Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.07.2014, 00:39   #1
Spanaikos
 
Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion? - Standard

Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?



Hallo liebe Community,

wie der Titel schon sagt, war ich leider so blöd und habe eine Zip-Datei aus einer Email heruntergeladen, obwohl ich es eigentlich besser weiß, leider sah sie diesmal zu seriös aus.

Als ich bemerkt habe, dass sich in dieser zip-Datei nur eine sehr eigenartige Datei befand, habe ich diese sofort gelöscht ohne sie auszuführen.

Seitdem läuft mein Mozilla deutlich langsamer und hängt sich ab und zu auf, außerdem schlägt mein Virenprogramm nach dem Start meines PC´s an. Es sagt zwar jedesmal "Bedrohung gefunden und wird bereinigt" aber halt jedesmal nach dem Start aufs neue.
Deswegen befürchte ich, dass ich mir wohl was eingefangen habe.

Ich habe in einem anderen Thread schon über ein ähnliches Problem gelesen, da wurde dem Threadersteller geraten, das Programm FRST zu downloaden und zu scannen, dies habe ich bereits gemacht, Hier die FRST.txt


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:03-07-2014
Ran by Steve Gonsczak (administrator) on STEVEGONSCZAK on 05-07-2014 01:16:19
Running from C:\Users\Steve Gonsczak\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Windows\System32\PnkBstrA.exe
(Iminent) C:\Program Files\Common Files\Umbrella\Umbrella242.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(DeviceVM, Inc.) C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Vtune\TBPANEL.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFCE.EXE
(Oberon Media ) C:\Program Files\GamesBar\SearchEngineProtection.exe
(Akamai Technologies, Inc.) C:\Users\Steve Gonsczak\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Steve Gonsczak\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Program Files\MSI\US54SE_Utility\ZDWlan.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Akamai Technologies, Inc.) C:\Users\Steve Gonsczak\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1733120 2010-01-18] (VIA)
HKLM\...\Run: [BCU] => C:\Program Files\DeviceVM\Browser Configuration Utility\BCU.exe [375000 2009-11-23] (DeviceVM, Inc.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2011-06-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [facemoods] => C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe [323584 2010-10-26] (facemoods.com)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2011-06-07] (Apple Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-07-11] (Nullsoft, Inc.)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [TBPanel] => C:\Program Files\Vtune\TBPanel.exe [2158592 2010-03-17] ()
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [Steam] => I:\steam und co\steam.exe [1753280 2014-06-30] (Valve Corporation)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [EPSON SX410 Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.EXE [199680 2008-10-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [SearchEngineProtection] => C:\Program Files\Gamesbar\SearchEngineProtection.exe [568312 2010-05-31] (Oberon Media )
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Steve Gonsczak\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Steve Gonsczak\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [24474752 2014-06-05] (Google)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\Run: [kaauakjl] => C:\Users\Steve Gonsczak\AppData\Roaming\Kxlb\nhdxakjl.exe [77136 2014-07-02] ()
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\RunOnce: [b42ymtv] - C:\ProgramData\wpj\caggp.exe [290816 2014-07-04] (Faronics Corporation)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\RunOnce: [sjvc] - C:\ProgramData\geyrq\ctfkx.exe [290816 2014-07-04] (Faronics Corporation)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\RunOnce: [77lp] - C:\ProgramData\ywhysi\ipyyht.exe [290816 2014-07-03] (Faronics Corporation)
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\MountPoints2: {410828e3-ce0b-11df-89dc-90fba68f44d7} - J:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\MountPoints2: {410828ec-ce0b-11df-89dc-90fba68f44d7} - J:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2037888514-3242928532-2918570568-1000\...\MountPoints2: {4fb79ce7-3476-11e1-a1c2-90fba68f44d7} - J:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MSI US54SE 802.11b+g USB Stick Utility.lnk
ShortcutTarget: MSI US54SE 802.11b+g USB Stick Utility.lnk -> C:\Program Files\MSI\US54SE_Utility\ZDWlan.exe ()
Startup: C:\Users\Steve Gonsczak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Steve Gonsczak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x52F264B41728CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.iminent.com/?appId=FCBCB64E-4442-4740-8966-E41E0FFFE223
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -  No File
URLSearchHook: HKLM - Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
URLSearchHook: HKLM - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWin2.dll (Conduit Ltd.)
URLSearchHook: HKCU - Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
URLSearchHook: HKCU - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWin2.dll (Conduit Ltd.)
URLSearchHook: HKCU - ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\ChatZum Toolbar\tbunszB7CF.tmp\tbhelper.dll ()
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110731204842792&tb_oid=31-07-2011&tb_mrud=31-07-2011
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=e4f3f35e00000000000000ffe9097dc4
SearchScopes: HKCU - {26550BD1-C506-4b70-A00A-043F496C0118} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
SearchScopes: HKCU - {36377DD7-B3EB-42f5-986F-680BAF59BA9D} URL = hxxp://start.iplay.com/searchresults.aspx?o=chrome&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/?source=c3348dd4&tbp=rbox&toolbarid=blekkotb&u=2012032197E44315A772BB78A65B24D7&q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
SearchScopes: HKCU - {4C93EE49-3416-449a-A102-676ECCC23BC0} URL = hxxp://search.iminent.com/?appId=FCBCB64E-4442-4740-8966-E41E0FFFE223&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://search.chatzum.com/?q={SearchTerms}
SearchScopes: HKCU - {C72B0F3E-2818-462a-94A3-5F352D39A638} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
SearchScopes: HKCU - {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20110731204842792&tb_oid=31-07-2011&tb_mrud=31-07-2011
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48иpatm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Plus-HD-2.4 - {11111111-1111-1111-1111-110311341134} - C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-bho.dll (Plus HD)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
BHO: No Name - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWin2.dll (Conduit Ltd.)
BHO: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll (facemoods.com BHO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.55\oberontb.dll (Oberon Media Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: TBSB09850 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\ChatZum Toolbar\tbunszB7CF.tmp\tbcore3.dll ()
BHO: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKLM - GamesBar - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.55\oberontb.dll (Oberon Media Ltd.)
Toolbar: HKLM - Winload Toolbar - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Program Files\Winload\prxtbWin2.dll (Conduit Ltd.)
Toolbar: HKLM - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll (facemoods.com)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files\ChatZum Toolbar\tbunszB7CF.tmp\tbcore3.dll ()
Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
Toolbar: HKLM - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
Toolbar: HKCU - Winload Toolbar - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Program Files\Winload\prxtbWin2.dll (Conduit Ltd.)
Toolbar: HKCU - ChatZum Toolbar - {37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - C:\Program Files\ChatZum Toolbar\tbunszB7CF.tmp\tbcore3.dll ()
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: {C212D449-8B3C-41F2-BD9A-047BD770550F} hxxp://operation7.fiaa.eu/OPLauncher.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Winsock: Catalog9 01 bmnet.dll File Not found ()
Winsock: Catalog9 02 bmnet.dll File Not found ()
Winsock: Catalog9 03 bmnet.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Steve Gonsczak\AppData\Roaming\Mozilla\Firefox\Profiles\i6di547y.default-1402491355235
FF DefaultSearchEngine: SearchTheWeb
FF SelectedSearchEngine: SearchTheWeb
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @soft-xpansion/npsxpdf - C:\Program Files\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Steve Gonsczak\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\SearchTheWeb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-2.4 - C:\Users\Steve Gonsczak\AppData\Roaming\Mozilla\Firefox\Profiles\i6di547y.default-1402491355235\Extensions\ad80235d-5e5a-4a1d-a891-51b66a3e70f8@8f877d80-6977-415f-ac14-b52043838c19.com [2014-06-27]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Steve Gonsczak\AppData\Roaming\Mozilla\Firefox\Profiles\i6di547y.default-1402491355235\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7} [2014-06-11]
FF Extension: Adblock Plus - C:\Users\Steve Gonsczak\AppData\Roaming\Mozilla\Firefox\Profiles\i6di547y.default-1402491355235\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-11]
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com [2014-06-11]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-10-02]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-31]
FF HKLM\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files\Iminent\webbooster@iminent.com
FF HKLM\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2013-06-26]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-06-26]
FF HKLM\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2013-06-26]
FF HKCU\...\Firefox\Extensions: [{0F827075-B026-42F3-885D-98981EE7B1AE}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension

Chrome: 
=======
CHR HomePage: hxxp://search.iminent.com/?appId=FCBCB64E-4442-4740-8966-E41E0FFFE223
CHR StartupUrls: "hxxp://search.iminent.com/?appId=FCBCB64E-4442-4740-8966-E41E0FFFE223"
CHR Extension: (Google Docs) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-21]
CHR Extension: (Google Drive) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (PriceGong) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2013-12-21]
CHR Extension: (YouTube) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-21]
CHR Extension: (Google Search) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-21]
CHR Extension: (Foxtab Speed Dial (Release Candidate)) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihflimipbcaljfnojhhknppphnnciiif [2013-12-21]
CHR Extension: (Google Wallet) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-12-21]
CHR Extension: (Gmail) - C:\Users\Steve Gonsczak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-21]
CHR HKLM\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files\PriceGong\2.5.3\pricegong.crx [2011-10-05]
CHR HKLM\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - C:\Program Files\FTDownloader.com\FTDownloader10.crx [2011-10-05]
CHR HKLM\...\Chrome\Extension: [ihflimipbcaljfnojhhknppphnnciiif] - C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoods.crx [2010-11-24]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [316816 2010-10-01] (Protection Technology)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 BCUService; C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe [219368 2009-11-23] (DeviceVM, Inc.)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [49152 2013-05-26] () [File not signed]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION) [File not signed]
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [3993576 2011-11-17] (INCA Internet Co., Ltd.)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-09-14] ()
R2 SProtection; C:\Program Files\Common Files\Umbrella\Umbrella242.exe [3088192 2014-06-12] (Iminent)
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-06-26] (soft Xpansion)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\Windows\system32\drivers\acedrv11.sys [277736 2008-07-30] (Protect Software GmbH)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3033712 2010-10-01] (Protection Technology)
R3 athrusb6; C:\Windows\System32\DRIVERS\athru6.sys [871936 2007-08-01] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2012-01-22] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin) [File not signed]
U0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
S3 Cardex; C:\Windows\system32\drivers\TBPANEL.SYS [12256 2007-03-16] (Windows (R) 2000 DDK provider)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2011-08-01] (Eugene V. Muzychenko)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-01-22] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [17408 2008-08-14] (Creative Technology Ltd.)
R2 TBPanel; C:\Windows\system32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows (R) 2000 DDK provider)
S1 tcpipBM; C:\Windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1119232 2010-01-11] (VIA Technologies, Inc.)
S3 ALSysIO; \??\C:\Users\STEVEG~1\AppData\Local\Temp\ALSysIO.sys [X]
S3 cpuz132; \??\C:\Users\STEVEG~1\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [X]
S3 EagleNT; \??\C:\Users\STEVEG~1\AppData\Local\Temp\EagleNT.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 FXDrv32; \??\D:\FXDrv32.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 XDva375; \??\C:\Windows\system32\XDva375.sys [X]
S3 XDva380; \??\C:\Windows\system32\XDva380.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 01:16 - 2014-07-05 01:17 - 00032886 _____ () C:\Users\Steve Gonsczak\Downloads\FRST.txt
2014-07-05 01:15 - 2014-07-05 01:16 - 00000000 ____D () C:\FRST
2014-07-05 01:15 - 2014-07-05 01:15 - 01073664 _____ (Farbar) C:\Users\Steve Gonsczak\Downloads\FRST.exe
2014-07-05 01:14 - 2014-07-05 01:15 - 00448788 _____ () C:\Users\Steve Gonsczak\Documents\cc_20140705_011445.reg
2014-07-05 00:34 - 2014-07-05 00:34 - 00000000 ____D () C:\ProgramData\wljfank
2014-07-05 00:34 - 2014-07-05 00:34 - 00000000 ____D () C:\ProgramData\eahqygc
2014-07-04 20:46 - 2014-07-05 00:35 - 00000000 ____D () C:\ProgramData\hgdlp
2014-07-04 20:46 - 2014-07-04 20:46 - 00000000 ____D () C:\ProgramData\vybfmt
2014-07-04 20:46 - 2014-07-04 20:46 - 00000000 ____D () C:\ProgramData\geyrq
2014-07-04 13:59 - 2014-07-05 00:35 - 00000000 ____D () C:\ProgramData\wsg
2014-07-04 13:59 - 2014-07-04 13:59 - 00000000 ____D () C:\ProgramData\xjrxb
2014-07-04 13:59 - 2014-07-04 13:59 - 00000000 ____D () C:\ProgramData\wpj
2014-07-04 13:54 - 2014-07-04 13:54 - 00000000 ____D () C:\ProgramData\tudrg
2014-07-03 13:53 - 2014-07-05 00:35 - 00000000 ____D () C:\ProgramData\jphpv
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\ProgramData\ywhysi
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\ProgramData\arkl
2014-07-02 17:55 - 2014-07-04 13:53 - 00000000 ____D () C:\ProgramData\utypcj
2014-07-02 14:30 - 2014-07-04 13:53 - 00000000 ____D () C:\ProgramData\wpjvfq
2014-07-02 14:30 - 2014-07-03 13:53 - 00000000 ____D () C:\ProgramData\xhlnyyl
2014-07-02 14:30 - 2014-07-02 14:30 - 00000000 ____D () C:\ProgramData\vdoge
2014-07-02 13:34 - 2014-07-05 00:44 - 00000000 ____D () C:\ProgramData\rfnenps
2014-07-02 13:34 - 2014-07-02 17:54 - 00000000 ____D () C:\ProgramData\ltsq
2014-07-02 13:34 - 2014-07-02 17:54 - 00000000 ____D () C:\ProgramData\ecnr
2014-07-02 13:34 - 2014-07-02 14:30 - 00000000 ____D () C:\ProgramData\thgdj
2014-07-02 13:34 - 2014-07-02 13:34 - 00000000 ____D () C:\ProgramData\yhodro
2014-07-02 13:21 - 2014-07-02 13:21 - 00388608 _____ (Trend Micro Inc.) C:\Users\Steve Gonsczak\Downloads\hijackthis_5833.exe
2014-07-02 13:17 - 2014-07-05 00:35 - 00000000 ____D () C:\ProgramData\mpsbrva
2014-07-02 00:21 - 2014-07-02 00:21 - 00000000 ___HD () C:\Users\Steve Gonsczak\AppData\Roaming\Kxlb
2014-06-27 20:34 - 2014-06-27 20:34 - 00000209 _____ () C:\Users\Steve Gonsczak\Desktop\Don Bradman Cricket 14 Demo.url
2014-06-25 20:08 - 2014-06-25 20:08 - 00012861 _____ () C:\Users\Steve Gonsczak\Desktop\LoL Analyse.odt
2014-06-19 14:17 - 2014-06-19 14:17 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-12 16:38 - 2014-06-12 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-12 16:37 - 2014-06-12 16:37 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\NVIDIA
2014-06-12 16:33 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe
2014-06-11 22:43 - 2014-06-11 22:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-11 14:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-11 14:41 - 2014-06-11 14:42 - 00000000 ____D () C:\AdwCleaner
2014-06-11 14:41 - 2014-06-11 14:41 - 01333465 _____ () C:\Users\Steve Gonsczak\Downloads\adwcleaner_3.212.exe
2014-06-11 14:28 - 2014-06-11 14:28 - 00000000 __SHD () C:\Users\Steve Gonsczak\AppData\Local\EmieUserList
2014-06-11 14:28 - 2014-06-11 14:28 - 00000000 __SHD () C:\Users\Steve Gonsczak\AppData\Local\EmieSiteList
2014-06-11 13:07 - 2014-06-11 13:07 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-11 13:05 - 2014-06-11 14:29 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-06-11 13:04 - 2014-06-11 13:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Steve Gonsczak\Downloads\sh-remover.exe
2014-06-11 12:43 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 12:43 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 12:43 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 12:43 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 12:43 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 12:43 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 12:43 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 12:43 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 12:43 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 12:43 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 12:43 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 12:43 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 12:43 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 12:43 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 12:43 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 12:43 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 12:43 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 12:43 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 12:43 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 12:43 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 12:43 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 12:43 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 12:43 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 12:43 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 12:43 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 12:43 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 12:43 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 12:43 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 12:42 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 12:42 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-11 12:42 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 12:42 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 12:42 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 12:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 12:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 12:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 12:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-10 14:29 - 2014-06-13 11:07 - 00000000 ____D () C:\Program Files\Common Files\Umbrella

==================== One Month Modified Files and Folders =======

2014-07-05 01:17 - 2014-07-05 01:16 - 00032886 _____ () C:\Users\Steve Gonsczak\Downloads\FRST.txt
2014-07-05 01:16 - 2014-07-05 01:15 - 00000000 ____D () C:\FRST
2014-07-05 01:15 - 2014-07-05 01:15 - 01073664 _____ (Farbar) C:\Users\Steve Gonsczak\Downloads\FRST.exe
2014-07-05 01:15 - 2014-07-05 01:14 - 00448788 _____ () C:\Users\Steve Gonsczak\Documents\cc_20140705_011445.reg
2014-07-05 01:13 - 2009-07-14 06:34 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 01:13 - 2009-07-14 06:34 - 00015120 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 01:08 - 2010-10-18 21:30 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Roaming\TS3Client
2014-07-05 01:07 - 2010-10-26 17:27 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 01:07 - 2010-10-18 21:34 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 00:57 - 2012-09-09 14:08 - 00007603 _____ () C:\Users\Steve Gonsczak\AppData\Local\Resmon.ResmonCfg
2014-07-05 00:44 - 2014-07-02 13:34 - 00000000 ____D () C:\ProgramData\rfnenps
2014-07-05 00:39 - 2010-10-01 14:56 - 01427987 ____N () C:\Windows\WindowsUpdate.log
2014-07-05 00:36 - 2014-04-30 18:07 - 00000000 ___RD () C:\Users\Steve Gonsczak\Google Drive
2014-07-05 00:36 - 2012-02-12 13:27 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\Deployment
2014-07-05 00:36 - 2011-05-02 17:35 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Roaming\Skype
2014-07-05 00:35 - 2014-07-04 20:46 - 00000000 ____D () C:\ProgramData\hgdlp
2014-07-05 00:35 - 2014-07-04 13:59 - 00000000 ____D () C:\ProgramData\wsg
2014-07-05 00:35 - 2014-07-03 13:53 - 00000000 ____D () C:\ProgramData\jphpv
2014-07-05 00:35 - 2014-07-02 13:17 - 00000000 ____D () C:\ProgramData\mpsbrva
2014-07-05 00:34 - 2014-07-05 00:34 - 00000000 ____D () C:\ProgramData\wljfank
2014-07-05 00:34 - 2014-07-05 00:34 - 00000000 ____D () C:\ProgramData\eahqygc
2014-07-05 00:34 - 2013-06-26 11:56 - 00001824 _____ () C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job
2014-07-05 00:34 - 2013-06-26 11:56 - 00001204 _____ () C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job
2014-07-05 00:34 - 2013-06-26 11:56 - 00001200 _____ () C:\Windows\Tasks\Plus-HD-2.4-updater.job
2014-07-05 00:34 - 2013-06-26 11:56 - 00001104 _____ () C:\Windows\Tasks\Plus-HD-2.4-enabler.job
2014-07-05 00:34 - 2010-10-18 21:34 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 00:34 - 2010-10-01 16:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-05 00:34 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 00:31 - 2011-07-12 14:19 - 03629056 ___SH () C:\Users\Steve Gonsczak\Desktop\Thumbs.db
2014-07-05 00:25 - 2013-06-29 15:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 22:48 - 2013-08-14 16:33 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\Akamai
2014-07-04 20:46 - 2014-07-04 20:46 - 00000000 ____D () C:\ProgramData\vybfmt
2014-07-04 20:46 - 2014-07-04 20:46 - 00000000 ____D () C:\ProgramData\geyrq
2014-07-04 13:59 - 2014-07-04 13:59 - 00000000 ____D () C:\ProgramData\xjrxb
2014-07-04 13:59 - 2014-07-04 13:59 - 00000000 ____D () C:\ProgramData\wpj
2014-07-04 13:54 - 2014-07-04 13:54 - 00000000 ____D () C:\ProgramData\tudrg
2014-07-04 13:53 - 2014-07-02 17:55 - 00000000 ____D () C:\ProgramData\utypcj
2014-07-04 13:53 - 2014-07-02 14:30 - 00000000 ____D () C:\ProgramData\wpjvfq
2014-07-03 20:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\ProgramData\ywhysi
2014-07-03 13:53 - 2014-07-03 13:53 - 00000000 ____D () C:\ProgramData\arkl
2014-07-03 13:53 - 2014-07-02 14:30 - 00000000 ____D () C:\ProgramData\xhlnyyl
2014-07-02 17:54 - 2014-07-02 13:34 - 00000000 ____D () C:\ProgramData\ltsq
2014-07-02 17:54 - 2014-07-02 13:34 - 00000000 ____D () C:\ProgramData\ecnr
2014-07-02 14:30 - 2014-07-02 14:30 - 00000000 ____D () C:\ProgramData\vdoge
2014-07-02 14:30 - 2014-07-02 13:34 - 00000000 ____D () C:\ProgramData\thgdj
2014-07-02 13:34 - 2014-07-02 13:34 - 00000000 ____D () C:\ProgramData\yhodro
2014-07-02 13:21 - 2014-07-02 13:21 - 00388608 _____ (Trend Micro Inc.) C:\Users\Steve Gonsczak\Downloads\hijackthis_5833.exe
2014-07-02 00:21 - 2014-07-02 00:21 - 00000000 ___HD () C:\Users\Steve Gonsczak\AppData\Roaming\Kxlb
2014-07-01 18:57 - 2014-05-14 20:18 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\PMB Files
2014-07-01 18:57 - 2014-05-14 20:18 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-30 17:08 - 2010-10-14 21:46 - 00000000 ____D () C:\Users\Steve Gonsczak\Documents\My Games
2014-06-27 20:34 - 2014-06-27 20:34 - 00000209 _____ () C:\Users\Steve Gonsczak\Desktop\Don Bradman Cricket 14 Demo.url
2014-06-25 20:08 - 2014-06-25 20:08 - 00012861 _____ () C:\Users\Steve Gonsczak\Desktop\LoL Analyse.odt
2014-06-24 18:06 - 2013-10-24 22:23 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\Battle.net
2014-06-20 03:15 - 2013-07-24 03:13 - 00000000 ____D () C:\Program Files\File Type Advisor
2014-06-20 01:10 - 2014-04-30 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-06-20 00:53 - 2014-04-25 22:17 - 00000000 ____D () C:\Users\Steve Gonsczak\Documents\Masters of the World
2014-06-19 14:17 - 2014-06-19 14:17 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-06-19 14:17 - 2014-03-22 14:30 - 00000000 ___RD () C:\Program Files\Skype
2014-06-19 14:17 - 2011-05-02 17:34 - 00000000 ____D () C:\ProgramData\Skype
2014-06-18 14:56 - 2010-10-01 15:03 - 01649492 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-18 14:24 - 2014-01-12 13:53 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\WebPlayer
2014-06-13 11:07 - 2014-06-10 14:29 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-06-12 19:07 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-12 16:38 - 2014-06-12 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-12 16:37 - 2014-06-12 16:37 - 00000000 ____D () C:\Users\Steve Gonsczak\AppData\Local\NVIDIA
2014-06-12 16:35 - 2011-04-24 16:36 - 00000000 ____D () C:\Temp
2014-06-12 16:33 - 2010-10-01 16:19 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-12 16:31 - 2011-03-12 15:57 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-12 13:36 - 2013-12-03 19:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-12 03:27 - 2014-05-07 00:50 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 03:05 - 2013-08-14 21:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 03:01 - 2012-01-01 18:48 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 22:43 - 2014-06-11 22:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-11 14:42 - 2014-06-11 14:41 - 00000000 ____D () C:\AdwCleaner
2014-06-11 14:41 - 2014-06-11 14:41 - 01333465 _____ () C:\Users\Steve Gonsczak\Downloads\adwcleaner_3.212.exe
2014-06-11 14:29 - 2014-06-11 13:05 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-06-11 14:28 - 2014-06-11 14:28 - 00000000 __SHD () C:\Users\Steve Gonsczak\AppData\Local\EmieUserList
2014-06-11 14:28 - 2014-06-11 14:28 - 00000000 __SHD () C:\Users\Steve Gonsczak\AppData\Local\EmieSiteList
2014-06-11 13:07 - 2014-06-11 13:07 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-11 13:05 - 2012-05-19 02:04 - 00001470 _____ () C:\Windows\system32\InstallUtil.InstallLog
2014-06-11 13:05 - 2010-10-14 18:06 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-11 13:04 - 2014-06-11 13:04 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Steve Gonsczak\Downloads\sh-remover.exe
2014-06-10 20:24 - 2013-10-24 22:23 - 00000000 ____D () C:\Program Files\Battle.net
2014-06-08 10:48 - 2014-06-11 12:42 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-11 12:42 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Files to move or delete:
====================
C:\ProgramData\1McMiJ.dat


Some content of TEMP:
====================
C:\Users\Steve Gonsczak\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Steve Gonsczak\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Steve Gonsczak\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Steve Gonsczak\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Steve Gonsczak\AppData\Local\Temp\SHSetup.exe
C:\Users\Steve Gonsczak\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-30 15:48

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


und die Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:03-07-2014
Ran by Steve Gonsczak at 2014-07-05 01:17:44
Running from C:\Users\Steve Gonsczak\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKLM\...\uTorrent) (Version: 3.1.3 - )
3Com OfficeConnect Wireless 54Mbps 11g USB Adapter (HKLM\...\{8F2C8130-8A34-40A7-9FC8-5D87001AC99E}) (Version: 4.0.1.0 - 3Com Corporation)
50 FREE MP3s +1 Free Audiobook! (HKLM\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader 9.4.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.5 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Apple Application Support (HKLM\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C23CD6DA-1958-43A5-ADD0-59396572E02E}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression (HKLM\...\{6C5D7191-140A-11D6-B5A0-0050DA208A93}) (Version:  - )
Arma 2 (HKLM\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (HKLM\...\Steam App 219540) (Version:  - )
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{C2E4B5BD-32DB-4817-A060-341AB17C3F90}) (Version: 2.0.5.0 - Apple Inc.)
Browser Configuration Utility (HKLM\...\{DEF059B7-A738-4FDF-8AB0-8EC6802A356E}) (Version: 0.0.4.0 - DeviceVM Inc.)
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
ChatZum Toolbar (HKLM\...\ChatZum Toolbar) (Version: 1.0.14 - ChatZum)
Cockatrice (HKLM\...\Cockatrice) (Version:  - )
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAoC Portal (HKLM\...\{EC9359B3-2548-4DB1-B322-6D71A17501F9}) (Version: 2.8.2 - Dawn of Light)
DAOC-Charplan (HKLM\...\DAOCCharplan) (Version:  - )
Dark Age of Camelot (HKLM\...\Dark Age of Camelot) (Version:  - Electronic Arts)
DARK SOULS™ II (HKLM\...\Steam App 236430) (Version:  - FromSoftware, Inc)
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM\...\{D7ECDD70-EBAB-42AD-8BE3-2F4D1CEC70A7}) (Version: 0.92.79 - Dotjosh Studios)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity Original Sin (HKLM\...\Steam App 230230) (Version:  - Larian Studios)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC)
Don Bradman Cricket 14 Demo (HKLM\...\Steam App 303990) (Version:  - Big Ant Studios)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version:  - ) <==== ATTENTION
Druckerdeinstallation für EPSON SX410 Series (HKLM\...\EPSON SX410 Series) (Version:  - SEIKO EPSON Corporation)
Dungeon Defenders (HKLM\...\Steam App 65800) (Version:  - Trendy Entertainment)
DVDStyler v2.6 (HKLM\...\DVDStyler_is1) (Version:  - )
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.8.5.1 - DVDVideoSoftTB)
EPSON Copy Utility (HKLM\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version:  - )
EPSON Photo Print (HKLM\...\{D379964B-685C-44D5-AE46-C953A9FEEA14}) (Version:  - )
EPSON PhotoQuicker3.2 (HKLM\...\{B2EFE303-A594-11D5-95EB-005004BC1C65}) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
Facemoods Toolbar (HKLM\...\facemoods) (Version:  - ) <==== ATTENTION
File Type Advisor 1.0 (HKLM\...\File Type Advisor_is1) (Version:  - filetypeadvisor.com)
FilesFrog Update Checker (HKLM\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
Firebird SQL Server - MAGIX Edition (HKLM\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Free Audio CD Burner version 1.4.8 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free M4a to MP3 Converter 8.0 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free YouTube to MP3 Converter version 3.12.8.717 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.8.717 - DVDVideoSoft Ltd.)
Freemium Free PDF Perfect (HKLM\...\{88265079-D6F4-4292-86BE-D2053E80BFE4}) (Version: 1.0 - Freemium)
GameCenter (HKLM\...\GameCenter) (Version:  - )
GameCenter 1.3.0.6 (HKLM\...\GameCenter_is1) (Version: 1.3.0.6 - Cyanide)
GamesBar 2.0.1.55 (HKLM\...\GamesBar) (Version: 2.0.1.55 - Oberon Media, Inc.)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
Genesis version Genesis Launcher 1.005 (HKLM\...\{975e7799-c584-47f0-9c12-c1551f3e95f2}_is1) (Version: Genesis Launcher 1.005 - Pawel D. alias Laplume for Genesis.)
Genesis version Patch (HKLM\...\{9db86e9a-0b05-4202-a76c-5a795f698408}_is1) (Version: Patch - Pawel D. alias Laplume for Genesis.)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM\...\{D9F75285-4864-461D-83DA-8D056BAC44D1}) (Version: 1.16.6866.4367 - Google, Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{C897FCB3-2F8B-4185-8035-79E2AF3A92A4}) (Version: 10.3.1.55 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM\...\1489-3350-5074-6281) (Version: 0.9 - AppWork GmbH)
K-Lite Codec Pack 6.4.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.4.0 - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
LOLReplay (HKLM\...\LOLReplay) (Version: 0.8.7 - www.leaguereplays.com)
Magic: The Gathering - Duels of the Planeswalkers 2013 (HKLM\...\Steam App 97330) (Version:  - )
MAGIX Music Maker 17 Download-Version (HKLM\...\MAGIX_MSI_mm17) (Version: 17.0.0.16 - MAGIX AG)
MAGIX Music Maker 17 Download-Version (Version: 17.0.0.16 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM\...\{E04D1AC1-B3AF-4C1A-B7E0-B37A058271CE}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM\...\{300DFCBA-348B-4FD6-AE50-1D3CDFEE6314}) (Version: 7.0.2.6 - MAGIX AG)
Masters of the World (HKLM\...\MOW 2013 ENGLISH DL) (Version: 5.07 - Eversim)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x86) German (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mouse Recorder Pro 2.0.7.4 (HKLM\...\{889E44CE-435C-4D37-B302-A7E43339E5FA}_is1) (Version:  - Nemex Studios)
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI US54SE 802.11 b+g USB Stick (HKLM\...\{581CE7EA-A30D-0000-1211-088635773309}) (Version:  - )
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Neffy 1,3,29,0 (HKLM\...\Neffy) (Version: 1,3,29,0 - CDNetworks)
NetBattle (HKLM\...\NetBattle_is1) (Version: 0.9.6 - HubertWare)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.145.1024 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Path of Exile (HKLM\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22397 - Grinding Gear Games)
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Plus-HD-2.4 (HKLM\...\Plus-HD-2.4) (Version: 1.27.153.6 - Plus HD) <==== ATTENTION
Pokémon Trading Card Game Online (HKLM\...\{496D7B7E-EBDC-4E2B-B021-4FF03B188B69}) (Version: 1.0.0 - The Pokémon Company International)
Poket Script 1.2 (HKLM\...\Poket Script) (Version: 1.2 - Poket Witch Studios)
Pro Cycling Manager - Season 2009 1.0.3.3 (HKLM\...\Pro Cycling Manager 2009_is1) (Version: 1.0.3.3 - Cyanide Entertainment)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version:  - )
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Source SDK (HKLM\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2006 (HKLM\...\Steam App 215) (Version:  - Valve)
Source SDK Base 2007 (HKLM\...\Steam App 218) (Version:  - Valve)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.15723 - TeamViewer)
TERA (HKLM\...\{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}) (Version: 1.6 - En Masse Entertainment)
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
Vtune 7.8 (HKLM\...\Vtune_is1) (Version:  - )
Winamp (HKLM\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Toolbar (HKCU\...\Winamp Toolbar) (Version:  - ) <==== ATTENTION
Winamp Toolbar (HKLM\...\Winamp Toolbar) (Version:  - ) <==== ATTENTION
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Winload Toolbar (HKLM\...\Winload Toolbar) (Version: 6.3.3.3 - )
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
Yontoo 1.10.03 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ATTENTION
YTD Video Downloader 4.5.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.5.1 - GreenTree Applications SRL)

==================== Restore Points  =========================

02-07-2014 11:40:25 Microsoft Antimalware Checkpoint
03-07-2014 11:54:17 Microsoft Antimalware Checkpoint
03-07-2014 12:15:54 Windows Update
04-07-2014 11:58:46 Microsoft Antimalware Checkpoint
04-07-2014 22:59:32 Removed Internet Explorer Toolbar 4.6 by SweetPacks

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0374ECC1-7C77-41C5-9747-72FAC62EB0F2} - System32\Tasks\Plus-HD-2.4-updater => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe [2013-06-26] (Plus HD) <==== ATTENTION
Task: {0CB5F5DF-7C48-42D2-95EB-F72A8670B623} - System32\Tasks\Plus-HD-2.4-firefoxinstaller => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe [2013-06-26] (Plus HD) <==== ATTENTION
Task: {3221FDA9-AA8F-4C6B-8743-A1707C7E41C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-18] (Google Inc.)
Task: {44D88556-70CD-4D1B-9A44-EBB7D6CC9176} - System32\Tasks\{C1DCCE9B-4C21-4E20-8942-A161B6D0438B} => C:\Program Files\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {556B10C2-686D-4456-8BD6-F4CA145DE7C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {70DECF87-6099-4770-8AA2-7CBCB807C5FF} - System32\Tasks\Plus-HD-2.4-enabler => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe [2013-10-14] (Plus HD) <==== ATTENTION
Task: {86E7C2EF-315B-4D05-882F-549EDEC9E643} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-18] (Google Inc.)
Task: {9D091997-962A-467F-92B7-C212E8D08D98} - System32\Tasks\Plus-HD-2.4-codedownloader => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe [2013-06-26] (Plus HD) <==== ATTENTION
Task: {AE884FED-83AA-4177-B661-213B92A22F10} - System32\Tasks\{17488DE4-1F2C-4243-8D40-E2EA7135720C} => C:\Program Files\EishockeyManager2009\EishockeyManager2009.exe
Task: {AF6897C5-9135-4E43-944A-709A510E371A} - System32\Tasks\FileAdvisorCheck => C:\Program Files\File Type Advisor\file-type-advisor.exe [2013-07-12] (filetypeadvisor.com                                         )
Task: {C85D9630-A1E2-4107-BDC2-FCCE6F6BF7D3} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Steve Gonsczak\AppData\Local\FilesFrog Update Checker\update_checker.exe [2013-10-17] (Somoto) <==== ATTENTION
Task: {D75F7BD2-A5DA-4AF0-BCBC-C0E248B9599E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {E964D53A-B2E3-4D1D-BE9F-3F0AE35B0950} - System32\Tasks\{2B97ED0B-B74C-4484-BAA5-0E2DD92BB58E} => C:\Riot Games\League of Legends\lol.launcher.exe [2013-06-12] ()
Task: {EBEA1F90-966B-4E4B-B5C2-5376D834AB13} - System32\Tasks\FileAdvisorUpdate => C:\Program Files\File Type Advisor\fileadvisor.exe [2013-07-12] (File Type Advisor)
Task: {EDD22DD4-2C83-458A-A638-F38A2B8DC391} - System32\Tasks\{05FB70DC-8274-4654-B120-49E2FA5D0146} => Firefox.exe 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.4-codedownloader.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.4-enabler.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.4-firefoxinstaller.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.4-updater.job => C:\Program Files\Plus-HD-2.4\Plus-HD-2.4-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-11-18 04:04 - 2014-03-04 14:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2013-09-14 13:12 - 2013-09-14 13:12 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2010-10-01 16:06 - 2009-05-07 10:50 - 00073728 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2010-10-01 16:06 - 2009-05-07 10:53 - 00106496 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2010-10-01 16:06 - 2008-02-14 07:57 - 00094208 ____R () C:\Program Files\VIA\VIAudioi\VDeck\VMicApi.dll
2010-10-01 16:06 - 2009-11-03 05:11 - 47628288 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2009-10-12 16:38 - 2009-10-12 16:38 - 00503202 _____ () C:\Program Files\DeviceVM\Browser Configuration Utility\sqlite3.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2011-07-29 01:08 - 2011-07-29 01:08 - 01259376 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2010-10-01 16:17 - 2010-03-17 17:31 - 02158592 _____ () C:\Program Files\Vtune\TBPANEL.exe
2010-10-01 16:17 - 1998-10-31 04:55 - 00005120 _____ () C:\Program Files\Vtune\TBManage.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Steve Gonsczak\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2010-10-02 12:02 - 2006-02-17 02:51 - 00483328 _____ () C:\Program Files\MSI\US54SE_Utility\ZDWlan.exe
2010-10-02 12:02 - 2005-11-10 15:50 - 00212992 _____ () C:\Program Files\MSI\US54SE_Utility\dot1x_dll.dll
2010-10-02 12:02 - 2005-11-11 14:46 - 00045056 _____ () C:\Program Files\MSI\US54SE_Utility\ZDWLAN.dll
2010-05-04 15:36 - 2010-05-04 15:36 - 00970752 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-06-11 22:43 - 2014-06-11 22:43 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2014 00:53:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: update_checker.exe, Version: 4.3.0.0, Zeitstempel: 0x525d9c67
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052d94
ID des fehlerhaften Prozesses: 0x1664
Startzeit der fehlerhaften Anwendung: 0xupdate_checker.exe0
Pfad der fehlerhaften Anwendung: update_checker.exe1
Pfad des fehlerhaften Moduls: update_checker.exe2
Berichtskennung: update_checker.exe3

Error: (07/05/2014 00:34:36 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (07/05/2014 00:29:13 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (07/05/2014 00:26:57 AM) (Source: VMCService) (EventID: 0) (User: )
Description: GetProcessOwner

Error: (07/04/2014 10:48:03 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (07/04/2014 10:47:22 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (07/04/2014 05:58:09 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (07/04/2014 05:57:30 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.

Error: (07/04/2014 01:58:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {58d33faa-7b58-45d5-abe8-ef60b65cc870}

Error: (07/04/2014 01:56:44 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.


System errors:
=============
Error: (07/05/2014 00:35:22 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}

Error: (07/05/2014 00:34:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "iPod-Dienst" wurde mit folgendem Fehler beendet: 
%%-2147417831

Error: (07/05/2014 00:34:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
tcpipBM

Error: (07/05/2014 00:32:32 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (07/05/2014 00:31:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/05/2014 00:31:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/05/2014 00:31:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/05/2014 00:31:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/05/2014 00:31:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/05/2014 00:31:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/05/2014 00:53:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: update_checker.exe4.3.0.0525d9c67ntdll.dll6.1.7601.18247521ea91cc000000500052d94166401cf97d833dfd64fC:\Users\Steve Gonsczak\AppData\Local\FilesFrog Update Checker\update_checker.exeC:\Windows\SYSTEM32\ntdll.dll059dbe2d-03ce-11e4-aeb4-8fa6d13e0021

Error: (07/05/2014 00:34:36 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (07/05/2014 00:29:13 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (07/05/2014 00:26:57 AM) (Source: VMCService) (EventID: 0) (User: )
Description: GetProcessOwner

Error: (07/04/2014 10:48:03 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/04/2014 10:47:22 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/04/2014 05:58:09 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/04/2014 05:57:30 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/04/2014 01:58:43 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {58d33faa-7b58-45d5-abe8-ef60b65cc870}

Error: (07/04/2014 01:56:44 PM) (Source: MsiInstaller) (EventID: 11310) (User: SteveGonsczak)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Steve Gonsczak\AppData\Local\Akamai\admintool.exe.  Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3255.12 MB
Available physical RAM: 1715.38 MB
Total Pagefile: 9397.41 MB
Available Pagefile: 7328.33 MB
Total Virtual: 3071.88 MB
Available Virtual: 2907.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:233.93 GB) (Free:35.67 GB) NTFS
Drive i: (Lokaler Datenträger) (Fixed) (Total:229.83 GB) (Free:57.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 88F73D13)
Partition 1: (Active) - (Size=2 GB) - (Type=06)
Partition 2: (Not Active) - (Size=234 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=230 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Falls ihr noch andere Daten benötigt einfach Bescheid sagen.
Win-7
32-bit

Ich hoffe ihr könnt mir helfen.

freundliche Grüße
Spanaikos

PS: Ich kenn mich leider fast garnicht mich Computern aus und bin ein klassische DAU.

Geändert von Spanaikos (05.07.2014 um 00:50 Uhr)

Alt 05.07.2014, 10:04   #2
Larusso
/// Selecta Jahrusso
 
Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion? - Standard

Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?





Eine Bereinigung ist mitunter mit viel Arbeit für Dich verbunden.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
  • Nur Scanns durchführen zu denen Du von einem Helfer aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
  • Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
  • Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf. Erschwert mir nämlich das auswerten.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der Schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.


Deinstalliere bitte
Bundled software uninstaller
ChatZum Toolbar
Download Updater
Facemoods Toolbar
FilesFrog Update Checker
Plus-HD-2.4 << Ist wahrscheinlich für die Infektion hier verantwortlich
Winamp Toolbar
Yontoo 1.10.03

Starte den Rechner nach der letzten Deinstallation neu.



Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 05.07.2014, 16:12   #3
Spanaikos
 
Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion? - Standard

Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?



Hey,

erstmal Dank für deine Hilfe.

Habe ein Problem bei der deintallation von "ChatZum Toolbar"
Er sagt mir dabei, dass ich Administrationsrechte benötige, um dieses Programm zu deinstallieren, welche ich aber eigentich habe.

Wie soll ich nun fortfahren?

Edit: Außerdem find ich das Programm "FilesFrog Update Checker" nich unter deinstallation. Ich habe dort nur "File Type Advisor 1.0" mit ähnlichen Namen.

Hey,

habe mich nach der Beratung mit einem Bekannten dazu entschieden meinen PC zu formatieren und neu aufzusetzen, da in den letzten Jahren dort wohl mehr Müll drauf kam, als ich anfangs dachte.

Trotzdem Danke für deine Hilfe.
Thread kann geschlossen werden.
__________________

Geändert von Spanaikos (05.07.2014 um 11:20 Uhr)

Alt 05.07.2014, 17:16   #4
Larusso
/// Selecta Jahrusso
 
Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion? - Standard

Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?



Gute Entscheidung
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Antwort

Themen zu Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?
4d36e972-e325-11ce-bfc1-08002be10318, andere, anderen, ausgeführt, benötigt, besser, blöd, community, datei, daten, downloaden, dvdvideosoft ltd., eigenartige, einfach, email, freemium, gelöscht, hotspot, icreinstall, infektion, problem, programm, scan, scanne, scannen, seriös, sofort, thread, trojaner, ähnliches



Ähnliche Themen: Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?


  1. Zip datei entpackt aber exe nicht geöffnet, Trojaner an Bord oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 14.10.2015 (6)
  2. Auf einen Link geklickt, .exe Datei gedownloaded ABER nicht ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 04.10.2015 (6)
  3. Email Account gehackt: Email Versand an meine Kontakte mit meinem Namen, aber anderer Email Adresse.
    Log-Analyse und Auswertung - 29.07.2015 (3)
  4. Windows 7: DHL-Email - Zip Datei heruntergeladen und geöffnet
    Log-Analyse und Auswertung - 11.06.2015 (26)
  5. DHL Trojaner - zib heruntergeladen und geöffnet - Datei ist verschwunden
    Log-Analyse und Auswertung - 30.04.2015 (13)
  6. scr. Datei heruntergeladen, Link war als png. Datei angegeben
    Plagegeister aller Art und deren Bekämpfung - 05.01.2015 (3)
  7. Fake E-Mail mit anhang erhalten. Dummerweise (.zip) datei heruntergeladen aber nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (16)
  8. Anhang in einer Email geöffnet, Zip-Datei ausversehen ausgeführt, jetzt deutliche Leistungseinbußen, Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.07.2014 (13)
  9. Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (4)
  10. Win7 64bit pro: Telekom-Phishing Mail: Anhang heruntergeladen und ausgeführt
    Log-Analyse und Auswertung - 03.06.2014 (9)
  11. 1und1 Telekom Phishing mail Anhang heruntergeladen und Exe ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 18.01.2014 (3)
  12. exe Datei heruntergeladen, nicht aufgestarten, nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 04.12.2013 (1)
  13. Zipfile aus Mahnungschreiben geöffnet aber MSDOS File nicht ausgeführt.
    Plagegeister aller Art und deren Bekämpfung - 28.09.2013 (9)
  14. Verdächtigen e-mail Anhang heruntergeladen, aber nicht geöffnet: Ist das gefährlich?
    Alles rund um Mac OSX & Linux - 17.05.2013 (31)
  15. Mahnung von www.wahlbusch.de zip-Datei und darin enthaltene Datei geöffnet
    Log-Analyse und Auswertung - 18.04.2013 (7)
  16. Virus heruntergeladen aber nicht ausgeführt, besteht trotzdem gefahr?
    Plagegeister aller Art und deren Bekämpfung - 08.03.2012 (6)
  17. Trojaner in datei gefunden (datei aber nicht vorhanden)
    Plagegeister aller Art und deren Bekämpfung - 29.11.2004 (2)

Zum Thema Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion? - Hallo liebe Community, wie der Titel schon sagt, war ich leider so blöd und habe eine Zip-Datei aus einer Email heruntergeladen, obwohl ich es eigentlich besser weiß, leider sah sie - Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion?...
Archiv
Du betrachtest: Trojaner in Email als zip heruntergeladen, enthaltene Datei aber nicht ausgeführt - Infektion? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.