11 08:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-02-11 08:04 - 2013-09-24 15:38 - 46879860 ____H () C:\bdr-im01.gz
2014-02-11 08:04 - 2013-08-13 12:38 - 03271472 ____H () C:\bdr-bz01
2014-02-11 08:03 - 2014-02-11 09:00 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-02-11 08:03 - 2014-02-11 08:04 - 00000000 ____D () C:\Program Files\Bitdefender
2014-02-11 08:03 - 2014-02-11 08:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-02-11 08:03 - 2013-11-04 15:47 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUISkin.dll
2014-02-11 08:03 - 2013-11-04 15:46 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\BDSandBoxUH.dll
2014-02-11 08:03 - 2013-08-23 12:48 - 00150256 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2014-02-11 08:03 - 2013-08-07 12:46 - 00389240 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys
2014-02-11 08:01 - 2014-02-11 08:03 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-02-11 08:00 - 2014-02-11 08:00 - 07171632 _____ () C:\Users\User\Downloads\bitdefender_tsecurity.exe
2014-02-10 20:05 - 2014-02-10 20:05 - 00000000 ____D () C:\Program Files (x86)\Attribute Changer
2014-02-10 20:04 - 2014-02-10 20:04 - 03307203 _____ (Romain Petges ) C:\Users\User\Downloads\ac.exe
2014-02-10 19:22 - 2014-02-10 19:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-10 19:21 - 2014-02-10 19:21 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2014-02-10 19:18 - 2014-02-10 19:18 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-10 19:18 - 2014-02-10 19:18 - 00000000 ____D () C:\Windows\erdnt
2014-02-10 18:56 - 2014-02-10 18:56 - 00000000 ____D () C:\Users\User\test
2014-02-10 18:47 - 2014-02-10 18:47 - 04969219 _____ (R. Aquila, F. Ostermeier ) C:\Users\User\Downloads\setupzd.exe
2014-02-10 18:47 - 2014-02-10 18:47 - 00000621 _____ () C:\Users\User\Desktop\WinZD.lnk
2014-02-10 18:47 - 2013-11-09 11:40 - 00663552 _____ () C:\Windows\SysWOW64\Tx12.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-02-10 18:47 - 2013-11-09 11:40 - 00520192 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_pdf.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00479232 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_doc.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00360448 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_rtf.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00352256 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\Tx4ole12.ocx
2014-02-10 18:47 - 2013-11-09 11:40 - 00339968 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_obj.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00303104 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_xml.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00249856 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_css.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00225280 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_htm.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00221184 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_png.flt
2014-02-10 18:47 - 2013-11-09 11:40 - 00172032 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_jpg.flt
2014-02-10 18:47 - 2013-11-09 11:40 - 00126976 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_tls.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00124688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2014-02-10 18:47 - 2013-11-09 11:40 - 00106496 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_ic.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-02-10 18:47 - 2013-11-09 11:40 - 00061440 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_tif.flt
2014-02-10 18:47 - 2013-11-09 11:40 - 00053248 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_wnd.dll
2014-02-10 18:47 - 2013-11-09 11:40 - 00049152 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_bmp.flt
2014-02-10 18:47 - 2013-11-09 11:40 - 00033280 _____ (The Imaging Source Europe GmbH) C:\Windows\SysWOW64\tx12_wmf.flt
2014-02-10 18:47 - 2013-11-09 11:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WINSKDE.DLL
2014-02-10 18:47 - 2013-11-09 11:40 - 00000530 _____ () C:\Windows\SysWOW64\tx12_ic.ini
2014-02-10 18:20 - 2014-02-10 18:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\LavasoftStatistics
2014-02-10 18:11 - 2014-02-10 18:11 - 01725064 _____ () C:\Users\User\Downloads\Adaware_Installer_11.1.exe
2014-02-10 18:11 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-02-10 18:02 - 2014-02-10 18:02 - 24859352 _____ (Microsoft Corporation) C:\Users\User\Downloads\Windows-KB890830-x64-V5.8.exe
2014-02-10 17:53 - 2014-02-10 19:18 - 00000000 ___SD () C:\ComboFix
2014-02-10 17:52 - 2014-02-10 17:52 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-10 16:50 - 2014-02-10 19:07 - 00024114 _____ () C:\Users\User\Downloads\Addition.txt
2014-02-10 16:49 - 2014-02-12 06:50 - 00016629 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-10 16:49 - 2014-02-12 06:50 - 00000000 ____D () C:\FRST
2014-02-10 16:14 - 2014-02-10 16:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-10 15:35 - 2014-02-10 15:37 - 276840448 _____ () C:\Users\User\Downloads\drweb-livecd-602.iso
2014-02-10 15:19 - 2014-02-10 15:19 - 00000000 ____D () C:\Windows\ERUNT
2014-02-10 15:07 - 2014-02-10 17:55 - 00000000 ____D () C:\AdwCleaner
2014-02-10 14:55 - 2014-02-10 15:06 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-10 14:55 - 2014-02-10 14:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-10 13:55 - 2014-02-10 13:55 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-02-06 06:53 - 2014-02-06 06:53 - 00000859 _____ () C:\Users\User\Desktop\Sach- und Textaufgaben Mathematik.lnk
2014-02-04 07:17 - 2014-02-04 07:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 10:53 - 2014-01-31 10:53 - 00031744 _____ () C:\Users\User\Desktop\Meldeliste_Grundschulwettbewerb.xls
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-15 07:06 - 2014-01-15 07:20 - 00000000 ____D () C:\Program Files (x86)\Meldeprogramm
2014-01-15 07:06 - 2014-01-15 07:06 - 02389536 _____ (Jan Limbeck ) C:\Users\User\Downloads\Meldeprogramm-2014.exe
2014-01-15 07:06 - 2014-01-15 07:06 - 00000997 _____ () C:\Users\Administrator.OfficePC.000\Desktop\Meldeprogramm.lnk
2014-01-15 07:06 - 2013-11-09 11:40 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2014-01-15 07:06 - 2001-08-18 14:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll
2014-01-15 07:06 - 2000-12-13 16:47 - 00123664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJInt35.DLL
2014-01-15 07:06 - 2000-12-13 16:47 - 00024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJtEr35.DLL
2014-01-15 07:06 - 2000-06-08 18:00 - 01064960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJet35.dll
2014-01-15 07:06 - 2000-06-08 18:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRepl35.dll
2014-01-15 07:06 - 1998-08-10 12:56 - 00089129 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.dll
2014-01-15 07:06 - 1998-05-31 00:00 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ODBCTL32.dll
2014-01-15 07:06 - 1998-04-24 01:00 - 00252176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2x35.dll
2014-01-15 07:06 - 1997-07-22 11:21 - 00099866 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb5de.dll
2014-01-15 07:06 - 1997-07-19 17:00 - 00134416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmapi32.ocx
2014-01-15 07:06 - 1997-02-25 23:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMpiDE.dll
2014-01-15 07:02 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 07:02 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 07:02 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 07:02 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 07:02 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 07:02 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 07:02 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 07:02 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 07:02 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2014-02-12 06:50 - 2014-02-12 06:49 - 02151424 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2014-02-12 06:50 - 2014-02-10 16:49 - 00016629 _____ () C:\Users\User\Downloads\FRST.txt
2014-02-12 06:50 - 2014-02-10 16:49 - 00000000 ____D () C:\FRST
2014-02-12 06:10 - 2013-02-13 15:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-11 17:08 - 2013-04-19 10:58 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2014-02-11 16:10 - 2011-04-12 08:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-02-11 16:10 - 2011-04-12 08:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-02-11 16:10 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-11 16:00 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-11 16:00 - 2009-07-14 05:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-11 15:59 - 2014-02-11 15:59 - 00006631 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-11 15:59 - 2014-02-11 15:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-11 15:59 - 2013-04-11 20:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-11 15:53 - 2014-02-11 15:53 - 00001257 _____ () C:\Users\User\Desktop\Blu-ray Disc Suite.lnk
2014-02-11 15:53 - 2013-08-24 11:00 - 00000000 ___RD () C:\Users\User\SkyDrive
2014-02-11 15:53 - 2013-04-19 11:00 - 00000000 ___RD () C:\Users\User\Dropbox
2014-02-11 15:53 - 2012-09-20 14:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2014-02-11 15:53 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-11 15:52 - 2014-02-11 09:17 - 00000000 ____D () C:\Windows\pss
2014-02-11 15:52 - 2013-09-13 14:49 - 00012886 _____ () C:\Windows\setupact.log
2014-02-11 15:52 - 2012-09-20 09:12 - 01728709 _____ () C:\Windows\WindowsUpdate.log
2014-02-11 15:43 - 2013-05-15 10:12 - 00000000 ____D () C:\Program Files (x86)\TurboPlaner
2014-02-11 15:40 - 2010-11-21 04:47 - 00369338 _____ () C:\Windows\PFRO.log
2014-02-11 09:17 - 2012-09-20 09:12 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-11 09:07 - 2014-02-11 08:27 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-11 09:00 - 2014-02-11 08:03 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-02-11 08:59 - 2014-02-11 08:59 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2014-02-11 08:59 - 2014-02-11 08:08 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2014-02-11 08:31 - 2014-02-11 08:31 - 00000000 ____D () C:\Users\User\AppData\Local\richy
2014-02-11 08:28 - 2014-02-11 08:28 - 00000385 _____ () C:\Users\User\AppData\Roaminguser_gensett.xml
2014-02-11 08:08 - 2014-02-11 08:08 - 00581481 _____ () C:\ProgramData\1392102185.bdinstall.bin
2014-02-11 08:08 - 2014-02-11 08:08 - 00002190 _____ () C:\Users\Public\Desktop\Bitdefender Safepay.lnk
2014-02-11 08:08 - 2014-02-11 08:08 - 00002071 _____ () C:\Users\Public\Desktop\Bitdefender Total Security.lnk
2014-02-11 08:08 - 2014-02-11 08:08 - 00000684 ____H () C:\bdr-cf01
2014-02-11 08:08 - 2014-02-11 08:08 - 00000385 _____ () C:\Windows\system32\user_gensett.xml
2014-02-11 08:08 - 2014-02-11 08:08 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-02-11 08:08 - 2014-02-11 08:08 - 00000000 ____D () C:\ProgramData\BDLogging
2014-02-11 08:08 - 2014-02-11 08:04 - 00253404 ____H () C:\bdr-ld01
2014-02-11 08:08 - 2014-02-11 08:04 - 00009216 ____H () C:\bdr-ld01.mbr
2014-02-11 08:08 - 2014-02-11 08:04 - 00000000 ____D () C:\Users\User\AppData\Roaming\Bitdefender
2014-02-11 08:04 - 2014-02-11 08:03 - 00000000 ____D () C:\Program Files\Bitdefender
2014-02-11 08:03 - 2014-02-11 08:03 - 00000000 ____D () C:\Users\User\AppData\Roaming\QuickScan
2014-02-11 08:03 - 2014-02-11 08:01 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-02-11 08:01 - 2013-08-21 09:52 - 00000000 ____D () C:\ProgramData\Avira
2014-02-11 08:00 - 2014-02-11 08:00 - 07171632 _____ () C:\Users\User\Downloads\bitdefender_tsecurity.exe
2014-02-10 20:05 - 2014-02-10 20:05 - 00000000 ____D () C:\Program Files (x86)\Attribute Changer
2014-02-10 20:04 - 2014-02-10 20:04 - 03307203 _____ (Romain Petges ) C:\Users\User\Downloads\ac.exe
2014-02-10 19:22 - 2014-02-10 19:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-10 19:21 - 2014-02-10 19:21 - 02347384 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2014-02-10 19:18 - 2014-02-10 19:18 - 00000000 ___SD () C:\32788R22FWJFW
2014-02-10 19:18 - 2014-02-10 19:18 - 00000000 ____D () C:\Windows\erdnt
2014-02-10 19:18 - 2014-02-10 17:53 - 00000000 ___SD () C:\ComboFix
2014-02-10 19:07 - 2014-02-10 16:50 - 00024114 _____ () C:\Users\User\Downloads\Addition.txt
2014-02-10 18:56 - 2014-02-10 18:56 - 00000000 ____D () C:\Users\User\test
2014-02-10 18:47 - 2014-02-10 18:47 - 04969219 _____ (R. Aquila, F. Ostermeier ) C:\Users\User\Downloads\setupzd.exe
2014-02-10 18:47 - 2014-02-10 18:47 - 00000621 _____ () C:\Users\User\Desktop\WinZD.lnk
2014-02-10 18:20 - 2014-02-10 18:20 - 00000000 ____D () C:\Users\User\AppData\Roaming\LavasoftStatistics
2014-02-10 18:11 - 2014-02-10 18:11 - 01725064 _____ () C:\Users\User\Downloads\Adaware_Installer_11.1.exe
2014-02-10 18:11 - 2014-02-10 18:11 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-02-10 18:02 - 2014-02-10 18:02 - 24859352 _____ (Microsoft Corporation) C:\Users\User\Downloads\Windows-KB890830-x64-V5.8.exe
2014-02-10 17:55 - 2014-02-10 15:07 - 00000000 ____D () C:\AdwCleaner
2014-02-10 17:55 - 2013-08-21 09:52 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-02-10 17:55 - 2013-08-01 08:23 - 00000000 ____D () C:\Users\Administrator.OfficePC.000
2014-02-10 17:55 - 2013-04-18 12:14 - 00000000 ____D () C:\winsv
2014-02-10 17:55 - 2013-02-13 14:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-10 17:55 - 2012-09-20 12:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-10 17:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-02-10 17:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-10 17:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-02-10 17:52 - 2014-02-10 17:52 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-10 16:14 - 2014-02-10 16:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes
2014-02-10 15:37 - 2014-02-10 15:35 - 276840448 _____ () C:\Users\User\Downloads\drweb-livecd-602.iso
2014-02-10 15:19 - 2014-02-10 15:19 - 00000000 ____D () C:\Windows\ERUNT
2014-02-10 15:06 - 2014-02-10 14:55 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-10 14:55 - 2014-02-10 14:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-10 13:55 - 2014-02-10 13:55 - 00000000 ____D () C:\Users\User\AppData\Local\Apps\2.0
2014-02-07 07:20 - 2013-09-15 15:07 - 00000000 ____D () C:\Users\User\Desktop\Schuljahr2013_14
2014-02-06 06:53 - 2014-02-06 06:53 - 00000859 _____ () C:\Users\User\Desktop\Sach- und Textaufgaben Mathematik.lnk
2014-02-06 06:53 - 2012-09-20 12:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-04 07:17 - 2014-02-04 07:17 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\Program Files\iTunes
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\Program Files\iPod
2014-02-04 07:17 - 2014-02-04 07:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-04 07:16 - 2013-07-11 05:51 - 00000000 ____D () C:\ProgramData\Apple
2014-01-31 10:53 - 2014-01-31 10:53 - 00031744 _____ () C:\Users\User\Desktop\Meldeliste_Grundschulwettbewerb.xls
2014-01-23 07:00 - 2012-09-20 09:12 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-01-22 08:18 - 2014-01-22 08:18 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-21 17:23 - 2013-04-19 11:00 - 00000976 _____ () C:\Users\User\Desktop\Dropbox.lnk
2014-01-21 17:23 - 2013-04-19 10:59 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-15 07:23 - 2009-07-14 05:45 - 02433448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 07:21 - 2013-08-26 07:14 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 07:21 - 2012-09-20 15:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 07:20 - 2014-01-15 07:06 - 00000000 ____D () C:\Program Files (x86)\Meldeprogramm
2014-01-15 07:06 - 2014-01-15 07:06 - 02389536 _____ (Jan Limbeck ) C:\Users\User\Downloads\Meldeprogramm-2014.exe
2014-01-15 07:06 - 2014-01-15 07:06 - 00000997 _____ () C:\Users\Administrator.OfficePC.000\Desktop\Meldeprogramm.lnk
2014-01-14 06:54 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
Files to move or delete:
====================
C:\Users\User\AppData\Local\Temp\Enhance views Hack Tool.vbs
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\User\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\User\AppData\Local\Temp\PicasaCD.exe
C:\Users\User\AppData\Local\Temp\siinst.exe
C:\Users\User\AppData\Local\Temp\strings.dll
C:\Users\User\AppData\Local\Temp\UpdateCheckerSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-10 17:39
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-02-2014 01
Ran by xxxxx at 2014-02-12 06:53:53
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
53721 Siegburg
ACDSee Foto-Manager 12 (x32 Version: 12.0.344 - ACD Systems International Inc.)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (x32 Version: 9.0.0 - Adobe Systems) Hidden
Adobe Acrobat 9 Pro Extended 64-bit Add-On (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (x32 Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AOMEI Backupper (x32 Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Attribute Changer 7.10e (x32 Version: 7.10e - Romain Petges)
Avira SearchFree Toolbar (x32 Version: 12.10.0.2948 - APN, LLC)
Bitdefender Total Security (Version: 17.25.0.1074 - Bitdefender)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Brother P-touch Address Book 1.1 (x32 Version: 1.1.100 - Brother Industries, Ltd.)
Brother P-touch Address Book 1.1 (x32 Version: 1.1.100 - Brother Industries, Ltd.) Hidden
Brother P-touch Editor 5.0 (x32 Version: 5.0.110 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (x32 Version: 5.0.110 - Brother Industries, Ltd.) Hidden
CorelDRAW Graphics Suite X3 (x32 Version: - Corel Corporation)
CorelDRAW Graphics Suite X3 (x32 Version: 13.2 - Corel Corporation) Hidden
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (x32 Version: 9.0.4322.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.4322.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DE (x32 Version: 13.0 - Corel Corporation) Hidden
Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Germany)
Google Earth (x32 Version: 6.1.0.5001 - Google)
Google+ Auto Backup (x32 Version: 1.0.21.81 - Google)
High-Definition Video Playback (x32 Version: 7.1.12500.33.0 - Nero AG) Hidden
HP LaserJet Professional P1100-P1560-P1600 Series (Version: - )
iCloud (Version: 3.1.0.40 - Apple Inc.)
Intel(R) OpenCL CPU Runtime (x32 Version: - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932 - Intel Corporation)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 17 (64-bit) (Version: 7.0.170 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Johannesstraße 41
klickIdent 26 (x32 Version: 26.00 - )
klickTel Telefon- und Branchenbuch Frühjahr 2011 (x32 Version: 1.00.0000 - telegate MEDIA AG)
Meldeprogramm (x32 Version: - Jan Limbeck)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (x32 Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero Burning ROM 10 (x32 Version: 10.2.10500.7.100 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.2.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.0.0.0 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17200.8.0 - Nero AG) Hidden
Nero Dolby Files 10 (x32 Version: 2.0.12001.0.10 - Nero AG) Hidden
Nero Multimedia Suite 10 Platinum HD (x32 Version: 10.5.10000 - Nero AG)
Nero Recode 10 (x32 Version: 4.8.10400.3.100 - Nero AG)
Nero Recode 10 Help (CHM) (x32 Version: 10.2.10500 - Nero AG) Hidden
Nero SoundTrax 10 (x32 Version: 4.8.10200.1.100 - Nero AG)
Nero SoundTrax 10 Help (CHM) (x32 Version: 10.2.10600 - Nero AG) Hidden
Nero Vision 10 (x32 Version: 7.2.14000.4.100 - Nero AG)
Nero Vision 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero WaveEditor 10 (x32 Version: 5.8.10200.1.100 - Nero AG)
Nero WaveEditor 10 Help (CHM) (x32 Version: 10.2.10600 - Nero AG) Hidden
Octava SD4 (x32 Version: 5.01 - Obtiv)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (x32 Version: 3.9 - Google, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Schülerdatei (x32 Version: - )
Scribus 1.4.3 (64bit) (Version: 1.4.3 - The Scribus Team)
streamWriter (x32 Version: - )
TeamViewer 8 (x32 Version: 8.0.20935 - TeamViewer)
Turbo-Planer (x32 Version: - Haneke Software
UBitMenuDE (x32 Version: 01.04 - UBit Schweiz AG)
UltraMixer 2.4.6 (x32 Version: 2.4.6 - UltraMixer Digital Audio Solutions)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VIS version 2.0.0.0 (x32 Version: 2.0.0.0 - Eloam)
VLC media player 2.0.5 (x32 Version: 2.0.5 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WINZD 2013-08 Rev. 2 (x32 Version: - R. Aquila, F. Ostermeier)
==================== Restore Points =========================
10-02-2014 18:18:18 ComboFix created restore point
10-02-2014 18:19:18 AA11
11-02-2014 07:26:20 Windows Update
11-02-2014 08:07:41 Windows Update
11-02-2014 14:58:57 Installed Java 7 Update 51
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1BC7E6FF-171B-490C-A76C-A6228BF0109F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {77E1F06A-C11F-4D1A-A9D0-1714BE117BF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-07] (Adobe Systems Incorporated)
Task: {B4111A0E-67A1-4F8F-A41A-87CC20D4AB6D} - System32\Tasks\ASUS\i-Setup111154 => C:\Windows\Intel_Chipset_V9301021_XPWin7_8\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-02-11 08:08 - 2013-06-19 11:45 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender\txmlutil.dll
2012-03-26 16:33 - 2012-03-26 16:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00196312 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00220888 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00171736 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00257752 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00368344 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00057048 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00167640 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00245464 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00073432 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00093912 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2013-09-10 07:28 - 2013-08-23 19:15 - 00043736 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-11 08:08 - 2013-06-19 11:44 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender\antispam32\txmlutil.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-20 12:46 - 2014-02-06 06:53 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2012-09-20 12:46 - 2014-02-06 06:53 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2012-09-20 12:46 - 2014-02-06 06:53 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2012-09-20 12:46 - 2014-02-06 11:38 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\User\Downloads\FRST64.exe:BDU
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: APNMCP => 2
MSCONFIG\startupreg: Enhance views Hack Tool => wscript.exe //B "C:\Users\User\AppData\Local\Temp\Enhance views Hack Tool.vbs"
MSCONFIG\startupreg: Haneke Software - AutoUpdate (C: =>
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/12/2014 02:57:48 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "NScCoreComponents,type="win32",version="5.3.2.0"1". Fehler in Manifest- oder Richtliniendatei "NScCoreComponents,type="win32",version="5.3.2.0"2" in Zeile NScCoreComponents,type="win32",version="5.3.2.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: NScCoreComponents,type="win32",version="5.3.2.0".
Definition: NScCoreComponents,type="win32",version="5.3.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/12/2014 02:57:48 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "NFD,type="win32",version="5.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "NFD,type="win32",version="5.2.0.0"2" in Zeile NFD,type="win32",version="5.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: NFD,type="win32",version="5.2.0.0".
Definition: NFD,type="win32",version="5.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/11/2014 03:56:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/11/2014 03:43:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: autoupdate.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xba8
Startzeit der fehlerhaften Anwendung: 0xautoupdate.exe0
Pfad der fehlerhaften Anwendung: autoupdate.exe1
Pfad des fehlerhaften Moduls: autoupdate.exe2
Berichtskennung: autoupdate.exe3
Error: (02/11/2014 09:14:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: autoupdate.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0x3dc
Startzeit der fehlerhaften Anwendung: 0xautoupdate.exe0
Pfad der fehlerhaften Anwendung: autoupdate.exe1
Pfad des fehlerhaften Moduls: autoupdate.exe2
Berichtskennung: autoupdate.exe3
Error: (02/11/2014 08:28:37 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: autoupdate.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1116
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c41f
ID des fehlerhaften Prozesses: 0xe14
Startzeit der fehlerhaften Anwendung: 0xautoupdate.exe0
Pfad der fehlerhaften Anwendung: autoupdate.exe1
Pfad des fehlerhaften Moduls: autoupdate.exe2
Berichtskennung: autoupdate.exe3
Error: (02/11/2014 00:30:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "NScCoreComponents,type="win32",version="5.3.2.0"1". Fehler in Manifest- oder Richtliniendatei "NScCoreComponents,type="win32",version="5.3.2.0"2" in Zeile NScCoreComponents,type="win32",version="5.3.2.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: NScCoreComponents,type="win32",version="5.3.2.0".
Definition: NScCoreComponents,type="win32",version="5.3.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/11/2014 00:30:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "NFD,type="win32",version="5.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "NFD,type="win32",version="5.2.0.0"2" in Zeile NFD,type="win32",version="5.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: NFD,type="win32",version="5.2.0.0".
Definition: NFD,type="win32",version="5.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/10/2014 07:22:03 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/10/2014 07:21:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (02/11/2014 04:09:25 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.
Error: (02/11/2014 04:09:24 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.
Error: (02/11/2014 04:09:23 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.
Error: (02/11/2014 04:09:23 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR7 gefunden.
Error: (02/11/2014 03:54:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/11/2014 03:41:11 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/11/2014 09:11:45 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/11/2014 08:29:33 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/11/2014 08:16:32 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (02/11/2014 08:03:44 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-02-10 16:58:15.297
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-02-10 16:58:15.266
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 7883.01 MB
Available physical RAM: 6021.93 MB
Total Pagefile: 15764.2 MB
Available Pagefile: 13268.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:46.5 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1642 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 9716A6F8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 292FC70E)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
WARNUNG an die MITLESER: