Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Komische Probleme III

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 26.08.2013, 00:14   #1
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



Hallo Leute ... ich habe mal wieder ein Problem.

Seit kurzem möche mein Firefox ständig einen Neustart wenn ich ihn öffnen möchte um Updates zu installieren. Die ersten male habe ich mir nichts dabei gedacht aber langsam nervt es.

Außerdem befinden sich auf meiner Festplatte C einige Ordner doppelt, wie zum Beispiel "Programme" (der ist zweimal da und auf einen kann ich nicht zugreifen obwohl ich Admin bin) oder einmal in englischer Version "Documents and Setting" und einmal in deutscher "Dokumente und Einstellungen" (auch keine Zugriffsrechte, bei beiden, wie beim zweiten Programme Ordner). Dann gibt es noch einen vierten Ordner der den Zugriff verweigert, mit der Bezeichnung "$RECYCLE.BIN".

Wenn ich als Admin keine Zugriffsrechte habe, wer dann?

Ich habe avast!Free Antivirus immer laufen und auf dem neuesten Stand und mache hin und wieder mal einen Anti-Malware-Scann mit Malwarebytes ... war immer alles unauffällig und ohne Meldung.

Hier die Logs der Scanns von heute:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.24.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Ismir Uebel :: ISMIRUEBEL-PC [Administrator]

26.08.2013 00:35:55
mbam-log-2013-08-26 (00-35-55).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 267943
Laufzeit: 2 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:47 on 26/08/2013 (Ismir Uebel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2013 02
Ran by Ismir Uebel (administrator) on 26-08-2013 00:48:07
Running from C:\Users\Ismir Uebel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\system: [LogonHoursAction] 2
MountPoints2: {de962ca5-77b2-11e2-92be-806e6f6e6963} - D:\Autorun.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKU\täglicher Gebrauch\...\Policies\system: [LogonHoursAction] 2
HKU\täglicher Gebrauch\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\UpdatusUser\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\Policies\system: [LogonHoursAction] 2
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-30] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )
R3 trustms; C:\Windows\System32\drivers\trustms.sys [12416 2010-11-15] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-26 00:47 - 2013-08-26 00:47 - 00000000 _____ C:\Users\Ismir Uebel\defogger_reenable
2013-08-26 00:34 - 2013-08-26 00:34 - 00377856 _____ C:\Users\Ismir Uebel\Desktop\gmer_2.1.19163.exe
2013-08-26 00:33 - 2013-08-26 00:34 - 01576630 _____ (Farbar) C:\Users\Ismir Uebel\Desktop\FRST64.exe
2013-08-26 00:33 - 2013-08-26 00:33 - 00050477 _____ C:\Users\Ismir Uebel\Desktop\Defogger.exe
2013-08-25 14:40 - 2013-08-25 15:28 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Data
2013-08-24 08:37 - 2013-08-26 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-23 14:48 - 2013-08-23 15:48 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Zero Hour Data
2013-08-23 14:14 - 2013-08-23 14:14 - 00014064 _____ C:\Users\Ismir Uebel\Desktop\Dienstplan September.odt
2013-08-23 13:30 - 2013-08-23 13:30 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\OpenOffice
2013-08-22 10:48 - 2013-08-22 11:42 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Neuer Ordner
2013-08-21 16:53 - 2013-08-21 16:53 - 03272136 _____ (Secunia) C:\Users\Ismir Uebel\Downloads\PSISetup711.exe
2013-08-21 12:09 - 2013-08-21 12:09 - 00009869 _____ C:\Users\ISMIRU~1\AppData\Local\recently-used.xbel
2013-08-18 16:24 - 2013-08-18 16:24 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-18 13:16 - 2013-08-18 13:16 - 00003262 _____ C:\Windows\System32\Tasks\{D0C60491-CDE1-4122-94E4-5116A5D060B4}
2013-08-18 12:59 - 2013-08-18 12:59 - 00001252 _____ C:\Users\Public\Desktop\Command & Conquer.lnk
2013-08-18 12:48 - 2013-08-18 12:48 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-08-18 11:15 - 2013-08-24 08:22 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-08-18 11:14 - 2013-08-18 11:15 - 04817275 _____ (Tim Kosse) C:\Users\Ismir Uebel\Downloads\FileZilla_3.7.2_win32-setup.exe
2013-08-18 11:13 - 2013-08-18 11:13 - 01620836 _____ (FileZilla Project) C:\Users\Ismir Uebel\Downloads\FileZilla_Server-0_9_41.exe
2013-08-15 09:47 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:47 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:47 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:47 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:47 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:47 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:47 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:47 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:47 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:47 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:47 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 09:47 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 08:43 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:43 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:43 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:43 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:43 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 08:43 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 08:43 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 08:43 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 08:42 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:42 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 08:42 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:42 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 08:42 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:42 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 08:42 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 08:42 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:42 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 08:42 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 08:42 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 08:42 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 08:42 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 08:42 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 08:42 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 08:42 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 08:42 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 08:42 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 08:42 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 20:06 - 2013-08-09 20:07 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\messer
2013-08-06 17:06 - 2013-08-06 17:22 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist Fotos
2013-08-06 17:04 - 2013-08-06 17:06 - 200804141 _____ C:\Users\Ismir Uebel\Downloads\Resist.zip
2013-08-06 14:48 - 2013-08-06 14:56 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist To Exist Shirts
2013-08-01 10:55 - 2013-08-01 10:55 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2013-08-01 10:54 - 2013-08-01 10:54 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-01 09:38 - 2013-08-01 09:39 - 162401424 _____ C:\Users\Ismir Uebel\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-07-30 16:33 - 2013-07-30 16:33 - 00000000 ____D C:\ProgramData\EA Core
2013-07-30 16:32 - 2013-07-30 16:32 - 00000000 ____D C:\Users\Ismir Uebel\Documents\MeinSpore-Kreationen
2013-07-30 16:31 - 2013-07-30 16:39 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\SPORE
2013-07-30 16:31 - 2013-07-30 16:31 - 00000000 __RHD C:\Users\Ismir Uebel\AppData\Roaming\SecuROM
2013-07-30 16:31 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-07-30 16:31 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-07-30 16:30 - 2013-08-18 12:59 - 00018681 _____ C:\Windows\DirectX.log
2013-07-30 16:15 - 2013-07-30 16:15 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-30 16:14 - 2013-07-31 19:04 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Origin
2013-07-30 16:14 - 2013-07-30 16:15 - 00000000 ____D C:\Users\ISMIRU~1\AppData\Local\Origin
2013-07-30 16:12 - 2013-08-18 12:00 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-30 16:12 - 2013-07-30 16:15 - 00000000 ____D C:\ProgramData\Origin
2013-07-30 16:12 - 2013-07-30 16:12 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-30 16:12 - 2013-07-30 16:12 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-30 16:11 - 2013-07-30 16:11 - 16949128 _____ (Electronic Arts, Inc.) C:\Users\Ismir Uebel\Downloads\OriginThinSetup.exe
2013-07-29 11:44 - 2013-07-29 11:48 - 50742119 _____ C:\Users\Ismir Uebel\Downloads\Knochenfabrik - Ameisenstaat (1999).rar

==================== One Month Modified Files and Folders =======

2013-08-26 00:47 - 2013-08-26 00:47 - 00000484 _____ C:\Users\Ismir Uebel\Desktop\defogger_disable.log
2013-08-26 00:47 - 2013-08-26 00:47 - 00000000 _____ C:\Users\Ismir Uebel\defogger_reenable
2013-08-26 00:47 - 2013-06-05 23:18 - 00000000 ____D C:\Users\Ismir Uebel
2013-08-26 00:44 - 2013-08-24 08:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 00:41 - 2013-02-27 22:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-26 00:37 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-26 00:37 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-26 00:34 - 2013-08-26 00:34 - 00377856 _____ C:\Users\Ismir Uebel\Desktop\gmer_2.1.19163.exe
2013-08-26 00:34 - 2013-08-26 00:33 - 01576630 _____ (Farbar) C:\Users\Ismir Uebel\Desktop\FRST64.exe
2013-08-26 00:33 - 2013-08-26 00:33 - 00050477 _____ C:\Users\Ismir Uebel\Desktop\Defogger.exe
2013-08-26 00:33 - 2013-06-05 23:16 - 01184744 _____ C:\Windows\WindowsUpdate.log
2013-08-26 00:31 - 2013-05-29 12:16 - 00001075 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-26 00:31 - 2013-05-29 12:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-26 00:29 - 2013-06-05 23:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-26 00:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-26 00:29 - 2009-07-14 06:51 - 01063534 _____ C:\Windows\setupact.log
2013-08-26 00:20 - 2013-04-18 06:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-26 00:19 - 2013-02-16 02:26 - 00058764 _____ C:\Windows\PFRO.log
2013-08-25 15:28 - 2013-08-25 14:40 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Data
2013-08-24 08:22 - 2013-08-18 11:15 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-08-23 15:48 - 2013-08-23 14:48 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Zero Hour Data
2013-08-23 14:14 - 2013-08-23 14:14 - 00014064 _____ C:\Users\Ismir Uebel\Desktop\Dienstplan September.odt
2013-08-23 13:30 - 2013-08-23 13:30 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\OpenOffice
2013-08-22 12:31 - 2013-02-16 18:17 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Filme - intern
2013-08-22 11:42 - 2013-08-22 10:48 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Neuer Ordner
2013-08-22 10:29 - 2013-06-06 09:36 - 00071944 _____ C:\Users\ISMIRU~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-21 16:53 - 2013-08-21 16:53 - 03272136 _____ (Secunia) C:\Users\Ismir Uebel\Downloads\PSISetup711.exe
2013-08-21 13:06 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-08-21 13:06 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-08-21 13:06 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-21 12:17 - 2013-07-24 16:00 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\patches
2013-08-21 12:15 - 2013-04-01 12:55 - 00000000 ____D C:\Users\Ismir Uebel\.gimp-2.8
2013-08-21 12:09 - 2013-08-21 12:09 - 00009869 _____ C:\Users\ISMIRU~1\AppData\Local\recently-used.xbel
2013-08-19 22:42 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-18 19:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-18 16:28 - 2009-07-14 06:45 - 00315552 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-18 16:24 - 2013-08-18 16:24 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-18 13:16 - 2013-08-18 13:16 - 00003262 _____ C:\Windows\System32\Tasks\{D0C60491-CDE1-4122-94E4-5116A5D060B4}
2013-08-18 13:15 - 2013-02-15 23:14 - 00000000 ____D C:\Users\ISMIRU~1\AppData\Local\VirtualStore
2013-08-18 12:59 - 2013-08-18 12:59 - 00001252 _____ C:\Users\Public\Desktop\Command & Conquer.lnk
2013-08-18 12:59 - 2013-07-30 16:30 - 00018681 _____ C:\Windows\DirectX.log
2013-08-18 12:48 - 2013-08-18 12:48 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-08-18 12:48 - 2013-07-10 18:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-18 12:00 - 2013-07-30 16:12 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-18 11:15 - 2013-08-18 11:14 - 04817275 _____ (Tim Kosse) C:\Users\Ismir Uebel\Downloads\FileZilla_3.7.2_win32-setup.exe
2013-08-18 11:15 - 2013-02-17 13:10 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\FileZilla
2013-08-18 11:13 - 2013-08-18 11:13 - 01620836 _____ (FileZilla Project) C:\Users\Ismir Uebel\Downloads\FileZilla_Server-0_9_41.exe
2013-08-15 09:43 - 2013-07-22 11:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:42 - 2013-06-06 09:59 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 12:49 - 2013-02-16 03:54 - 00000000 ____D C:\World of Warcraft
2013-08-12 18:42 - 2013-04-29 06:19 - 00001949 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2013-08-12 18:42 - 2013-04-29 06:19 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-08-09 20:07 - 2013-08-09 20:06 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\messer
2013-08-06 17:22 - 2013-08-06 17:06 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist Fotos
2013-08-06 17:06 - 2013-08-06 17:04 - 200804141 _____ C:\Users\Ismir Uebel\Downloads\Resist.zip
2013-08-06 14:57 - 2013-02-16 03:58 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Ismir
2013-08-06 14:56 - 2013-08-06 14:48 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist To Exist Shirts
2013-08-01 10:55 - 2013-08-01 10:55 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2013-08-01 10:54 - 2013-08-01 10:54 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-01 10:54 - 2013-02-16 03:34 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-08-01 10:51 - 2013-03-10 12:12 - 00011776 ___SH C:\Users\Ismir Uebel\Thumbs.db
2013-08-01 09:39 - 2013-08-01 09:38 - 162401424 _____ C:\Users\Ismir Uebel\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-07-31 19:04 - 2013-07-30 16:14 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Origin
2013-07-30 16:39 - 2013-07-30 16:31 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\SPORE
2013-07-30 16:33 - 2013-07-30 16:33 - 00000000 ____D C:\ProgramData\EA Core
2013-07-30 16:32 - 2013-07-30 16:32 - 00000000 ____D C:\Users\Ismir Uebel\Documents\MeinSpore-Kreationen
2013-07-30 16:31 - 2013-07-30 16:31 - 00000000 __RHD C:\Users\Ismir Uebel\AppData\Roaming\SecuROM
2013-07-30 16:15 - 2013-07-30 16:15 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-30 16:15 - 2013-07-30 16:14 - 00000000 ____D C:\Users\ISMIRU~1\AppData\Local\Origin
2013-07-30 16:15 - 2013-07-30 16:12 - 00000000 ____D C:\ProgramData\Origin
2013-07-30 16:12 - 2013-07-30 16:12 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-30 16:12 - 2013-07-30 16:12 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-30 16:11 - 2013-07-30 16:11 - 16949128 _____ (Electronic Arts, Inc.) C:\Users\Ismir Uebel\Downloads\OriginThinSetup.exe
2013-07-29 11:48 - 2013-07-29 11:44 - 50742119 _____ C:\Users\Ismir Uebel\Downloads\Knochenfabrik - Ameisenstaat (1999).rar

Files to move or delete:
====================
C:\Users\ISMIRU~1\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nvStInst.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\oKTSypeZ.exe.part
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\InstallHelper.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\EnumDevLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\IpLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\libeay32.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlICS.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlIhvOid.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\EnumDevLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\IpLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\libeay32.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RTLDHCP.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlICS.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlIhvOid.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\WDEE85E.tmp\CddbLangDE.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\WDEBC0D.tmp\CddbLangDE.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\WDE5253.tmp\CddbLangDE.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nsp2B29.tmp\LangDLL.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nsp2B29.tmp\nsis_chklist.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\mProjector3175261488\mPlayer.3.1.1k.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86_x64de.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\isp3F16.tmp\_Setup.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 18:33

==================== End Of Log ============================
         
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-26 00:57:13
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 WDC_WD5000AAKS-00V1A0 rev.05.01D05 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\ISMIRU~1\AppData\Local\Temp\kfdiauow.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\wininit.exe[472] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\services.exe[536] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\winlogon.exe[624] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[708] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\nvvsvc.exe[784] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                           0000000076fceecd 1 byte [62]
.text   C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[808] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112      00000000765ea30a 1 byte [62]
.text   C:\Windows\System32\svchost.exe[944] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          0000000076fceecd 1 byte [62]
.text   C:\Windows\System32\svchost.exe[984] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1008] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[264] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1128] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1200] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\nvvsvc.exe[1208] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                          0000000076fceecd 1 byte [62]
.text   C:\Windows\Explorer.EXE[1548] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                                 0000000076fceecd 1 byte [62]
.text   C:\Windows\System32\spoolsv.exe[1664] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\taskhost.exe[1672] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                        0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\svchost.exe[1744] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1840] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112            00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[1888] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112     00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[1888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000076b91465 2 bytes [B9, 76]
.text   C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe[1888] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000076b914bb 2 bytes [B9, 76]
.text   ...                                                                                                                                 * 2
.text   C:\Windows\system32\svchost.exe[1932] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[1964] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112        00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[1964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69      0000000076b91465 2 bytes [B9, 76]
.text   C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe[1964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155     0000000076b914bb 2 bytes [B9, 76]
.text   ...                                                                                                                                 * 2
.text   C:\Program Files (x86)\Secunia\PSI\PSIA.exe[1148] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                             00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Secunia\PSI\PSIA.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                           0000000076b91465 2 bytes [B9, 76]
.text   C:\Program Files (x86)\Secunia\PSI\PSIA.exe[1148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                          0000000076b914bb 2 bytes [B9, 76]
.text   ...                                                                                                                                 * 2
.text   C:\Windows\system32\svchost.exe[1480] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe[1856] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112          00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe[1856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69        0000000076b91465 2 bytes [B9, 76]
.text   C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe[1856] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155       0000000076b914bb 2 bytes [B9, 76]
.text   ...                                                                                                                                 * 2
.text   C:\Program Files\Windows Sidebar\sidebar.exe[2476] C:\Windows\system32\kernel32.dll!GetBinaryTypeW + 189                            0000000076fceecd 1 byte [62]
.text   C:\Windows\SysWOW64\schtasks.exe[2496] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                                        00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[2516] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                         00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[2516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       0000000076b91465 2 bytes [B9, 76]
.text   C:\Program Files (x86)\Secunia\PSI\psi_tray.exe[2516] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      0000000076b914bb 2 bytes [B9, 76]
.text   ...                                                                                                                                 * 2
.text   C:\Program Files\AVAST Software\Avast\AvastUI.exe[2612] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                       00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe[2784] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                  00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory                              000000007738fac0 5 bytes JMP 0000000100030600
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory                                  000000007738fb58 5 bytes JMP 0000000100030804
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess                                   000000007738fcb0 5 bytes JMP 0000000100030c0c
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                               0000000077390038 5 bytes JMP 0000000100030a08
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread                                   0000000077391920 5 bytes JMP 0000000100030e10
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!LdrLoadDll                                           00000000773ac4dd 5 bytes JMP 00000001000301f8
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\ntdll.dll!LdrUnloadDll                                         00000000773b1287 5 bytes JMP 00000001000303fc
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\syswow64\KERNEL32.dll!GetBinaryTypeW + 112                              00000000765ea30a 1 byte [62]
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!SetServiceObjectSecurity                           00000000766c5181 5 bytes JMP 00000001001a1014
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigA                               00000000766c5254 5 bytes JMP 00000001001a0804
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfigW                               00000000766c53d5 5 bytes JMP 00000001001a0a08
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2A                              00000000766c54c2 5 bytes JMP 00000001001a0c0c
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!ChangeServiceConfig2W                              00000000766c55e2 5 bytes JMP 00000001001a0e10
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!CreateServiceA                                     00000000766c567c 5 bytes JMP 00000001001a01f8
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!CreateServiceW                                     00000000766c589f 5 bytes JMP 00000001001a03fc
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\SysWOW64\sechost.dll!DeleteService                                      00000000766c5a22 5 bytes JMP 00000001001a0600
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                            0000000076b91465 2 bytes [B9, 76]
.text   C:\Program Files (x86)\Secunia\PSI\sua.exe[3372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                           0000000076b914bb 2 bytes [B9, 76]
.text   ...                                                                                                                                 * 2
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll                             00000000771b3b10 5 bytes JMP 00000001001e075c
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                               00000000771b7ac0 5 bytes JMP 00000001001e03a4
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory                  00000000771e1430 5 bytes JMP 00000001001e0b14
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory                      00000000771e1490 5 bytes JMP 00000001001e0ecc
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess                       00000000771e1570 5 bytes JMP 00000001001e163c
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory                   00000000771e17b0 5 bytes JMP 00000001001e1284
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                       00000000771e27e0 5 bytes JMP 00000001001e19f4
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189                  0000000076fceecd 1 byte [62]
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity               000007fefe866e00 5 bytes JMP 000007ff7e881dac
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                   000007fefe866f2c 5 bytes JMP 000007ff7e880ecc
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                   000007fefe867220 5 bytes JMP 000007ff7e881284
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                  000007fefe86739c 5 bytes JMP 000007ff7e88163c
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                  000007fefe867538 5 bytes JMP 000007ff7e8819f4
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                         000007fefe8675e8 5 bytes JMP 000007ff7e8803a4
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                         000007fefe86790c 5 bytes JMP 000007ff7e88075c
.text   C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3696] C:\Windows\SYSTEM32\sechost.dll!DeleteService                          000007fefe867ab4 5 bytes JMP 000007ff7e880b14
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll                                              00000000771b3b10 5 bytes JMP 000000010044075c
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                                                00000000771b7ac0 5 bytes JMP 00000001004403a4
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory                                   00000000771e1430 5 bytes JMP 0000000100440b14
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory                                       00000000771e1490 5 bytes JMP 0000000100440ecc
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess                                        00000000771e1570 5 bytes JMP 000000010044163c
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory                                    00000000771e17b0 5 bytes JMP 0000000100441284
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                        00000000771e27e0 5 bytes JMP 00000001004419f4
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189                                   0000000076fceecd 1 byte [62]
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity                                000007fefe866e00 5 bytes JMP 000007ff7e881dac
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                                    000007fefe866f2c 5 bytes JMP 000007ff7e880ecc
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                                    000007fefe867220 5 bytes JMP 000007ff7e881284
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                                   000007fefe86739c 5 bytes JMP 000007ff7e88163c
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                                   000007fefe867538 5 bytes JMP 000007ff7e8819f4
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                                          000007fefe8675e8 5 bytes JMP 000007ff7e8803a4
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                                          000007fefe86790c 5 bytes JMP 000007ff7e88075c
.text   C:\Windows\system32\SearchIndexer.exe[3972] C:\Windows\SYSTEM32\sechost.dll!DeleteService                                           000007fefe867ab4 5 bytes JMP 000007ff7e880b14
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[3280] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189                      0000000076fceecd 1 byte [62]
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll                                                    00000000771b3b10 5 bytes JMP 000000010039075c
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00000000771b7ac0 5 bytes JMP 00000001003903a4
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory                                         00000000771e1430 5 bytes JMP 0000000100390b14
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory                                             00000000771e1490 5 bytes JMP 0000000100390ecc
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess                                              00000000771e1570 5 bytes JMP 000000010039163c
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory                                          00000000771e17b0 5 bytes JMP 0000000100391284
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                              00000000771e27e0 5 bytes JMP 00000001003919f4
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity                                      000007fefe866e00 5 bytes JMP 000007ff7e881dac
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                                          000007fefe866f2c 5 bytes JMP 000007ff7e880ecc
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                                          000007fefe867220 5 bytes JMP 000007ff7e881284
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                                         000007fefe86739c 5 bytes JMP 000007ff7e88163c
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                                         000007fefe867538 5 bytes JMP 000007ff7e8819f4
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                                                000007fefe8675e8 5 bytes JMP 000007ff7e8803a4
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                                                000007fefe86790c 5 bytes JMP 000007ff7e88075c
.text   C:\Windows\System32\svchost.exe[2812] C:\Windows\SYSTEM32\sechost.dll!DeleteService                                                 000007fefe867ab4 5 bytes JMP 000007ff7e880b14
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!LdrUnloadDll                                                    00000000771b3b10 5 bytes JMP 000000010036075c
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00000000771b7ac0 5 bytes JMP 00000001003603a4
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory                                         00000000771e1430 5 bytes JMP 0000000100360b14
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory                                             00000000771e1490 5 bytes JMP 0000000100360ecc
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!NtTerminateProcess                                              00000000771e1570 5 bytes JMP 000000010036163c
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory                                          00000000771e17b0 5 bytes JMP 0000000100361284
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                              00000000771e27e0 5 bytes JMP 00000001003619f4
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\system32\KERNEL32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity                                      000007fefe866e00 5 bytes JMP 000007ff7e881dac
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                                          000007fefe866f2c 5 bytes JMP 000007ff7e880ecc
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                                          000007fefe867220 5 bytes JMP 000007ff7e881284
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                                         000007fefe86739c 5 bytes JMP 000007ff7e88163c
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                                         000007fefe867538 5 bytes JMP 000007ff7e8819f4
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                                                000007fefe8675e8 5 bytes JMP 000007ff7e8803a4
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                                                000007fefe86790c 5 bytes JMP 000007ff7e88075c
.text   C:\Windows\System32\svchost.exe[2548] C:\Windows\SYSTEM32\sechost.dll!DeleteService                                                 000007fefe867ab4 5 bytes JMP 000007ff7e880b14
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!SetServiceObjectSecurity                                      000007fefe866e00 5 bytes JMP 000007ff7e881dac
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigA                                          000007fefe866f2c 5 bytes JMP 000007ff7e880ecc
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfigW                                          000007fefe867220 5 bytes JMP 000007ff7e881284
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2A                                         000007fefe86739c 5 bytes JMP 000007ff7e88163c
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!ChangeServiceConfig2W                                         000007fefe867538 5 bytes JMP 000007ff7e8819f4
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!CreateServiceA                                                000007fefe8675e8 5 bytes JMP 000007ff7e8803a4
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!CreateServiceW                                                000007fefe86790c 5 bytes JMP 000007ff7e88075c
.text   C:\Windows\system32\svchost.exe[4244] C:\Windows\SYSTEM32\sechost.dll!DeleteService                                                 000007fefe867ab4 5 bytes JMP 000007ff7e880b14
.text   C:\Windows\system32\AUDIODG.EXE[4312] C:\Windows\System32\kernel32.dll!GetBinaryTypeW + 189                                         0000000076fceecd 1 byte [62]
.text   C:\Users\Ismir Uebel\Desktop\gmer_2.1.19163.exe[2684] C:\Windows\syswow64\kernel32.dll!GetBinaryTypeW + 112                         00000000765ea30a 1 byte [62]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\System32\svchost.exe [2548:4660]                                                                                         000007feee3f9688

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Description                                                                         avast! mini-filter driver (aswFsBlk)
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DisplayName                                                                         aswFsBlk
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Type                                                                                2
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Start                                                                               2
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@ErrorControl                                                                        1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Group                                                                               FSFilter Activity Monitor
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@DependOnService                                                                     FltMgr?
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk@Tag                                                                                 4
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances                                                                           
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances@DefaultInstance                                                           aswFsBlk Instance
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance                                                         
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude                                                388400
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk\Instances\aswFsBlk Instance@Flags                                                   0
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswFsBlk                                                                                     
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Description                                                                        avast! mini-filter driver (aswMonFlt)
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DisplayName                                                                        aswMonFlt
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Type                                                                               2
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Start                                                                              2
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ErrorControl                                                                       1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@ImagePath                                                                          \??\C:\Windows\system32\drivers\aswMonFlt.sys
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@Group                                                                              FSFilter Anti-Virus
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt@DependOnService                                                                    FltMgr?
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances                                                                          
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances@DefaultInstance                                                          aswMonFlt Instance
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance                                                       
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude                                              320700
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt\Instances\aswMonFlt Instance@Flags                                                 0
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswMonFlt                                                                                    
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Description                                                                           avast! WFP Redirect driver
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DisplayName                                                                           aswRdr
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Type                                                                                  1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Start                                                                                 1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ErrorControl                                                                          1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@ImagePath                                                                             \SystemRoot\System32\Drivers\aswrdr2.sys
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@Group                                                                                 PNP_TDI
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr@DependOnService                                                                       tcpip?
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters                                                                            
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@MSIgnoreLSPDefault                                                         
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr\Parameters@WSIgnoreLSPDefault                                                         nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRdr                                                                                       
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Description                                                                          avast! Revert
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@DisplayName                                                                          aswRvrt
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Type                                                                                 1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@Start                                                                                0
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt@ErrorControl                                                                         1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters                                                                           
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@BootCounter                                                               177
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@SystemRoot                                                                \Device\Harddisk0\Partition1\Windows
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@TickCounter                                                               1386102
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt\Parameters@ImproperShutdown                                                          1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswRvrt                                                                                      
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Description                                                                           avast! virtualization driver (aswSnx)
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DisplayName                                                                           aswSnx
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Type                                                                                  2
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Start                                                                                 1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@ErrorControl                                                                          1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Group                                                                                 FSFilter Virtualization
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@DependOnService                                                                       FltMgr?
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx@Tag                                                                                   3
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances                                                                             
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances@DefaultInstance                                                             aswSnx Instance
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance                                                             
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Altitude                                                    137600
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Instances\aswSnx Instance@Flags                                                       0
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters                                                                            
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@DataFolder                                                                 \DosDevices\C:\ProgramData\AVAST Software\Avast
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx\Parameters@ProgramFolder                                                              \DosDevices\C:\Program Files\AVAST Software\Avast
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSnx                                                                                       
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP@Description                                                                            avast! Self Protection
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP@DisplayName                                                                            aswSP
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP@Type                                                                                   1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP@Start                                                                                  1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP@ErrorControl                                                                           1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters                                                                             
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@BehavShield                                                                 1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@DataFolder                                                                  \DosDevices\C:\ProgramData\AVAST Software\Avast
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@GadgetFolder                                                                \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFilesFolder                                                          \DosDevices\C:\Program Files
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP\Parameters@ProgramFolder                                                               \DosDevices\C:\Program Files\AVAST Software\Avast
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswSP                                                                                        
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Description                                                                           avast! Network Shield TDI driver
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DisplayName                                                                           avast! Network Shield Support
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Type                                                                                  1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Start                                                                                 1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@ErrorControl                                                                          1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Group                                                                                 PNP_TDI
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@DependOnService                                                                       tcpip?
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi@Tag                                                                                   10
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswTdi                                                                                       
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Description                                                                           avast! VM Monitor
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm@DisplayName                                                                           aswVmm
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Type                                                                                  1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm@Start                                                                                 0
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm@ErrorControl                                                                          1
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm\Parameters                                                                            
Reg     HKLM\SYSTEM\CurrentControlSet\services\aswVmm                                                                                       
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Description                                                                 Verwaltet und implementiert avast! Antivirus-Dienste f?r diesen Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus-Container und den Planer.
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DisplayName                                                                 avast! Antivirus
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ServiceSidType                                                              1
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@WOW64                                                                       1
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Type                                                                        32
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Start                                                                       2
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ErrorControl                                                                1
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ImagePath                                                                   "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@Group                                                                       ShellSvcGroup
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@DependOnService                                                             aswMonFlt?RpcSS?
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus@ObjectName                                                                  LocalSystem
Reg     HKLM\SYSTEM\CurrentControlSet\services\avast! Antivirus                                                                             
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Description                                                                             avast! mini-filter driver (aswFsBlk)
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DisplayName                                                                             aswFsBlk
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Type                                                                                    2
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Start                                                                                   2
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@ErrorControl                                                                            1
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Group                                                                                   FSFilter Activity Monitor
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@DependOnService                                                                         FltMgr?
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk@Tag                                                                                     4
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances (not active ControlSet)                                                       
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances@DefaultInstance                                                               aswFsBlk Instance
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance (not active ControlSet)                                     
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude                                                    388400
Reg     HKLM\SYSTEM\ControlSet002\services\aswFsBlk\Instances\aswFsBlk Instance@Flags                                                       0
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Description                                                                            avast! mini-filter driver (aswMonFlt)
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DisplayName                                                                            aswMonFlt
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Type                                                                                   2
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Start                                                                                  2
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ErrorControl                                                                           1
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@ImagePath                                                                              \??\C:\Windows\system32\drivers\aswMonFlt.sys
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@Group                                                                                  FSFilter Anti-Virus
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt@DependOnService                                                                        FltMgr?
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances (not active ControlSet)                                                      
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances@DefaultInstance                                                              aswMonFlt Instance
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance (not active ControlSet)                                   
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude                                                  320700
Reg     HKLM\SYSTEM\ControlSet002\services\aswMonFlt\Instances\aswMonFlt Instance@Flags                                                     0
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@Description                                                                               avast! WFP Redirect driver
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@DisplayName                                                                               aswRdr
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@Type                                                                                      1
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@Start                                                                                     1
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@ImagePath                                                                                 \SystemRoot\System32\Drivers\aswrdr2.sys
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@Group                                                                                     PNP_TDI
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr@DependOnService                                                                           tcpip?
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters (not active ControlSet)                                                        
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@MSIgnoreLSPDefault                                                             
Reg     HKLM\SYSTEM\ControlSet002\services\aswRdr\Parameters@WSIgnoreLSPDefault                                                             nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt@Description                                                                              avast! Revert
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt@DisplayName                                                                              aswRvrt
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt@Type                                                                                     1
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt@Start                                                                                    0
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt@ErrorControl                                                                             1
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters (not active ControlSet)                                                       
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@BootCounter                                                                   177
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@SystemRoot                                                                    \Device\Harddisk0\Partition1\Windows
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@TickCounter                                                                   1386102
Reg     HKLM\SYSTEM\ControlSet002\services\aswRvrt\Parameters@ImproperShutdown                                                              1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@Description                                                                               avast! virtualization driver (aswSnx)
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@DisplayName                                                                               aswSnx
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@Type                                                                                      2
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@Start                                                                                     1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@Group                                                                                     FSFilter Virtualization
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@DependOnService                                                                           FltMgr?
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx@Tag                                                                                       3
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances (not active ControlSet)                                                         
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances@DefaultInstance                                                                 aswSnx Instance
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance (not active ControlSet)                                         
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Altitude                                                        137600
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Instances\aswSnx Instance@Flags                                                           0
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters (not active ControlSet)                                                        
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@DataFolder                                                                     \DosDevices\C:\ProgramData\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet002\services\aswSnx\Parameters@ProgramFolder                                                                  \DosDevices\C:\Program Files\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP@Description                                                                                avast! Self Protection
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP@DisplayName                                                                                aswSP
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP@Type                                                                                       1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP@Start                                                                                      1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP@ErrorControl                                                                               1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters (not active ControlSet)                                                         
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@BehavShield                                                                     1
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@DataFolder                                                                      \DosDevices\C:\ProgramData\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@GadgetFolder                                                                    \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFilesFolder                                                              \DosDevices\C:\Program Files
Reg     HKLM\SYSTEM\ControlSet002\services\aswSP\Parameters@ProgramFolder                                                                   \DosDevices\C:\Program Files\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@Description                                                                               avast! Network Shield TDI driver
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@DisplayName                                                                               avast! Network Shield Support
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@Type                                                                                      1
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@Start                                                                                     1
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@Group                                                                                     PNP_TDI
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@DependOnService                                                                           tcpip?
Reg     HKLM\SYSTEM\ControlSet002\services\aswTdi@Tag                                                                                       10
Reg     HKLM\SYSTEM\ControlSet002\services\aswVmm@Description                                                                               avast! VM Monitor
Reg     HKLM\SYSTEM\ControlSet002\services\aswVmm@DisplayName                                                                               aswVmm
Reg     HKLM\SYSTEM\ControlSet002\services\aswVmm@Type                                                                                      1
Reg     HKLM\SYSTEM\ControlSet002\services\aswVmm@Start                                                                                     0
Reg     HKLM\SYSTEM\ControlSet002\services\aswVmm@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet002\services\aswVmm\Parameters (not active ControlSet)                                                        
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Description                                                                     Verwaltet und implementiert avast! Antivirus-Dienste f?r diesen Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus-Container und den Planer.
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DisplayName                                                                     avast! Antivirus
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ServiceSidType                                                                  1
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@WOW64                                                                           1
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Type                                                                            32
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Start                                                                           2
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ErrorControl                                                                    1
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ImagePath                                                                       "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@Group                                                                           ShellSvcGroup
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@DependOnService                                                                 aswMonFlt?RpcSS?
Reg     HKLM\SYSTEM\ControlSet002\services\avast! Antivirus@ObjectName                                                                      LocalSystem
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@Description                                                                             avast! mini-filter driver (aswFsBlk)
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@DisplayName                                                                             aswFsBlk
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@Type                                                                                    2
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@Start                                                                                   2
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@ErrorControl                                                                            1
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@Group                                                                                   FSFilter Activity Monitor
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk@DependOnService                                                                         FltMgr?
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk\Instances (not active ControlSet)                                                       
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk\Instances@DefaultInstance                                                               aswFsBlk Instance
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk\Instances\aswFsBlk Instance (not active ControlSet)                                     
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk\Instances\aswFsBlk Instance@Altitude                                                    388400
Reg     HKLM\SYSTEM\ControlSet003\services\aswFsBlk\Instances\aswFsBlk Instance@Flags                                                       0
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@Description                                                                            avast! mini-filter driver (aswMonFlt)
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@DisplayName                                                                            aswMonFlt
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@Type                                                                                   2
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@Start                                                                                  2
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@ErrorControl                                                                           1
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@ImagePath                                                                              \??\C:\Windows\system32\drivers\aswMonFlt.sys
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@Group                                                                                  FSFilter Anti-Virus
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt@DependOnService                                                                        FltMgr?
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt\Instances (not active ControlSet)                                                      
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt\Instances@DefaultInstance                                                              aswMonFlt Instance
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt\Instances\aswMonFlt Instance (not active ControlSet)                                   
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt\Instances\aswMonFlt Instance@Altitude                                                  320700
Reg     HKLM\SYSTEM\ControlSet003\services\aswMonFlt\Instances\aswMonFlt Instance@Flags                                                     0
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@Description                                                                               avast! WFP Redirect driver
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@DisplayName                                                                               aswRdr
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@Type                                                                                      1
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@Start                                                                                     1
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@ImagePath                                                                                 \SystemRoot\System32\Drivers\aswrdr2.sys
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@Group                                                                                     PNP_TDI
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr@DependOnService                                                                           tcpip?
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr\Parameters (not active ControlSet)                                                        
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr\Parameters@MSIgnoreLSPDefault                                                             
Reg     HKLM\SYSTEM\ControlSet003\services\aswRdr\Parameters@WSIgnoreLSPDefault                                                             nl_lsp.dll,imon.dll,xfire_lsp.dll,mslsp.dll,mssplsp.dll,cwhook.dll,spi.dll,bmnet.dll,winsflt.dll
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt@Description                                                                              avast! Revert
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt@DisplayName                                                                              aswRvrt
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt@Type                                                                                     1
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt@Start                                                                                    0
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt@ErrorControl                                                                             1
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt\Parameters (not active ControlSet)                                                       
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt\Parameters@BootCounter                                                                   33
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt\Parameters@ImproperShutdown                                                              1
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt\Parameters@SystemRoot                                                                    \Device\Harddisk0\Partition1\Windows
Reg     HKLM\SYSTEM\ControlSet003\services\aswRvrt\Parameters@TickCounter                                                                   260886
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@Description                                                                               avast! virtualization driver (aswSnx)
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@DisplayName                                                                               aswSnx
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@Type                                                                                      2
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@Start                                                                                     1
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@Group                                                                                     FSFilter Virtualization
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx@DependOnService                                                                           FltMgr?
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Instances (not active ControlSet)                                                         
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Instances@DefaultInstance                                                                 aswSnx Instance
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Instances\aswSnx Instance (not active ControlSet)                                         
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Instances\aswSnx Instance@Altitude                                                        137600
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Instances\aswSnx Instance@Flags                                                           0
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Parameters (not active ControlSet)                                                        
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Parameters@DataFolder                                                                     \DosDevices\C:\ProgramData\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet003\services\aswSnx\Parameters@ProgramFolder                                                                  \DosDevices\C:\Program Files\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP@Description                                                                                avast! Self Protection
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP@DisplayName                                                                                aswSP
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP@Type                                                                                       1
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP@Start                                                                                      1
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP@ErrorControl                                                                               1
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP\Parameters (not active ControlSet)                                                         
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP\Parameters@BehavShield                                                                     1
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP\Parameters@DataFolder                                                                      \DosDevices\C:\ProgramData\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP\Parameters@GadgetFolder                                                                    \DosDevices\C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP\Parameters@ProgramFilesFolder                                                              \DosDevices\C:\Program Files
Reg     HKLM\SYSTEM\ControlSet003\services\aswSP\Parameters@ProgramFolder                                                                   \DosDevices\C:\Program Files\AVAST Software\Avast
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@Description                                                                               avast! Network Shield TDI driver
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@DisplayName                                                                               avast! Network Shield Support
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@Type                                                                                      1
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@Start                                                                                     1
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@Group                                                                                     PNP_TDI
Reg     HKLM\SYSTEM\ControlSet003\services\aswTdi@DependOnService                                                                           tcpip?
Reg     HKLM\SYSTEM\ControlSet003\services\aswVmm@Description                                                                               avast! VM Monitor
Reg     HKLM\SYSTEM\ControlSet003\services\aswVmm@DisplayName                                                                               aswVmm
Reg     HKLM\SYSTEM\ControlSet003\services\aswVmm@Type                                                                                      1
Reg     HKLM\SYSTEM\ControlSet003\services\aswVmm@Start                                                                                     0
Reg     HKLM\SYSTEM\ControlSet003\services\aswVmm@ErrorControl                                                                              1
Reg     HKLM\SYSTEM\ControlSet003\services\aswVmm\Parameters (not active ControlSet)                                                        
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@Description                                                                     Verwaltet und implementiert avast! Antivirus-Dienste f?r diesen Computer. Dies beinhaltet den Echtzeit-Schutz, den Virus-Container und den Planer.
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@DisplayName                                                                     avast! Antivirus
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@ServiceSidType                                                                  1
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@WOW64                                                                           1
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@Type                                                                            32
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@Start                                                                           2
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@ErrorControl                                                                    1
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@ImagePath                                                                       "C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@Group                                                                           ShellSvcGroup
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@DependOnService                                                                 aswMonFlt?RpcSS?
Reg     HKLM\SYSTEM\ControlSet003\services\avast! Antivirus@ObjectName                                                                      LocalSystem

---- EOF - GMER 2.1 ----
         
Ich würde mich freuen wenn ihr mir wieder helfen könntet und eventuell noch ein-zwei Tipps raus haut um diesen Stress zu vermeiden.

Vielen Dank schonmal ... ich bin echt froh, dass es euch gibt!

Grüße aus Berlin

Alt 26.08.2013, 07:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



hi,

Additional.txt von FRST fehlt noch
__________________

__________________

Alt 26.08.2013, 09:04   #3
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



Oh, Entschuldigung, hab ich wohl vergessen.

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2013
Ran by Ismir Uebel at 2013-05-28 22:36:36 Run:
Running from C:\Users\Ismir Uebel\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Flash Player 11 Plugin (Version: 11.7.700.202)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
avast! Free Antivirus (Version: 8.0.1489.0)
CDBurnerXP (Version: 4.5.1.4003)
DivX-Setup (Version: 2.6.1.32)
FileHippo.com Update Checker
FileZilla Client 3.7.0.1 (Version: 3.7.0.1)
FLV Player 2.0 (build 25) (Version: 2.0 (build 25))
FormatFactory 3.0.1 (Version: 3.0.1)
GIMP 2.8.4 (Version: 2.8.4)
jAlbum (Version: 11.0.5)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MotoHelper 2.0.45 Driver 5.0.0 (Version: 2.0.45)
MotoHelper MergeModules (Version: 1.2.0)
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NVIDIA 3D Vision Controller-Treiber 314.07 (Version: 314.07)
NVIDIA 3D Vision Treiber 314.07 (Version: 314.07)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1407)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Panda USB Vaccine 1.0.1.4
Phase 5 HTML-Editor (Version: 5.6.2.3)
Secunia PSI (3.0.0.4001) (Version: 3.0.0.4001)
TeamSpeak 3 Client (Version: 3.0.10.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
WinRAR 4.20 (32-Bit) (Version: 4.20.0)
World of Warcraft (Version: 5.2.0.16826)

==================== Restore Points  =========================

10-05-2013 16:15:29 Installed MSXML 4.0 SP3 Parser
12-05-2013 11:53:05 Windows Update
13-05-2013 18:39:28 Windows Update
15-05-2013 05:06:01 Windows Update
15-05-2013 21:47:48 Windows Update
21-05-2013 10:13:27 Windows Update
28-05-2013 20:00:52 Windows Update

==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2013 06:44:36 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847, Zeitstempel: 0x51650aee
Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847, Zeitstempel: 0x51650a09
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b10e8
ID des fehlerhaften Prozesses: 0x1334
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (05/10/2013 06:18:17 PM) (Source: Application Error) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm Secunia PSI Agent wurde wegen dieses Fehlers geschlossen.

Programm: Secunia PSI Agent
Datei: 

Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
	- diese sich im Netzwerk befindet, 
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
	- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt. 
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.

Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0

Error: (05/10/2013 06:18:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.4001, Zeitstempel: 0x50602ab1
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000096
Fehleroffset: 0x00048665
ID des fehlerhaften Prozesses: 0x4b4
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (05/07/2013 07:29:37 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 658

Startzeit: 01ce4b44ab87d420

Endzeit: 5332

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 9fcf88e1-b73b-11e2-b455-002511c81c08

Error: (05/01/2013 11:24:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2013 11:24:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2013 11:24:50 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2013 11:24:49 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2013 11:24:49 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (05/01/2013 11:24:48 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (05/28/2013 09:58:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/28/2013 09:58:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/28/2013 09:38:55 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?28.?05.?2013 um 21:33:52 unerwartet heruntergefahren.

Error: (05/28/2013 09:32:52 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?28.?05.?2013 um 21:29:34 unerwartet heruntergefahren.

Error: (05/28/2013 08:49:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/28/2013 08:49:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/28/2013 08:47:40 PM) (Source: BugCheck) (User: )
Description: 0x00000101 (0x0000000000000061, 0x0000000000000000, 0xfffff880009ea180, 0x0000000000000001)C:\Windows\MEMORY.DMP052813-19344-01

Error: (05/28/2013 08:47:34 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?28.?05.?2013 um 20:41:10 unerwartet heruntergefahren.

Error: (05/28/2013 02:55:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/28/2013 02:55:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (05/14/2013 06:44:36 AM) (Source: Application Error)(User: )
Description: firefox.exe20.0.1.484751650aeexul.dll20.0.1.484751650a09c0000005000b10e8133401ce505c09775580C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dllfa29b8a0-bc50-11e2-a364-002511c81c08

Error: (05/10/2013 06:18:17 PM) (Source: Application Error)(User: )
Description: Secunia PSI Agent000000000

Error: (05/10/2013 06:18:17 PM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.400150602ab1ole32.dll6.1.7601.175144ce7b96fc0000096000486654b401ce4d994aa6af80C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\syswow64\ole32.dll38c18c80-b98d-11e2-9a3b-002511c81c08

Error: (05/07/2013 07:29:37 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.1756765801ce4b44ab87d4205332C:\Windows\Explorer.EXE9fcf88e1-b73b-11e2-b455-002511c81c08

Error: (05/01/2013 11:24:50 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll

Error: (05/01/2013 11:24:50 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll

Error: (05/01/2013 11:24:50 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll

Error: (05/01/2013 11:24:49 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll

Error: (05/01/2013 11:24:49 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll

Error: (05/01/2013 11:24:48 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll
         
Ohhh ich seh gerade die is von Mai 2013 ... ist ja komisch, das ist die einzige die sich bei der Suche auf meinem Rechner gefunden hat. Dann hat er vom letzten scann offensichtlich keine angefertigt.
Soll ich nochmal scannen?
__________________

Alt 26.08.2013, 09:05   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



Ja, FRST öffnen, Haken setzen bei Additional und scannen, dann gibt es ne neue.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.08.2013, 09:18   #5
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



so dann hier nochmal beide ganz frisch:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2013 02
Ran by Ismir Uebel (administrator) on 26-08-2013 10:14:24
Running from C:\Users\Ismir Uebel\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
() C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\system: [LogonHoursAction] 2
MountPoints2: {de962ca5-77b2-11e2-92be-806e6f6e6963} - D:\Autorun.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKU\täglicher Gebrauch\...\Policies\system: [LogonHoursAction] 2
HKU\täglicher Gebrauch\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\UpdatusUser\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\UpdatusUser\...\Policies\system: [LogonHoursAction] 2
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: No Name - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Ismir Uebel\AppData\Roaming\Mozilla\Firefox\Profiles\n5e0hy97.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [226624 2011-01-27] ()
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-30] ()
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )
R3 trustms; C:\Windows\System32\drivers\trustms.sys [12416 2010-11-15] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-26 00:47 - 2013-08-26 00:47 - 00000484 _____ C:\Users\Ismir Uebel\Desktop\defogger_disable.log
2013-08-26 00:47 - 2013-08-26 00:47 - 00000000 _____ C:\Users\Ismir Uebel\defogger_reenable
2013-08-26 00:44 - 2013-08-26 09:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 00:34 - 2013-08-26 00:34 - 00377856 _____ C:\Users\Ismir Uebel\Desktop\gmer_2.1.19163.exe
2013-08-26 00:33 - 2013-08-26 00:34 - 01576630 _____ (Farbar) C:\Users\Ismir Uebel\Desktop\FRST64.exe
2013-08-26 00:33 - 2013-08-26 00:33 - 00050477 _____ C:\Users\Ismir Uebel\Desktop\Defogger.exe
2013-08-25 14:40 - 2013-08-25 15:28 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Data
2013-08-23 14:48 - 2013-08-23 15:48 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Zero Hour Data
2013-08-23 14:14 - 2013-08-23 14:14 - 00014064 _____ C:\Users\Ismir Uebel\Desktop\Dienstplan September.odt
2013-08-23 13:30 - 2013-08-23 13:30 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\OpenOffice
2013-08-22 10:48 - 2013-08-22 11:42 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Neuer Ordner
2013-08-21 16:53 - 2013-08-21 16:53 - 03272136 _____ (Secunia) C:\Users\Ismir Uebel\Downloads\PSISetup711.exe
2013-08-21 12:09 - 2013-08-21 12:09 - 00009869 _____ C:\Users\ISMIRU~1\AppData\Local\recently-used.xbel
2013-08-18 16:24 - 2013-08-18 16:24 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-18 13:16 - 2013-08-18 13:16 - 00003262 _____ C:\Windows\System32\Tasks\{D0C60491-CDE1-4122-94E4-5116A5D060B4}
2013-08-18 12:59 - 2013-08-18 12:59 - 00001252 _____ C:\Users\Public\Desktop\Command & Conquer.lnk
2013-08-18 12:48 - 2013-08-18 12:48 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-08-18 11:15 - 2013-08-24 08:22 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-08-18 11:14 - 2013-08-18 11:15 - 04817275 _____ (Tim Kosse) C:\Users\Ismir Uebel\Downloads\FileZilla_3.7.2_win32-setup.exe
2013-08-18 11:13 - 2013-08-18 11:13 - 01620836 _____ (FileZilla Project) C:\Users\Ismir Uebel\Downloads\FileZilla_Server-0_9_41.exe
2013-08-15 09:47 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 09:47 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 09:47 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-15 09:47 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 09:47 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-15 09:47 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 09:47 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-15 09:47 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-15 09:47 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 09:47 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-15 09:47 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-15 09:47 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-15 09:47 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-15 09:47 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 08:43 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 08:43 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 08:43 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 08:43 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 08:43 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 08:43 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 08:43 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 08:43 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 08:42 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 08:42 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 08:42 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 08:42 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 08:42 - 2013-07-09 08:03 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 08:42 - 2013-07-09 07:54 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 08:42 - 2013-07-09 07:53 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-08-15 08:42 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 08:42 - 2013-07-09 07:03 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 08:42 - 2013-07-09 07:03 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 08:42 - 2013-07-09 06:53 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-08-15 08:42 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 08:42 - 2013-07-09 06:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-08-15 08:42 - 2013-07-09 04:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-08-15 08:42 - 2013-07-09 04:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 08:42 - 2013-07-09 04:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-08-15 08:42 - 2013-07-09 04:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-08-15 08:42 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 08:42 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-09 20:06 - 2013-08-09 20:07 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\messer
2013-08-06 17:06 - 2013-08-06 17:22 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist Fotos
2013-08-06 17:04 - 2013-08-06 17:06 - 200804141 _____ C:\Users\Ismir Uebel\Downloads\Resist.zip
2013-08-06 14:48 - 2013-08-06 14:56 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist To Exist Shirts
2013-08-01 10:55 - 2013-08-01 10:55 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2013-08-01 10:54 - 2013-08-01 10:54 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-01 09:38 - 2013-08-01 09:39 - 162401424 _____ C:\Users\Ismir Uebel\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-07-30 16:33 - 2013-07-30 16:33 - 00000000 ____D C:\ProgramData\EA Core
2013-07-30 16:32 - 2013-07-30 16:32 - 00000000 ____D C:\Users\Ismir Uebel\Documents\MeinSpore-Kreationen
2013-07-30 16:31 - 2013-07-30 16:39 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\SPORE
2013-07-30 16:31 - 2013-07-30 16:31 - 00000000 __RHD C:\Users\Ismir Uebel\AppData\Roaming\SecuROM
2013-07-30 16:31 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2013-07-30 16:31 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2013-07-30 16:30 - 2013-08-18 12:59 - 00018681 _____ C:\Windows\DirectX.log
2013-07-30 16:15 - 2013-07-30 16:15 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-30 16:14 - 2013-07-31 19:04 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Origin
2013-07-30 16:14 - 2013-07-30 16:15 - 00000000 ____D C:\Users\ISMIRU~1\AppData\Local\Origin
2013-07-30 16:12 - 2013-08-18 12:00 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-30 16:12 - 2013-07-30 16:15 - 00000000 ____D C:\ProgramData\Origin
2013-07-30 16:12 - 2013-07-30 16:12 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-30 16:12 - 2013-07-30 16:12 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-30 16:11 - 2013-07-30 16:11 - 16949128 _____ (Electronic Arts, Inc.) C:\Users\Ismir Uebel\Downloads\OriginThinSetup.exe
2013-07-29 11:44 - 2013-07-29 11:48 - 50742119 _____ C:\Users\Ismir Uebel\Downloads\Knochenfabrik - Ameisenstaat (1999).rar

==================== One Month Modified Files and Folders =======

2013-08-26 09:48 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-26 09:48 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-26 09:42 - 2013-08-26 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-26 09:42 - 2013-06-05 23:16 - 01216841 _____ C:\Windows\WindowsUpdate.log
2013-08-26 09:42 - 2013-05-29 12:16 - 00001075 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-26 09:42 - 2013-05-29 12:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-26 09:41 - 2013-04-18 06:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-08-26 09:41 - 2013-02-27 22:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-26 09:40 - 2013-06-05 23:16 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-26 09:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-26 09:40 - 2009-07-14 06:51 - 01071394 _____ C:\Windows\setupact.log
2013-08-26 00:57 - 2013-08-26 00:57 - 00072114 _____ C:\Users\Ismir Uebel\Desktop\gmer scan.log
2013-08-26 00:47 - 2013-08-26 00:47 - 00000484 _____ C:\Users\Ismir Uebel\Desktop\defogger_disable.log
2013-08-26 00:47 - 2013-08-26 00:47 - 00000000 _____ C:\Users\Ismir Uebel\defogger_reenable
2013-08-26 00:47 - 2013-06-05 23:18 - 00000000 ____D C:\Users\Ismir Uebel
2013-08-26 00:34 - 2013-08-26 00:34 - 00377856 _____ C:\Users\Ismir Uebel\Desktop\gmer_2.1.19163.exe
2013-08-26 00:34 - 2013-08-26 00:33 - 01576630 _____ (Farbar) C:\Users\Ismir Uebel\Desktop\FRST64.exe
2013-08-26 00:33 - 2013-08-26 00:33 - 00050477 _____ C:\Users\Ismir Uebel\Desktop\Defogger.exe
2013-08-26 00:19 - 2013-02-16 02:26 - 00058764 _____ C:\Windows\PFRO.log
2013-08-25 15:28 - 2013-08-25 14:40 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Data
2013-08-24 08:22 - 2013-08-18 11:15 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2013-08-23 15:48 - 2013-08-23 14:48 - 00000000 ____D C:\Users\Ismir Uebel\Documents\Command and Conquer Generals Zero Hour Data
2013-08-23 14:14 - 2013-08-23 14:14 - 00014064 _____ C:\Users\Ismir Uebel\Desktop\Dienstplan September.odt
2013-08-23 13:30 - 2013-08-23 13:30 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\OpenOffice
2013-08-22 12:31 - 2013-02-16 18:17 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Filme - intern
2013-08-22 11:42 - 2013-08-22 10:48 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Neuer Ordner
2013-08-22 10:29 - 2013-06-06 09:36 - 00071944 _____ C:\Users\ISMIRU~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-21 16:53 - 2013-08-21 16:53 - 03272136 _____ (Secunia) C:\Users\Ismir Uebel\Downloads\PSISetup711.exe
2013-08-21 13:06 - 2009-07-14 19:58 - 00696620 _____ C:\Windows\system32\perfh007.dat
2013-08-21 13:06 - 2009-07-14 19:58 - 00147916 _____ C:\Windows\system32\perfc007.dat
2013-08-21 13:06 - 2009-07-14 07:13 - 01612484 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-21 12:17 - 2013-07-24 16:00 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\patches
2013-08-21 12:15 - 2013-04-01 12:55 - 00000000 ____D C:\Users\Ismir Uebel\.gimp-2.8
2013-08-21 12:09 - 2013-08-21 12:09 - 00009869 _____ C:\Users\ISMIRU~1\AppData\Local\recently-used.xbel
2013-08-19 22:42 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-18 19:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-18 16:28 - 2009-07-14 06:45 - 00315552 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-18 16:24 - 2013-08-18 16:24 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-08-18 13:16 - 2013-08-18 13:16 - 00003262 _____ C:\Windows\System32\Tasks\{D0C60491-CDE1-4122-94E4-5116A5D060B4}
2013-08-18 13:15 - 2013-02-15 23:14 - 00000000 ____D C:\Users\ISMIRU~1\AppData\Local\VirtualStore
2013-08-18 12:59 - 2013-08-18 12:59 - 00001252 _____ C:\Users\Public\Desktop\Command & Conquer.lnk
2013-08-18 12:59 - 2013-07-30 16:30 - 00018681 _____ C:\Windows\DirectX.log
2013-08-18 12:48 - 2013-08-18 12:48 - 00000000 ____D C:\Program Files (x86)\EA Games
2013-08-18 12:48 - 2013-07-10 18:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-08-18 12:00 - 2013-07-30 16:12 - 00000000 ____D C:\Program Files (x86)\Origin
2013-08-18 11:15 - 2013-08-18 11:14 - 04817275 _____ (Tim Kosse) C:\Users\Ismir Uebel\Downloads\FileZilla_3.7.2_win32-setup.exe
2013-08-18 11:15 - 2013-02-17 13:10 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\FileZilla
2013-08-18 11:13 - 2013-08-18 11:13 - 01620836 _____ (FileZilla Project) C:\Users\Ismir Uebel\Downloads\FileZilla_Server-0_9_41.exe
2013-08-15 09:43 - 2013-07-22 11:52 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 09:42 - 2013-06-06 09:59 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-14 12:49 - 2013-02-16 03:54 - 00000000 ____D C:\World of Warcraft
2013-08-12 18:42 - 2013-04-29 06:19 - 00001949 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2013-08-12 18:42 - 2013-04-29 06:19 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2013-08-09 20:07 - 2013-08-09 20:06 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\messer
2013-08-06 17:22 - 2013-08-06 17:06 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist Fotos
2013-08-06 17:06 - 2013-08-06 17:04 - 200804141 _____ C:\Users\Ismir Uebel\Downloads\Resist.zip
2013-08-06 14:57 - 2013-02-16 03:58 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Ismir
2013-08-06 14:56 - 2013-08-06 14:48 - 00000000 ____D C:\Users\Ismir Uebel\Desktop\Resist To Exist Shirts
2013-08-01 10:55 - 2013-08-01 10:55 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.0.0.lnk
2013-08-01 10:54 - 2013-08-01 10:54 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-08-01 10:54 - 2013-02-16 03:34 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3
2013-08-01 10:51 - 2013-03-10 12:12 - 00011776 ___SH C:\Users\Ismir Uebel\Thumbs.db
2013-08-01 09:39 - 2013-08-01 09:38 - 162401424 _____ C:\Users\Ismir Uebel\Downloads\Apache_OpenOffice_4.0.0_Win_x86_install_de.exe
2013-07-31 19:04 - 2013-07-30 16:14 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\Origin
2013-07-30 16:39 - 2013-07-30 16:31 - 00000000 ____D C:\Users\Ismir Uebel\AppData\Roaming\SPORE
2013-07-30 16:33 - 2013-07-30 16:33 - 00000000 ____D C:\ProgramData\EA Core
2013-07-30 16:32 - 2013-07-30 16:32 - 00000000 ____D C:\Users\Ismir Uebel\Documents\MeinSpore-Kreationen
2013-07-30 16:31 - 2013-07-30 16:31 - 00000000 __RHD C:\Users\Ismir Uebel\AppData\Roaming\SecuROM
2013-07-30 16:15 - 2013-07-30 16:15 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-30 16:15 - 2013-07-30 16:14 - 00000000 ____D C:\Users\ISMIRU~1\AppData\Local\Origin
2013-07-30 16:15 - 2013-07-30 16:12 - 00000000 ____D C:\ProgramData\Origin
2013-07-30 16:12 - 2013-07-30 16:12 - 00000979 _____ C:\Users\Public\Desktop\Origin.lnk
2013-07-30 16:12 - 2013-07-30 16:12 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-30 16:11 - 2013-07-30 16:11 - 16949128 _____ (Electronic Arts, Inc.) C:\Users\Ismir Uebel\Downloads\OriginThinSetup.exe
2013-07-29 11:48 - 2013-07-29 11:44 - 50742119 _____ C:\Users\Ismir Uebel\Downloads\Knochenfabrik - Ameisenstaat (1999).rar

Files to move or delete:
====================
C:\Users\ISMIRU~1\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nvStInst.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\oKTSypeZ.exe.part
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\InstallHelper.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\EnumDevLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\IpLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\libeay32.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RTLDHCP.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlICS.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlIhvOid.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Win7\RtlLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\EnumDevLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\IpLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\libeay32.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RTLDHCP.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlICS.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlIhvOid.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\{3645663B-B155-458C-B0EE-E30A4A85B0FE}\{319D91C6-3D44-436C-9F79-36C0D22372DC}\Rtl_Vista\RtlLib.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\WDEE85E.tmp\CddbLangDE.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\WDEBC0D.tmp\CddbLangDE.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\WDE5253.tmp\CddbLangDE.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nsp2B29.tmp\LangDLL.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\nsp2B29.tmp\nsis_chklist.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\mProjector3175261488\mPlayer.3.1.1k.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86_x64de.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll
C:\Users\ISMIRU~1\AppData\Local\Temp\isp3F16.tmp\_Setup.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 18:33

==================== End Of Log ============================
         
--- --- ---


und

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2013 02
Ran by Ismir Uebel at 2013-08-26 10:15:07
Running from C:\Users\Ismir Uebel\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
avast! Free Antivirus (x32 Version: 8.0.1489.0)
Bing-Desktop (x32 Version: 1.3.171.0)
CDBurnerXP (x32 Version: 4.5.2.4214)
Command & Conquer Die ersten 10 Jahre (x32 Version: 1.00.0000)
DivX-Setup (x32 Version: 2.6.1.32)
FileZilla Client 3.7.3 (x32 Version: 3.7.3)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25))
FormatFactory 3.0.1 (x32 Version: 3.0.1)
jAlbum (x32 Version: 11.0.5)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MotoHelper 2.0.45 Driver 5.0.0 (x32 Version: 2.0.45)
MotoHelper MergeModules (x32 Version: 1.2.0)
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0)
Mozilla Firefox 23.0 (x86 de) (x32 Version: 23.0)
Mozilla Maintenance Service (x32 Version: 23.0)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.49 (Version: 320.49)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
OpenOffice 4.0.0 (x32 Version: 4.00.9702)
Origin (x32 Version: 9.3.1.4482)
P 2.8.4 (Version: 2.8.4)
Panda USB Vaccine 1.0.1.4 (x32)
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
PosteRazor (x32 Version: 1.5)
Secunia PSI (3.0.0.7011) (x32 Version: 3.0.0.7011)
SPORE™ (x32 Version: 1.05.0001)
TeamSpeak 3 Client (Version: 3.0.10.1)
TP-LINK 300Mbps Wireless USB Adapter Treiber (x32 Version: 1.3.1)
TP-LINK-Konfigurationstool (x32 Version: 1.3.1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Winamp (x32 Version: 5.64 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
WinRAR 4.20 (32-Bit) (x32 Version: 4.20.0)
World of Warcraft (x32 Version: 5.3.0.17128)

==================== Restore Points  =========================

15-08-2013 07:41:31 Windows Update
18-08-2013 10:48:31 Installiert Command & Conquer Die ersten 10 Jahre
19-08-2013 08:00:47 Windows-Sicherung
20-08-2013 06:01:09 Windows Update
26-08-2013 07:50:59 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0BBE5BCD-2836-4487-A909-E1F560891DEC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {3C3A1CDA-0950-4EDC-BE8F-63A4A26A4C85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-13] (Adobe Systems Incorporated)
Task: {51483FA3-3041-4CD2-9699-497DDB1C66B4} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {59C932E9-D492-4049-A3D8-EB55827CFD1C} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {61FB653C-478F-4BAB-8622-05407E373B47} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {7A3F5438-0429-4A2A-9DA9-31E58C6A6D25} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {8A907C1F-F026-4ABE-AAF6-CB2348136987} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {98AA0F46-07C4-4493-ACE8-C446B7991C30} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {A96F0D0C-1789-49F4-AFB3-CF811BB7605C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {C0D7F1BC-1DFE-44C5-B1E9-A5416FF199CC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {C78ED25B-2E98-48C5-BF6F-E18C42A4A65C} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-01-27] ()
Task: {CAF4A85B-ED87-4E03-B751-76592CF4F384} - \SidebarExecute No Task File
Task: {D6A437D8-D612-4735-A0BC-4831F9101D5C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe


==================== Faulty Device Manager Devices =============

Name: Coprozessor
Description: Coprozessor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/26/2013 09:42:02 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.7011, Zeitstempel: 0x51d3d69b
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0004866a
ID des fehlerhaften Prozesses: 0x8e0
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3

Error: (08/26/2013 01:04:28 AM) (Source: Application Hang) (User: )
Description: Programm updater.exe, Version 23.0.0.4959 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c84

Startzeit: 01cea1e6c3d0c480

Endzeit: 0

Anwendungspfad: C:\Users\ISMIRU~1\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe

Berichts-ID:

Error: (08/22/2013 11:47:24 AM) (Source: Application Hang) (User: )
Description: Programm USBVaccine.exe, Version 1.0.1.4 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 94c

Startzeit: 01ce9f0d5a8eb440

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

Berichts-ID:

Error: (07/15/2013 10:13:19 AM) (Source: Application Hang) (User: )
Description: Programm USBVaccine.exe, Version 1.0.1.4 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a80

Startzeit: 01ce812e39d9aa40

Endzeit: 3

Anwendungspfad: C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

Berichts-ID: 67028231-ed26-11e2-895e-002511c81c08

Error: (06/09/2013 07:22:19 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "mscorlib, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=x86" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/09/2013 07:22:12 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "mscorlib, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=amd64" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Design, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Windows.Forms, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Drawing, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.


System errors:
=============
Error: (08/26/2013 09:43:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/26/2013 09:43:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/26/2013 09:42:04 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2013 09:40:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (08/26/2013 01:01:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/26/2013 01:01:13 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/26/2013 00:58:51 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126

Error: (08/26/2013 00:31:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/26/2013 00:31:46 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/26/2013 00:29:35 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126


Microsoft Office Sessions:
=========================
Error: (08/26/2013 09:42:02 AM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.701151d3d69bole32.dll6.1.7601.175144ce7b96fc00000050004866a8e001cea22f9857ca80C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Windows\syswow64\ole32.dllfe7fad00-0e22-11e3-9d6e-002511c81c08

Error: (08/26/2013 01:04:28 AM) (Source: Application Hang)(User: )
Description: updater.exe23.0.0.4959c8401cea1e6c3d0c4800C:\Users\ISMIRU~1\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe

Error: (08/22/2013 11:47:24 AM) (Source: Application Hang)(User: )
Description: USBVaccine.exe1.0.1.494c01ce9f0d5a8eb4402C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe

Error: (07/15/2013 10:13:19 AM) (Source: Application Hang)(User: )
Description: USBVaccine.exe1.0.1.4a8001ce812e39d9aa403C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe67028231-ed26-11e2-895e-002511c81c08

Error: (06/09/2013 07:22:19 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "mscorlib, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=x86" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/09/2013 07:22:12 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "mscorlib, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=amd64" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Design, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Windows.Forms, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Drawing, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.

Error: (06/08/2013 11:00:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.


==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 8191.24 MB
Available physical RAM: 6721.33 MB
Total Pagefile: 16380.67 MB
Available Pagefile: 14926.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:374.71 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DE10J) (CDROM) (Total:7.01 GB) (Free:0 GB) UDF
Drive f: (VERBATIM) (Fixed) (Total:232.83 GB) (Free:88.45 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0DFADDDB)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 233 GB) (Disk ID: 06B9DB8A)
Partition 1: (Not Active) - (Size=233 GB) - (Type=0C)

==================== End Of Log ============================
         


Alt 26.08.2013, 11:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



Zeig mal bitte nen Screenshot von den Ordnern.

Bei Firefox will er immer von Version 23 auf 23.1 updaten oder wie?
__________________
--> Komische Probleme III

Alt 27.08.2013, 07:05   #7
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



Er möchte halt immer wieder, dass ich den PC neu starte um updates zu installieren, was genau weiß ich jetzt auch nicht, ist auch nicht bei jedem Neustart von Firfox. Ich mache davon dann nächste mal auch nen Screenshot.

Und hier der Screenshot von den Ordnern:



und das kommt, wenn ich einen "verschlossenen" Ordner öffnen möchte:



Hier nochmal ergänzend, was eventuell hilfreiches, zum Firefox-Problem.
Secunia PSI will da auch ständig updaten, aber der Vorgang kommt nicht zum Ende und beginnt immer wieder neu ...


Alt 27.08.2013, 11:00   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



Zitat:
Er möchte halt immer wieder, dass ich den PC neu starte um updates zu installieren, was genau weiß ich jetzt auch nicht, ist auch nicht bei jedem Neustart von Firfox. Ich mache davon dann nächste mal auch nen Screenshot.
Den PC neustarten??? Oder nur Firefox? Und von welcher Version auf welche Version?

Screenshot sehe ich keinen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.08.2013, 08:05   #9
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



Ich soll den PC neu starten.
Bei Secunia steht er will von 20.0.1. auf 23.x updaten aber wenn ich über Firefox selbst versuche zu updaten, sagt er, dass alles aktuell ist.
Ich habe die drei Screenshots (.png Format) mal als Dateianhang hinzugefügt.
Hoffe du kannst sie dann sehen, bei mir werden sie auch im Forum angezeigt.
Angehängte Grafiken
Dateityp: jpg 1.jpg (132,2 KB, 269x aufgerufen)
Dateityp: jpg 2.jpg (130,6 KB, 302x aufgerufen)
Dateityp: jpg 3.jpg (79,7 KB, 311x aufgerufen)

Alt 28.08.2013, 09:39   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



Dann spinnt Secunia, ignorier das. Oder startet Firefox von sich aus ein Update?

Du lässt versteckte Dateien und Ordner anzeigen, daher siehst Du Recycler und Co. Einzig der Programme-Ordner ist komisch. Kannst Du mit Rechtsklick die Rechte übernehmen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.08.2013, 11:40   #11
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



Firefox hat ebend wieder geupdatet aber dann angezeigt, in nem extra Tab, dass er aktull ist.
Und ich kann da nix ändern an dem Programme Ordner. Egal ob ich auf SYSTEM, Mich als Nutzer oder Admin umstelle, es ändert sich nix und ich kann den Ordner nicht öffnen, gleiches bei den beiden anderen verschlossenen.

Alt 28.08.2013, 16:43   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



Downloade dir bitte Windows Repair (All In One) von hier.
  • Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
  • Klicke auf Step 2 und drücke unter Check Disk auf Do It.

  • Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

  • Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

  • Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
  • Hake Restart System when Finished an.
  • Drücke Start.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.08.2013, 21:13   #13
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



So, erledigt ... jetzt sind sie nicht mehr verschlossen sondern Verknüpfungen.
Hier nochmal nen Screenshot (auch als Anhang)
Angehängte Grafiken
Dateityp: png screen.png (260,6 KB, 246x aufgerufen)

Alt 29.08.2013, 08:06   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Komische Probleme III - Standard

Komische Probleme III



und wohin zeigen die Verknüpfungen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.08.2013, 08:19   #15
Thomas030
 
Komische Probleme III - Standard

Komische Probleme III



Die Verknüpfung von Programme führt zu Programme.
Im Programme Ordner ist wieder ein verschlossener Ordner Namens "Gemeinsame Dateien"

Die Verknüpfung Dokumente und Einstellungen führt zu Dokumente und Einstellungen (Wobei dieser Ordner auf der Festplatte C (laut Pfad) liegen soll, dort aber nicht angezeigt wird).
Im Ordner Dokumente und Einstellungen ist ein Ordner mit solch einem Schloss, ich kann ihn aber öffnen, Namens: "All Users".

Und der Ordner Documents and Settings zeigt zwar kein Schloss mehr an aber ich kann ihn trotzdem nicht öffnen bzw. die Verknüpfung führt nirgendwo hin. (Kann nicht zugegriffen werden)

Antwort

Themen zu Komische Probleme III
adobe, antivirus, avast, browser, einstellungen, explorer, farbar, farbar recovery scan tool, festplatte, firefox, flash player, ftp, home, installation, langsam, mozilla, origin, panda usb vaccine, plug-in, realtek, registry, secunia psi, security, services.exe, software, svchost.exe, taskhost.exe, temp, updates, usb, vista, zugriff verweigert



Ähnliche Themen: Komische Probleme III


  1. Komische Probleme mit Laptop
    Plagegeister aller Art und deren Bekämpfung - 25.10.2015 (5)
  2. Komische Weiterleitungen
    Plagegeister aller Art und deren Bekämpfung - 20.06.2013 (9)
  3. Komische Probleme II
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (28)
  4. Komische Probleme
    Plagegeister aller Art und deren Bekämpfung - 29.05.2013 (13)
  5. Komische Verbindungen im Netstat und Probleme mit Nod32
    Plagegeister aller Art und deren Bekämpfung - 03.06.2009 (1)
  6. Komische Vorgänge....
    Mülltonne - 03.11.2008 (8)
  7. Komische Exe?
    Log-Analyse und Auswertung - 28.07.2008 (2)
  8. Komische Mail
    Plagegeister aller Art und deren Bekämpfung - 18.05.2007 (8)
  9. komische links bei icq und komische email was ist das??
    Plagegeister aller Art und deren Bekämpfung - 09.05.2007 (3)
  10. wscntfy.exe: Trojaner oder XP? + komische Probleme
    Plagegeister aller Art und deren Bekämpfung - 11.06.2006 (1)
  11. komische anwendung
    Plagegeister aller Art und deren Bekämpfung - 10.11.2005 (6)
  12. Komische Zeichen
    Alles rund um Windows - 15.07.2005 (4)
  13. Komische Zeichen
    Mülltonne - 15.07.2005 (1)
  14. Komische Prozesse?!?
    Plagegeister aller Art und deren Bekämpfung - 27.04.2005 (32)
  15. komische datei
    Plagegeister aller Art und deren Bekämpfung - 04.03.2005 (7)
  16. komische Page
    Plagegeister aller Art und deren Bekämpfung - 05.06.2003 (4)

Zum Thema Komische Probleme III - Hallo Leute ... ich habe mal wieder ein Problem. Seit kurzem möche mein Firefox ständig einen Neustart wenn ich ihn öffnen möchte um Updates zu installieren. Die ersten male habe - Komische Probleme III...
Archiv
Du betrachtest: Komische Probleme III auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.