| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Computer lässt die Installation von Antiviren nicht mehr zuWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.01.2014, 13:46
| #1 |
 |  Computer lässt die Installation von Antiviren nicht mehr zu Hallo zusammen ich hoffe ihr könnt mir bei meinem Problem weiterhelfen. Ich hae vor einigen Tagen erkannt dass mein Antivirus inaktiv ist und habe darauhin Avast installiert. DIeser war nach der deinstallation ebenfalls inaktiv und lies sich nicht aktivieren also versuchte ich das gleiche mit AVG nochmal...und wieder das selbe Problem. Ich lies Malwarebytes laufen und löschte die Funde, jedoch ohne Erfolg.Bitte um Hilfe da ich ungerne mein PC neu booten würde, habe viel zu viele Daten drauf die mir wichtig sind. LG |
|
03.01.2014, 14:17
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Computer lässt die Installation von Antiviren nicht mehr zu Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
03.01.2014, 14:42
| #3 |
| | Computer lässt die Installation von Antiviren nicht mehr zu FRST Logfile:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014
Ran by Pc (administrator) on PC- on 03-01-2014 14:25:12
Running from C:\Users\Pc\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
( ) C:\Windows\System32\lxctcoms.exe
( ) C:\Windows\System32\lxdvcoms.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe
() C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe
() C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Spotify Ltd) C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [lxctmon.exe] - C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe [291760 2006-11-22] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe [82864 2006-11-22] (Lexmark International Inc.)
HKLM\...\Run: [LXCTCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll,RunDLLEntry
HKLM\...\Run: [lxdvmon.exe] - C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe [455336 2009-07-07] ()
HKLM\...\Run: [lxdvamon] - C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe [25256 2009-07-07] ()
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\Pac7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [MFARestart] - C:\ProgramData\MFAData\pack\avgrunasx.exe [287792 2013-08-20] (AVG Technologies CZ, s.r.o.)
HKCU\...\Run: [SuperCopier2.exe] - C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-08] (Spotify Ltd)
Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=111788&tt=060612_5_&babsrc=HP_ss&mntrId=5cf305fe000000000000001fc68e86e5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8074D094FAD2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111788&tt=060612_5_&babsrc=SP_ss&mntrId=5cf305fe000000000000001fc68e86e5
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111788&tt=060612_5_&babsrc=SP_ss&mntrId=5cf305fe000000000000001fc68e86e5
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default
FF user.js: detected! => C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\user.js
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pc\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pc\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\npspx32.dll
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com
Chrome:
=======
CHR RestoreOnStartup: "www.google.com"
CHR Extension: (CodecC) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg\1.0_1
CHR Extension: (Google Docs) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [ajhcekcffkpnaednoeoegnmnjdlnjjmg] - C:\ProgramData\CodecC\ajhcekcffkpnaednoeoegnmnjdlnjjmg.crx
CHR HKLM-x32\...\Chrome\Extension: [ibgfbdggapddbjjbopabhlhianklajie] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx
==================== Services (Whitelisted) =================
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [906024 2013-11-27] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-11-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [555304 2013-11-27] ()
R2 lxct_device; C:\Windows\system32\lxctcoms.exe [566192 2006-11-22] ( )
R2 lxct_device; C:\Windows\SysWow64\lxctcoms.exe [537520 2006-11-22] ( )
R2 lxdv_device; C:\Windows\system32\lxdvcoms.exe [1044136 2007-10-18] ( )
R2 lxdv_device; C:\Windows\SysWow64\lxdvcoms.exe [594600 2007-10-18] ( )
S2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [x]
==================== Drivers (Whitelisted) ====================
S4 ASPI; C:\Windows\SysWow64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-28] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-10-29] (PixArt Imaging Inc.)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TrufosAlt; C:\Windows\SysWow64\DRIVERS\TrufosAlt.sys [309320 2012-01-25] (BitDefender S.R.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 14:25 - 2014-01-03 14:30 - 00015867 _____ C:\Users\Pc\Downloads\FRST.txt
2014-01-03 14:25 - 2014-01-03 14:25 - 00000000 ____D C:\FRST
2014-01-03 14:24 - 2014-01-03 14:24 - 01931750 _____ (Farbar) C:\Users\Pc\Downloads\FRST64.exe
2014-01-03 13:15 - 2014-01-03 13:15 - 00000000 ____D C:\Users\Pc\AppData\Local\Avg2014
2014-01-02 20:28 - 2014-01-02 20:28 - 00385944 _____ C:\Users\Pc\Downloads\reset_access_avg2013_en.exe
2014-01-02 20:24 - 2014-01-02 20:24 - 00000000 ____D C:\Program Files (x86)\AVG
2014-01-02 20:18 - 2014-01-02 20:33 - 00000000 ____D C:\ProgramData\MFAData
2014-01-02 20:18 - 2014-01-02 20:18 - 00000000 ____D C:\Users\Pc\AppData\Local\MFAData
2014-01-02 20:16 - 2014-01-02 20:17 - 137189352 _____ (AVG Technologies) C:\Users\Pc\Downloads\avg_free_x86_all_2014_4259a6848.exe
2014-01-02 19:07 - 2014-01-02 19:07 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388686108
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-02 15:57 - 2014-01-02 15:56 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388674647
2013-12-31 15:47 - 2013-12-31 15:50 - 00000000 ____D C:\Users\Pc\AppData\Local\WinZip
2013-12-31 15:46 - 2013-12-31 17:10 - 00000000 ____D C:\Program Files\WinZip
2013-12-31 14:43 - 2013-12-31 14:47 - 80481712 _____ C:\Users\Pc\Downloads\cjs5400EN.exe
2013-12-31 14:42 - 2014-01-03 13:14 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-27 04:17 - 2013-12-27 04:17 - 00018276 _____ C:\Users\Pc\Documents\liste schimmelbefall.odt
2013-12-25 14:25 - 2013-12-31 17:00 - 00000000 ____D C:\Users\Pc\AppData\Local\CrashDumps
2013-12-20 16:26 - 2013-12-20 16:26 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Unity
2013-12-20 14:27 - 2013-12-20 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-15 21:33 - 2013-12-15 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\TechSmith
2013-12-15 20:43 - 2013-12-15 20:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TechSmith
2013-12-15 20:42 - 2013-12-16 20:23 - 00000000 ____D C:\Users\Pc\Documents\Camtasia Studio
2013-12-15 20:41 - 2013-12-15 20:41 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-15 20:21 - 2013-12-15 20:36 - 251749736 _____ C:\Users\Pc\Downloads\camtasiade.exe
2013-12-15 15:19 - 2013-12-15 15:19 - 00000018 _____ C:\Users\Pc\Documents\galeria gutschein.txt
2013-12-15 15:11 - 2013-12-15 15:11 - 13989336 _____ C:\Users\Pc\Downloads\G-Force_513.exe
2013-12-15 15:08 - 2013-12-15 15:08 - 00182168 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\trilogyiii.exe
2013-12-15 02:28 - 2013-12-15 02:35 - 134291079 _____ C:\Users\Pc\Downloads\a-gachata.rar
2013-12-15 01:09 - 2013-12-15 01:09 - 00003222 _____ C:\Windows\System32\Tasks\{E43154D1-D38D-4DF9-9A37-014ADA5A3912}
2013-12-15 01:06 - 2013-12-15 01:06 - 00003222 _____ C:\Windows\System32\Tasks\{00947A04-1915-4E54-8649-AD374A4C7888}
2013-12-15 01:03 - 2013-12-15 01:05 - 51380224 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part1.rar
2013-12-15 01:03 - 2013-12-15 01:03 - 15201403 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part2.rar
2013-12-14 19:05 - 2013-12-14 19:05 - 00000000 ____D C:\Users\Pc\AppData\Roaming\MedicView40
2013-12-14 19:03 - 2013-12-31 17:10 - 00000000 ____D C:\Users\Pc\Desktop\20131203222657758_Consuegra-Pino_Juan-Miguel_
2013-12-14 19:00 - 2013-12-14 19:01 - 91387882 _____ C:\Users\Pc\Downloads\20131203222657758_Consuegra-Pino_Juan-Miguel_.rar
2013-12-14 03:08 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-14 03:01 - 2013-12-14 03:08 - 00009768 _____ C:\Windows\IE11_main.log
2013-12-11 23:36 - 2013-11-13 11:49 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2013-12-11 00:23 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 00:23 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 00:23 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 00:23 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 00:21 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 00:21 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 00:21 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 00:21 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 00:21 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 00:21 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 00:21 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 00:21 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 00:21 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 00:21 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 00:21 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 00:21 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 22:54 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 22:54 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 22:54 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 22:54 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 22:54 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 22:54 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 22:54 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 22:54 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 22:54 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 22:54 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 22:54 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 22:54 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 22:53 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 22:53 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 22:53 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 22:53 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 22:53 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 22:53 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 22:53 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-09 00:13 - 2013-12-09 00:13 - 06052208 _____ (TeamViewer GmbH) C:\Users\Pc\Downloads\TeamViewer_Setup_de.exe
==================== One Month Modified Files and Folders =======
2014-01-03 14:30 - 2014-01-03 14:25 - 00015867 _____ C:\Users\Pc\Downloads\FRST.txt
2014-01-03 14:25 - 2014-01-03 14:25 - 00000000 ____D C:\FRST
2014-01-03 14:24 - 2014-01-03 14:24 - 01931750 _____ (Farbar) C:\Users\Pc\Downloads\FRST64.exe
2014-01-03 14:22 - 2012-02-21 19:32 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 14:19 - 2012-01-13 12:20 - 01333604 _____ C:\Windows\WindowsUpdate.log
2014-01-03 14:12 - 2009-07-14 05:45 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 14:12 - 2009-07-14 05:45 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 13:42 - 2012-09-28 20:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 13:16 - 2013-01-04 20:24 - 00000000 ___RD C:\Users\Pc\Dropbox
2014-01-03 13:16 - 2013-01-04 19:51 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Dropbox
2014-01-03 13:15 - 2014-01-03 13:15 - 00000000 ____D C:\Users\Pc\AppData\Local\Avg2014
2014-01-03 13:14 - 2013-12-31 14:42 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-03 13:14 - 2013-08-11 17:03 - 00729198 _____ C:\Windows\PFRO.log
2014-01-03 13:14 - 2012-05-03 19:13 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-03 13:14 - 2012-02-21 19:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 13:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-02 21:49 - 2013-07-05 20:25 - 00010536 _____ C:\Windows\setupact.log
2014-01-02 20:33 - 2014-01-02 20:18 - 00000000 ____D C:\ProgramData\MFAData
2014-01-02 20:28 - 2014-01-02 20:28 - 00385944 _____ C:\Users\Pc\Downloads\reset_access_avg2013_en.exe
2014-01-02 20:24 - 2014-01-02 20:24 - 00000000 ____D C:\Program Files (x86)\AVG
2014-01-02 20:18 - 2014-01-02 20:18 - 00000000 ____D C:\Users\Pc\AppData\Local\MFAData
2014-01-02 20:17 - 2014-01-02 20:16 - 137189352 _____ (AVG Technologies) C:\Users\Pc\Downloads\avg_free_x86_all_2014_4259a6848.exe
2014-01-02 19:07 - 2014-01-02 19:07 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388686108
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-02 15:56 - 2014-01-02 15:57 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388674647
2013-12-31 17:12 - 2012-01-23 20:06 - 00000000 ____D C:\Program Files\Lx_cats
2013-12-31 17:12 - 2012-01-13 12:20 - 00000000 ____D C:\Users\Pc
2013-12-31 17:10 - 2013-12-31 15:46 - 00000000 ____D C:\Program Files\WinZip
2013-12-31 17:10 - 2013-12-14 19:03 - 00000000 ____D C:\Users\Pc\Desktop\20131203222657758_Consuegra-Pino_Juan-Miguel_
2013-12-31 17:10 - 2013-07-02 20:37 - 00000000 ____D C:\Users\Pc\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2013-12-31 17:10 - 2012-09-26 19:58 - 00000000 ____D C:\Users\Pc\Desktop\Uni
2013-12-31 17:10 - 2012-06-21 18:25 - 00000000 ____D C:\Users\Pc\Documents\MOH
2013-12-31 17:10 - 2012-06-21 18:25 - 00000000 ____D C:\Users\Pc\Desktop\MOH
2013-12-31 17:10 - 2012-02-06 21:41 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-12-31 17:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-31 17:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-31 17:09 - 2012-10-22 21:35 - 00000000 ____D C:\Program Files\Java
2013-12-31 17:00 - 2013-12-25 14:25 - 00000000 ____D C:\Users\Pc\AppData\Local\CrashDumps
2013-12-31 15:51 - 2013-11-24 18:49 - 00000000 ____D C:\ProgramData\Oracle
2013-12-31 15:50 - 2013-12-31 15:47 - 00000000 ____D C:\Users\Pc\AppData\Local\WinZip
2013-12-31 15:49 - 2012-02-06 21:41 - 00000000 ____D C:\ProgramData\WinZip
2013-12-31 14:47 - 2013-12-31 14:43 - 80481712 _____ C:\Users\Pc\Downloads\cjs5400EN.exe
2013-12-27 04:17 - 2013-12-27 04:17 - 00018276 _____ C:\Users\Pc\Documents\liste schimmelbefall.odt
2013-12-22 14:12 - 2012-10-22 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 23:46 - 2012-04-20 21:12 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Spotify
2013-12-20 17:06 - 2012-04-20 21:12 - 00000000 ____D C:\Users\Pc\AppData\Local\Spotify
2013-12-20 16:26 - 2013-12-20 16:26 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Unity
2013-12-20 14:27 - 2013-12-20 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-16 22:35 - 2013-07-02 21:00 - 00008192 _____ C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-16 20:23 - 2013-12-15 20:42 - 00000000 ____D C:\Users\Pc\Documents\Camtasia Studio
2013-12-15 21:33 - 2013-12-15 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\TechSmith
2013-12-15 20:43 - 2013-12-15 20:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TechSmith
2013-12-15 20:41 - 2013-12-15 20:41 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-15 20:36 - 2013-12-15 20:21 - 251749736 _____ C:\Users\Pc\Downloads\camtasiade.exe
2013-12-15 15:19 - 2013-12-15 15:19 - 00000018 _____ C:\Users\Pc\Documents\galeria gutschein.txt
2013-12-15 15:11 - 2013-12-15 15:11 - 13989336 _____ C:\Users\Pc\Downloads\G-Force_513.exe
2013-12-15 15:08 - 2013-12-15 15:08 - 00182168 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\trilogyiii.exe
2013-12-15 12:30 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 02:52 - 2013-08-16 03:33 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 02:51 - 2012-01-14 22:01 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 02:35 - 2013-12-15 02:28 - 134291079 _____ C:\Users\Pc\Downloads\a-gachata.rar
2013-12-15 01:16 - 2009-07-14 18:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-12-15 01:16 - 2009-07-14 18:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-12-15 01:16 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-15 01:09 - 2013-12-15 01:09 - 00003222 _____ C:\Windows\System32\Tasks\{E43154D1-D38D-4DF9-9A37-014ADA5A3912}
2013-12-15 01:06 - 2013-12-15 01:06 - 00003222 _____ C:\Windows\System32\Tasks\{00947A04-1915-4E54-8649-AD374A4C7888}
2013-12-15 01:05 - 2013-12-15 01:03 - 51380224 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part1.rar
2013-12-15 01:03 - 2013-12-15 01:03 - 15201403 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part2.rar
2013-12-14 19:05 - 2013-12-14 19:05 - 00000000 ____D C:\Users\Pc\AppData\Roaming\MedicView40
2013-12-14 19:01 - 2013-12-14 19:00 - 91387882 _____ C:\Users\Pc\Downloads\20131203222657758_Consuegra-Pino_Juan-Miguel_.rar
2013-12-14 15:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-14 13:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-14 03:08 - 2013-12-14 03:01 - 00009768 _____ C:\Windows\IE11_main.log
2013-12-11 23:36 - 2013-06-26 22:16 - 00001048 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2013-12-11 23:36 - 2012-06-22 12:46 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2013-12-11 11:25 - 2009-07-14 05:45 - 00290776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-10 22:42 - 2012-09-28 20:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 22:42 - 2012-09-28 20:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 22:42 - 2012-09-28 20:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 22:24 - 2012-01-13 12:26 - 00065176 _____ C:\Users\Pc\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-09 00:28 - 2012-02-07 22:02 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-09 00:13 - 2013-12-09 00:13 - 06052208 _____ (TeamViewer GmbH) C:\Users\Pc\Downloads\TeamViewer_Setup_de.exe
2013-12-05 14:25 - 2013-10-09 14:31 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
ZeroAccess:
C:\Users\Pc\AppData\Local\f683b4d7
C:\Users\Pc\AppData\Local\f683b4d7\@
C:\Users\Pc\AppData\Local\f683b4d7\loader.tlb
Some content of TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pc\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 00:42
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-01-2014
Ran by Pc at 2014-01-03 14:30:55
Running from C:\Users\Pc\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122 - Adobe Systems, Inc.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden
AVS Screen Capture version 2.0.1 (x32 Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (x32 Version: - Online Media Technologies Ltd.)
AVS Video Editor 6 (x32 Version: - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (x32 Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (x32 Version: - Online Media Technologies Ltd.)
Battlefield 2(TM) (x32 Version: - )
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (x32 Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (Version: 3.20 - Piriform)
Crysis WARHEAD(R) (x32 Version: - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.45.3.0297 - DT Soft Ltd)
Dropbox (HKCU Version: 2.0.22 - Dropbox, Inc.)
ESET Online Scanner v3 (x32 Version: - )
Eye 110 (x32 Version: 1.0.414 - )
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287 - Skype Limited)
Fallout 3 (x32 Version: 1.00.0000 - Bethesda Softworks)
FaxRedist (x32 Version: 1.0.0 - )
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25) - Martijn de Visser)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Studio version 2013 (x32 Version: 6.1.4.628 - DVDVideoSoft Ltd.)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hotspot Shield 3.20 (x32 Version: 3.20 - AnchorFree)
i-Look 110 (x32 Version: 1.0.4.15 - Ihr Firmenname)
iLook 300 (x32 Version: 1.0.0.21 - KYE)
Inkscape 0.48.2 (x32 Version: 0.48.2 - )
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java 7 Update 9 (64-bit) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (x32 Version: 6.0.370 - Oracle)
Lexmark 5400 Series (Version: - Lexmark International, Inc.)
Lexmark X5400 Series (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Medal of Honor(TM) Single Player (x32 Version: - Electronic Arts)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 1.2.0241 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 296.10 (Version: 296.10 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
phase-6 2.3.2 (x32 Version: 2.3.2 - phase-6)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoScape (x32 Version: - )
Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
Sony Ericsson Update Engine (x32 Version: 2.13.8.201307151333 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.181 (x32 Version: 2.10.181 - Sony)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
spotimote (x32 Version: - )
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
SuperCopier2 (x32 Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 9 (x32 Version: 9.0.24482 - TeamViewer)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 15.0 (x32 Version: 15.0.9411 - WinZip Computing, S.L. )
XnView 1.98.7 (x32 Version: 1.98.7 - Gougelet Pierre-e)
Xvid Video Codec (x32 Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
02-01-2014 15:15:52 avast! antivirus system restore point
02-01-2014 18:06:57 avast! antivirus system restore point
02-01-2014 18:56:53 avast! antivirus system restore point
02-01-2014 19:17:24 avast! antivirus system restore point
02-01-2014 19:24:00 Installed AVG 2014
02-01-2014 19:24:44 Installed AVG 2014
02-01-2014 19:27:03 Removed AVG 2014
02-01-2014 19:32:11 Installed AVG 2014
==================== Hosts content: ==========================
2009-07-14 03:34 - 2012-01-26 00:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {2576F435-DF79-463D-8310-13B079F3DD6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000UA => C:\Users\Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {28DC108A-9AAD-47A3-943F-9F70884CA6AA} - System32\Tasks\BrowserDefendert => Sc.exe start BrowserDefendert
Task: {352B4967-720C-42E4-92E5-7BD880D2FA3C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {3B62D044-DBDF-465B-878B-1F4CDB4590A0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {515A0C76-EC05-4AE6-A3C4-5E8CCCA61FA9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000Core => C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-31] (Google Inc.)
Task: {70385C1B-1220-47E6-9BF1-65406002B343} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000UA => C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-31] (Google Inc.)
Task: {91BB78F1-AE13-4E6E-954A-0AB364F674DF} - System32\Tasks\EPUpdater => C:\Users\Pc\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {ADB81A1C-4297-4779-9E2A-FB14208A111A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21] (Google Inc.)
Task: {B78A99FB-B468-45B2-9C99-04557FEC33EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21] (Google Inc.)
Task: {DA50D2CD-4BDA-4360-A286-BA4E19CE022D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000Core => C:\Users\Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {E2C7187A-01A9-43DD-997E-8C51581DA926} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E9E96D9D-1164-49C2-B878-F101889EB9AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000Core.job => C:\Users\Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000UA.job => C:\Users\Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000Core.job => C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000UA.job => C:\Users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-27 01:35 - 2013-11-27 01:35 - 00903464 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2012-01-23 22:44 - 2006-08-08 15:54 - 00278528 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctscw.dll
2012-01-23 22:44 - 2006-06-09 02:39 - 00143360 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctdrec.dll
2012-01-23 22:44 - 2006-08-08 15:58 - 00692224 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctDRS.dll
2012-01-23 22:44 - 2006-08-14 17:17 - 00065536 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctcaps.dll
2012-01-23 22:44 - 2006-05-03 14:31 - 00061440 _____ () C:\Program Files (x86)\Lexmark 5400 Series\lxctcnv4.dll
2012-01-23 22:44 - 2006-05-25 16:20 - 00241664 _____ () C:\Program Files (x86)\Lexmark 5400 Series\iptk.dll
2012-01-24 20:14 - 2007-09-06 16:38 - 00278528 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvscw.dll
2012-01-24 20:14 - 2007-07-20 07:30 - 00188416 _____ () C:\Program Files (x86)\Lexmark X5400 Series\lxdvdatr.dll
2012-01-24 20:14 - 2007-10-08 04:59 - 00028672 _____ () C:\Program Files (x86)\Lexmark X5400 Series\App4R.Monitor.Common.dll
2012-01-24 20:14 - 2007-10-08 04:59 - 00036864 _____ () C:\Program Files (x86)\Lexmark X5400 Series\App4R.Monitor.Core.dll
2012-01-24 20:14 - 2007-10-08 04:58 - 00057344 _____ () C:\Program Files (x86)\Lexmark X5400 Series\app4r.devmons.mcmdevmon.dll
2012-01-24 20:14 - 2007-08-10 02:12 - 00011776 _____ () C:\Program Files (x86)\Lexmark X5400 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll
2013-08-18 17:22 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2013-08-18 17:22 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-08-18 17:22 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2013-08-18 17:22 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2013-11-20 15:56 - 2013-11-20 15:56 - 00668672 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2013-06-11 09:31 - 2013-06-11 09:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Pc\AppData\Roaming\Dropbox\bin\libcef.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-05 14:25 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-05 14:25 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-05 14:25 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-05 14:25 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-05 14:25 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-20 14:27 - 2013-12-20 14:27 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Could not list Devices. Check WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/03/2014 01:16:55 PM) (Source: RapiMgr) (User: )
Description: RegisterDeviceNotification(0x80070426)-Fehler beim Starten des Diensts für Windows Mobile-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)
Error: (01/03/2014 01:16:49 PM) (Source: RapiMgr) (User: )
Description: RegisterDeviceNotification(0x80070426)-Fehler beim Starten des Diensts für Windows Mobile-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)
Error: (01/03/2014 01:14:49 PM) (Source: RapiMgr) (User: )
Description: RegisterDeviceNotification(0x80070426)-Fehler beim Starten des Diensts für Windows Mobile-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)
Error: (01/03/2014 02:14:12 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/02/2014 08:50:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/02/2014 08:32:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/02/2014 08:32:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/02/2014 08:32:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service avast! Antivirus since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/02/2014 08:32:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (01/02/2014 08:32:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (01/03/2014 02:31:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 02:30:54 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/03/2014 02:30:53 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/03/2014 02:30:52 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (01/03/2014 02:30:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 02:29:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 02:28:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 02:27:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 02:26:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 02:25:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BrowserDefendert" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (01/03/2014 01:16:55 PM) (Source: RapiMgr)(User: )
Description: RegisterDeviceNotification(0x80070426)
Error: (01/03/2014 01:16:49 PM) (Source: RapiMgr)(User: )
Description: RegisterDeviceNotification(0x80070426)
Error: (01/03/2014 01:14:49 PM) (Source: RapiMgr)(User: )
Description: RegisterDeviceNotification(0x80070426)
Error: (01/03/2014 02:14:12 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (01/02/2014 08:50:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pc\Documents\esetsmartinstaller_enu.exe
Error: (01/02/2014 08:32:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pc\Documents\esetsmartinstaller_enu.exe
Error: (01/02/2014 08:32:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pc\Documents\esetsmartinstaller_enu.exe
Error: (01/02/2014 08:32:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service avast! Antivirus since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/02/2014 08:32:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (01/02/2014 08:32:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSnx.
System Error:
Das System kann die angegebene Datei nicht finden.
CodeIntegrity Errors:
===================================
Date: 2012-01-26 00:04:05.758
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-01-26 00:04:05.726
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 4095.18 MB
Available physical RAM: 2116.99 MB
Total Pagefile: 8188.53 MB
Available Pagefile: 5922.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:1.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:200.43 GB) (Free:200.03 GB) NTFS
Drive e: (Kurs) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 02490248)
Partition 1: (Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
04.01.2014, 12:05
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer lässt die Installation von Antiviren nicht mehr zuZitat:
Lesestoff:Rootkit-Warnung Dein Computer wurde mit einem besonderen Schädling infiziert, der sich vor herkömmlichen Virenscannern und dem Betriebssystem selbst verstecken kann. Zusätzlich hat so ein Schädling meist auch Backdoor-Funktionalität, reißt also ganz bewußt Löcher durch alle Schutzmaßnahmen, damit er weiteren Schadcode nachladen oder die Daten, die er so sammelt, an die "bösen Jungs" weiterleiten kann. Was heißt das jetzt für dich?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.01.2014, 15:11
| #5 |
| | Computer lässt die Installation von Antiviren nicht mehr zu Zum Glück führe ich kein Online banking durch mit diesem PC. Ich würde es versuchen mit der Reinigung, wenn Du mir dabei hilfst. Vielen Vielen Dank . |
|
04.01.2014, 15:12
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer lässt die Installation von Antiviren nicht mehr zu Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ --> Computer lässt die Installation von Antiviren nicht mehr zu |
|
05.01.2014, 01:08
| #7 |
| | Computer lässt die Installation von Antiviren nicht mehr zu Meinst du dass jeder es sehen konnte wegen der FRST.txt was ich gepostet hatte oder meinst du den Virusbetreiber ? LG da steht das avira desktop im hintergrund läuft aber ich finde es nicht auch nicht bei prozesse. Hast du eine idee wie ich es deaktivieren kann ? Code:
ATTFilter ComboFix 14-01-04.03 - Pc 04.01.2014 15:48:06.2.3 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.49.1031.18.4095.2744 [GMT 1:00]
ausgeführt von:: c:\users\Pc\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPL3883.tmp
c:\programdata\SPL8D84.tmp
c:\programdata\SPLE19.tmp
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-12-04 bis 2014-01-04 ))))))))))))))))))))))))))))))
.
.
2014-01-04 14:55 . 2014-01-04 14:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-04 14:55 . 2014-01-04 14:55 -------- d-----w- c:\users\SYSTEM\AppData\Local\temp
2014-01-04 14:55 . 2014-01-04 14:55 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-01-04 14:55 . 2014-01-04 14:55 -------- d-----w- c:\users\fbwuser\AppData\Local\temp
2014-01-04 14:55 . 2014-01-04 14:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-04 14:37 . 2013-12-17 21:11 44744 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2014-01-03 13:25 . 2014-01-03 13:25 -------- d-----w- C:\FRST
2014-01-03 12:19 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{63ADF64A-94D7-4111-9DB2-81924F95EAC3}\mpengine.dll
2014-01-03 12:15 . 2014-01-03 12:15 -------- d-----w- c:\users\Pc\AppData\Local\Avg2014
2014-01-02 19:28 . 2014-01-02 19:28 -------- d-----w- C:\AVGTemp
2014-01-02 19:24 . 2014-01-02 19:24 -------- d-----w- c:\program files (x86)\AVG
2014-01-02 19:18 . 2014-01-02 19:33 -------- d-----w- c:\programdata\MFAData
2014-01-02 19:18 . 2014-01-02 19:18 -------- d--h--w- c:\programdata\Common Files
2014-01-02 19:18 . 2014-01-02 19:18 -------- d-----w- c:\users\Pc\AppData\Local\MFAData
2014-01-02 18:07 . 2014-01-02 18:07 82744 ----a-w- c:\windows\system32\drivers\aswstm.sys.1388686108
2014-01-02 18:07 . 2014-01-02 18:07 -------- d-----w- c:\program files\AVAST Software
2014-01-02 14:57 . 2014-01-02 14:56 82744 ----a-w- c:\windows\system32\drivers\aswstm.sys.1388674647
2013-12-31 14:47 . 2013-12-31 14:50 -------- d-----w- c:\users\Pc\AppData\Local\WinZip
2013-12-31 14:46 . 2013-12-31 16:10 -------- d-----w- c:\program files\WinZip
2013-12-31 13:42 . 2014-01-03 12:14 -------- d-----w- c:\programdata\AVAST Software
2013-12-25 13:25 . 2013-12-31 16:00 -------- d-----w- c:\users\Pc\AppData\Local\CrashDumps
2013-12-20 15:26 . 2013-12-20 15:26 -------- d-----w- c:\users\Pc\AppData\Roaming\Unity
2013-12-15 20:33 . 2013-12-15 20:33 -------- d-----w- c:\users\Pc\AppData\Local\TechSmith
2013-12-15 19:43 . 2013-12-15 19:43 -------- d-----w- c:\users\Pc\AppData\Roaming\TechSmith
2013-12-15 19:41 . 2013-12-15 19:41 -------- d-----w- c:\programdata\regid.1995-08.com.techsmith
2013-12-15 19:41 . 2013-12-15 19:41 -------- d-----w- c:\program files (x86)\QuickTime
2013-12-15 19:41 . 2013-12-15 19:41 -------- d-----w- c:\program files (x86)\Common Files\TechSmith Shared
2013-12-15 19:40 . 2013-12-15 19:40 -------- d-----w- c:\programdata\TechSmith
2013-12-15 19:40 . 2013-12-15 19:40 -------- d-----w- c:\program files (x86)\TechSmith
2013-12-14 18:05 . 2013-12-14 18:05 -------- d-----w- c:\users\Pc\AppData\Roaming\MedicView40
2013-12-14 02:08 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-12-10 23:23 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-10 23:23 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-10 23:23 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-10 23:23 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-10 23:23 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-10 21:54 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2013-12-10 21:54 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2013-12-10 21:54 . 2013-10-30 01:24 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-12-10 21:54 . 2013-11-23 18:26 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-12-10 21:54 . 2013-11-23 17:47 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-12-10 21:54 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-10 21:54 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-12-10 21:54 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2013-12-10 21:54 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-12-10 21:54 . 2013-10-04 02:16 116736 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-10 21:54 . 2013-10-04 01:36 230400 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-10 21:54 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2013-12-10 21:53 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2013-12-10 21:53 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2013-12-10 21:53 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2013-12-10 21:53 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2013-12-10 21:53 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2013-12-10 21:53 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2013-12-10 21:53 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-15 01:51 . 2012-01-14 21:01 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-10 21:42 . 2012-09-28 19:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 21:42 . 2012-09-28 19:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-24 17:48 . 2013-11-24 17:48 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-11-19 02:33 . 2012-01-14 20:31 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-12 02:30 . 2013-11-16 11:20 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-16 11:20 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-16 11:20 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-16 11:20 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-16 11:20 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SuperCopier2.exe"="c:\program files (x86)\SuperCopier2\SuperCopier2.exe" [2009-08-16 955392]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2013-05-29 449248]
"Spotify Web Helper"="c:\users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-12-08 1168896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"MFARestart"="c:\programdata\MFAData\pack\avgrunasx.exe" [2013-08-20 287792]
.
c:\users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
Dropbox.lnk - c:\users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
phase-6 Reminder.lnk - c:\program files (x86)\phase-6\phase-6\reminder\reminder.exe [2012-10-30 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TrufosAlt;TrufosAlt;c:\windows\system32\DRIVERS\TrufosAlt.sys;c:\windows\SYSNATIVE\DRIVERS\TrufosAlt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\System32\DRIVERS\ASPI32.sys;c:\windows\SYSNATIVE\DRIVERS\ASPI32.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys;c:\windows\SYSNATIVE\DRIVERS\hssdrv6.sys [x]
S2 hshld;Hotspot Shield Service;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe;c:\program files (x86)\Hotspot Shield\bin\cmw_srv.exe [x]
S2 HssWd;Hotspot Shield Monitoring Service;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe;c:\program files (x86)\Hotspot Shield\bin\hsswd.exe [x]
S2 lxdv_device;lxdv_device;c:\windows\system32\lxdvcoms.exe;c:\windows\SYSNATIVE\lxdvcoms.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 13:23 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-28 21:42]
.
2013-08-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000Core.job
- c:\users\Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-09 21:39]
.
2013-08-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000UA.job
- c:\users\Pc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-09 21:39]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 18:32]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-21 18:32]
.
2013-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000Core.job
- c:\users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-31 17:43]
.
2013-08-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3312188306-173452417-1941003285-1000UA.job
- c:\users\Pc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-31 17:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Pc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxctmon.exe"="c:\program files (x86)\Lexmark 5400 Series\lxctmon.exe" [2006-11-22 291760]
"EzPrint"="c:\program files (x86)\Lexmark 5400 Series\ezprint.exe" [2006-11-22 82864]
"LXCTCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll" [2006-11-21 31744]
"lxdvmon.exe"="c:\program files (x86)\Lexmark X5400 Series\lxdvmon.exe" [2009-07-07 455336]
"lxdvamon"="c:\program files (x86)\Lexmark X5400 Series\lxdvamon.exe" [2009-07-07 25256]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=111788&tt=060612_5_&babsrc=HP_ss&mntrId=5cf305fe000000000000001fc68e86e5
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896
uInternet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555
IE: Free YouTube Download - c:\users\Pc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Pc\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-12-11 23:36; afproxy@anchorfree.com; c:\program files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 5cf305fe00000000000000ffa95f4760
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15888
FF - user.js: extensions.delta.vrsn - 1.8.21.5
FF - user.js: extensions.delta.vrsni - 1.8.21.5
FF - user.js: extensions.delta.vrsnTs - 1.8.21.520:05
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=121562&tsp=4931
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.mixidj.tlbrSrchUrl -
FF - user.js: extensions.mixidj.id - 5cf305fe00000000000000ffa95f4760
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15932
FF - user.js: extensions.mixidj.vrsn - 1.8.18.8
FF - user.js: extensions.mixidj.vrsni - 1.8.18.8
FF - user.js: extensions.mixidj.vrsnTs - 1.8.18.817:19
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - baseyh
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - de
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.ffxUnstlRst - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
c:\users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\Facebook Messenger.lnk - c:\users\Pc\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-Steam App 47790 - c:\program files (x86)\cracked steam\steam.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-01-04 16:02:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-01-04 15:02
ComboFix2.txt 2012-01-25 23:08
.
Vor Suchlauf: 3.427.110.912 Bytes frei
Nach Suchlauf: 5.904.625.664 Bytes frei
.
- - End Of File - - 8D59630AF2B1DA40AFE7716033D9F765
A36C5E4F47E84449FF07ED3517B43A31
|
|
05.01.2014, 03:27
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer lässt die Installation von Antiviren nicht mehr zu Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.01.2014, 17:39
| #9 |
| | Computer lässt die Installation von Antiviren nicht mehr zu hat anscheinend nichts gefunden. mir ist aufgefallen dass jedes mal wenn ich den pc hochfahre "zeit kurzem" der Audiodienst deaktiviert ist obwohl bei den einstellungen alles aktiviert ist.dann muss ich jedes mal auf systemsteuerung/sound gehen und dann kommt ein fenster" der computer kann kein audio wiedergeben, da der audiodienst nicht aktiviert ist...möchten sie es aktivieren? klicke auf ja dann ist das problem bis zum nächsten hochstart erledigt...kann es auch mit dem Zero access zusammen hängen. Danke dir vielmals für deine hilfe Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org
Database version: v2014.01.05.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Pc :: PC- [administrator]
05.01.2014 17:13:36
mbar-log-2014-01-05 (17-13-36).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 308433
Time elapsed: 11 minute(s), 42 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
05.01.2014, 20:24
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer lässt die Installation von Antiviren nicht mehr zu Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.01.2014, 01:45
| #11 |
| | Computer lässt die Installation von Antiviren nicht mehr zu hey bin gerade mit meinem lappi on. seit adwcleaner durchführung und der hat hotspot shield gelöscht geht mein internet nicht mehr zwar bin ich verbunden und alles aber keiner der browser funktioniert" keine Verbindung zum Proxy Server". steht da |
|
06.01.2014, 01:48
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer lässt die Installation von Antiviren nicht mehr zu Hotspot Shiel ist überflüssig. Probier mal Falsche Proxy Einstellungen entfernen
 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.01.2014, 02:07
| #13 |
| | Computer lässt die Installation von Antiviren nicht mehr zu TOP  funktioniert wieder Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 06/01/2014 um 01:11:26
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Basic Service Pack 1 (64 bits)
# Benutzername : Pc - PC-
# Gestartet von : C:\Users\Pc\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : hshld
[#] Dienst Gelöscht : hsstrayservice
Dienst Gelöscht : hsswd
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\hotspot shield
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\CodecC
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\hotspot shield
Ordner Gelöscht : C:\Windows\SysWOW64\hotspot shield
Ordner Gelöscht : C:\Users\Pc\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Ordner Gelöscht : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
[!] Ordner Gelöscht : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
Datei Gelöscht : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\searchplugins\mixidj.xml
Datei Gelöscht : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserDefendert
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ajhcekcffkpnaednoeoegnmnjdlnjjmg
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ibgfbdggapddbjjbopabhlhianklajie
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKCU\Software\5e5588dab439ba14
Schlüssel Gelöscht : HKLM\SOFTWARE\5e5588dab439ba14
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_auto-shutdown-manager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_auto-shutdown-manager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_call-of-duty-4_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_call-of-duty-4_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vito-remote_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vito-remote_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\hotspotshield
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\hotspotshield
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16750
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "5cf305fe00000000000000ffa95f4760");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15888");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.520:05:43");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121562&tsp=4931");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Pc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12935 octets] - [06/01/2014 00:50:21]
AdwCleaner[S0].txt - [11994 octets] - [06/01/2014 01:11:26]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12055 octets] ##########
Code:
ATTFilter Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Basic x64
Ran by Pc on 06.01.2014 at 1:58:26,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3312188306-173452417-1941003285-1000\Software\sweetim
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\Users\Pc\AppData\Roaming\getrighttogo"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Pc\AppData\Roaming\mozilla\firefox\profiles\a748zyk8.default\minidumps [281 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.01.2014 at 2:05:02,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
06.01.2014, 02:14
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Computer lässt die Installation von Antiviren nicht mehr zu gut. dann nur noch neue FRST Logs
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.01.2014, 02:17
| #15 |
| | Computer lässt die Installation von Antiviren nicht mehr zuFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Pc (administrator) on PC- on 06-01-2014 02:08:35
Running from C:\Users\Pc\Downloads
Windows 7 Home Basic Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
( ) C:\Windows\System32\lxctcoms.exe
( ) C:\Windows\System32\lxdvcoms.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe
() C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe
() C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Spotify Ltd) C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Farbar) C:\Users\Pc\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [lxctmon.exe] - C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe [291760 2006-11-22] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 5400 Series\ezprint.exe [82864 2006-11-22] (Lexmark International Inc.)
HKLM\...\Run: [LXCTCATS] - rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll,RunDLLEntry
HKLM\...\Run: [lxdvmon.exe] - C:\Program Files (x86)\Lexmark X5400 Series\lxdvmon.exe [455336 2009-07-07] ()
HKLM\...\Run: [lxdvamon] - C:\Program Files (x86)\Lexmark X5400 Series\lxdvamon.exe [25256 2009-07-07] ()
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\Pac7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [MFARestart] - C:\ProgramData\MFAData\pack\avgrunasx.exe [287792 2013-08-20] (AVG Technologies CZ, s.r.o.)
HKCU\...\Run: [SuperCopier2.exe] - C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Pc\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2013-12-08] (Spotify Ltd)
Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Pc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8074D094FAD2CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Pc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pc\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pc\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Pc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\npspx32.dll
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Pc\AppData\Roaming\Mozilla\Firefox\Profiles\a748zyk8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com
Chrome:
=======
CHR RestoreOnStartup: "www.google.com"
CHR Extension: (Google Docs) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Pc\AppData\Local\Google\Chrome\User Data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
==================== Services (Whitelisted) =================
R2 lxct_device; C:\Windows\system32\lxctcoms.exe [566192 2006-11-22] ( )
R2 lxct_device; C:\Windows\SysWow64\lxctcoms.exe [537520 2006-11-22] ( )
R2 lxdv_device; C:\Windows\system32\lxdvcoms.exe [1044136 2007-10-18] ( )
R2 lxdv_device; C:\Windows\SysWow64\lxdvcoms.exe [594600 2007-10-18] ( )
==================== Drivers (Whitelisted) ====================
S4 ASPI; C:\Windows\SysWow64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-03-28] (DT Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-12-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527360 2007-10-29] (PixArt Imaging Inc.)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 TrufosAlt; C:\Windows\SysWow64\DRIVERS\TrufosAlt.sys [309320 2012-01-25] (BitDefender S.R.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-06 02:07 - 2014-01-06 02:07 - 01931762 _____ (Farbar) C:\Users\Pc\Downloads\FRST64 (1).exe
2014-01-06 02:05 - 2014-01-06 02:05 - 00001121 _____ C:\Users\Pc\Desktop\JRT.txt
2014-01-06 01:58 - 2014-01-06 01:58 - 00000000 ____D C:\Windows\ERUNT
2014-01-06 01:57 - 2014-01-06 01:57 - 01036305 _____ (Thisisu) C:\Users\Pc\Downloads\JRT.exe
2014-01-06 01:25 - 2014-01-06 01:25 - 00012216 _____ C:\Users\Pc\Desktop\AdwCleaner[S0].txt
2014-01-06 00:49 - 2014-01-06 01:12 - 00000000 ____D C:\AdwCleaner
2014-01-06 00:49 - 2014-01-06 00:49 - 01233962 _____ C:\Users\Pc\Downloads\adwcleaner.exe
2014-01-05 17:13 - 2014-01-05 17:32 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-05 17:13 - 2014-01-05 17:13 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-05 17:12 - 2014-01-05 17:32 - 00000000 ____D C:\Users\Pc\Desktop\mbar
2014-01-05 17:12 - 2014-01-05 17:12 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-05 17:11 - 2014-01-05 17:11 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Pc\Downloads\mbar-1.07.0.1008.exe
2014-01-04 20:09 - 2014-01-04 20:10 - 96638736 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\msert.exe
2014-01-04 16:02 - 2014-01-04 16:02 - 00021138 _____ C:\ComboFix.txt
2014-01-04 15:37 - 2013-12-17 22:11 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-01-04 15:15 - 2014-01-04 15:15 - 05160001 ____R (Swearware) C:\Users\Pc\Downloads\ComboFix.exe
2014-01-03 14:30 - 2014-01-03 14:31 - 00030098 _____ C:\Users\Pc\Downloads\Addition.txt
2014-01-03 14:25 - 2014-01-06 02:08 - 00012505 _____ C:\Users\Pc\Downloads\FRST.txt
2014-01-03 14:25 - 2014-01-03 14:25 - 00000000 ____D C:\FRST
2014-01-03 14:24 - 2014-01-03 14:24 - 01931750 _____ (Farbar) C:\Users\Pc\Downloads\FRST64.exe
2014-01-03 13:15 - 2014-01-03 13:15 - 00000000 ____D C:\Users\Pc\AppData\Local\Avg2014
2014-01-02 20:28 - 2014-01-02 20:28 - 00385944 _____ C:\Users\Pc\Downloads\reset_access_avg2013_en.exe
2014-01-02 20:24 - 2014-01-02 20:24 - 00000000 ____D C:\Program Files (x86)\AVG
2014-01-02 20:18 - 2014-01-02 20:33 - 00000000 ____D C:\ProgramData\MFAData
2014-01-02 20:18 - 2014-01-02 20:18 - 00000000 ____D C:\Users\Pc\AppData\Local\MFAData
2014-01-02 20:16 - 2014-01-02 20:17 - 137189352 _____ (AVG Technologies) C:\Users\Pc\Downloads\avg_free_x86_all_2014_4259a6848.exe
2014-01-02 19:07 - 2014-01-02 19:07 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388686108
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-02 15:57 - 2014-01-02 15:56 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388674647
2013-12-31 15:47 - 2014-01-06 01:19 - 00000000 ____D C:\Users\Pc\AppData\Local\WinZip
2013-12-31 15:46 - 2013-12-31 17:10 - 00000000 ____D C:\Program Files\WinZip
2013-12-31 14:43 - 2013-12-31 14:47 - 80481712 _____ C:\Users\Pc\Downloads\cjs5400EN.exe
2013-12-31 14:42 - 2014-01-03 13:14 - 00000000 ____D C:\ProgramData\AVAST Software
2013-12-27 04:17 - 2013-12-27 04:17 - 00018276 _____ C:\Users\Pc\Documents\liste schimmelbefall.odt
2013-12-25 14:25 - 2013-12-31 17:00 - 00000000 ____D C:\Users\Pc\AppData\Local\CrashDumps
2013-12-20 16:26 - 2013-12-20 16:26 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Unity
2013-12-20 14:27 - 2013-12-20 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-15 21:33 - 2013-12-15 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\TechSmith
2013-12-15 20:43 - 2013-12-15 20:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TechSmith
2013-12-15 20:42 - 2013-12-16 20:23 - 00000000 ____D C:\Users\Pc\Documents\Camtasia Studio
2013-12-15 20:41 - 2013-12-15 20:41 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-15 20:21 - 2013-12-15 20:36 - 251749736 _____ C:\Users\Pc\Downloads\camtasiade.exe
2013-12-15 15:19 - 2013-12-15 15:19 - 00000018 _____ C:\Users\Pc\Documents\galeria gutschein.txt
2013-12-15 15:11 - 2013-12-15 15:11 - 13989336 _____ C:\Users\Pc\Downloads\G-Force_513.exe
2013-12-15 15:08 - 2013-12-15 15:08 - 00182168 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\trilogyiii.exe
2013-12-15 02:28 - 2013-12-15 02:35 - 134291079 _____ C:\Users\Pc\Downloads\a-gachata.rar
2013-12-15 01:09 - 2013-12-15 01:09 - 00003222 _____ C:\Windows\System32\Tasks\{E43154D1-D38D-4DF9-9A37-014ADA5A3912}
2013-12-15 01:06 - 2013-12-15 01:06 - 00003222 _____ C:\Windows\System32\Tasks\{00947A04-1915-4E54-8649-AD374A4C7888}
2013-12-15 01:03 - 2013-12-15 01:05 - 51380224 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part1.rar
2013-12-15 01:03 - 2013-12-15 01:03 - 15201403 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part2.rar
2013-12-14 19:05 - 2013-12-14 19:05 - 00000000 ____D C:\Users\Pc\AppData\Roaming\MedicView40
2013-12-14 19:03 - 2013-12-31 17:10 - 00000000 ____D C:\Users\Pc\Desktop\20131203222657758_Consuegra-Pino_Juan-Miguel_
2013-12-14 19:00 - 2013-12-14 19:01 - 91387882 _____ C:\Users\Pc\Downloads\20131203222657758_Consuegra-Pino_Juan-Miguel_.rar
2013-12-14 03:08 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-14 03:01 - 2013-12-14 03:08 - 00009768 _____ C:\Windows\IE11_main.log
2013-12-11 00:23 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 00:23 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 00:23 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 00:23 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 00:21 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 00:21 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 00:21 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 00:21 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 00:21 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 00:21 - 2013-10-25 07:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 00:21 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 00:21 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 00:21 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 00:21 - 2013-10-25 05:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-11 00:21 - 2013-10-25 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 00:21 - 2013-10-25 04:41 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 00:21 - 2013-10-25 04:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-11 00:21 - 2013-10-25 03:49 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-10 22:54 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-10 22:54 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-10 22:54 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-10 22:54 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-10 22:54 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-10 22:54 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-10 22:54 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-10 22:54 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-10 22:54 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-10 22:54 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-10 22:54 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-10 22:54 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 22:53 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-10 22:53 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-10 22:53 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-10 22:53 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-10 22:53 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-10 22:53 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-10 22:53 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-09 00:13 - 2013-12-09 00:13 - 06052208 _____ (TeamViewer GmbH) C:\Users\Pc\Downloads\TeamViewer_Setup_de.exe
==================== One Month Modified Files and Folders =======
2014-01-06 02:13 - 2014-01-03 14:25 - 00012505 _____ C:\Users\Pc\Downloads\FRST.txt
2014-01-06 02:07 - 2014-01-06 02:07 - 01931762 _____ (Farbar) C:\Users\Pc\Downloads\FRST64 (1).exe
2014-01-06 02:05 - 2014-01-06 02:05 - 00001121 _____ C:\Users\Pc\Desktop\JRT.txt
2014-01-06 01:58 - 2014-01-06 01:58 - 00000000 ____D C:\Windows\ERUNT
2014-01-06 01:57 - 2014-01-06 01:57 - 01036305 _____ (Thisisu) C:\Users\Pc\Downloads\JRT.exe
2014-01-06 01:53 - 2013-01-04 20:24 - 00000000 ___RD C:\Users\Pc\Dropbox
2014-01-06 01:53 - 2013-01-04 19:51 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Dropbox
2014-01-06 01:42 - 2012-09-28 20:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-06 01:38 - 2009-07-14 05:45 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 01:38 - 2009-07-14 05:45 - 00014336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 01:34 - 2012-01-13 12:20 - 00000000 ____D C:\Users\Pc\AppData\Local\VirtualStore
2014-01-06 01:32 - 2012-02-21 19:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-06 01:31 - 2012-05-03 19:13 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-06 01:31 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 01:30 - 2012-01-13 12:20 - 01425827 _____ C:\Windows\WindowsUpdate.log
2014-01-06 01:25 - 2014-01-06 01:25 - 00012216 _____ C:\Users\Pc\Desktop\AdwCleaner[S0].txt
2014-01-06 01:22 - 2012-02-21 19:32 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-06 01:19 - 2013-12-31 15:47 - 00000000 ____D C:\Users\Pc\AppData\Local\WinZip
2014-01-06 01:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-06 01:12 - 2014-01-06 00:49 - 00000000 ____D C:\AdwCleaner
2014-01-06 00:49 - 2014-01-06 00:49 - 01233962 _____ C:\Users\Pc\Downloads\adwcleaner.exe
2014-01-05 17:48 - 2013-07-05 20:25 - 00010704 _____ C:\Windows\setupact.log
2014-01-05 17:32 - 2014-01-05 17:13 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-05 17:32 - 2014-01-05 17:12 - 00000000 ____D C:\Users\Pc\Desktop\mbar
2014-01-05 17:13 - 2014-01-05 17:13 - 00117464 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-01-05 17:12 - 2014-01-05 17:12 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-01-05 17:11 - 2014-01-05 17:11 - 12582688 _____ (Malwarebytes Corp.) C:\Users\Pc\Downloads\mbar-1.07.0.1008.exe
2014-01-04 20:10 - 2014-01-04 20:09 - 96638736 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\msert.exe
2014-01-04 20:10 - 2009-07-14 18:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2014-01-04 20:10 - 2009-07-14 18:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2014-01-04 20:10 - 2009-07-14 06:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 16:02 - 2014-01-04 16:02 - 00021138 _____ C:\ComboFix.txt
2014-01-04 16:02 - 2012-01-25 23:56 - 00000000 ____D C:\Qoobox
2014-01-04 15:58 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-04 15:56 - 2013-08-11 17:03 - 00731976 _____ C:\Windows\PFRO.log
2014-01-04 15:55 - 2012-01-25 23:58 - 00000000 ____D C:\Windows\ERDNT
2014-01-04 15:55 - 2009-07-14 03:34 - 59244544 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-04 15:55 - 2009-07-14 03:34 - 14942208 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-04 15:55 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2014-01-04 15:55 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-04 15:55 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-04 15:15 - 2014-01-04 15:15 - 05160001 ____R (Swearware) C:\Users\Pc\Downloads\ComboFix.exe
2014-01-03 14:31 - 2014-01-03 14:30 - 00030098 _____ C:\Users\Pc\Downloads\Addition.txt
2014-01-03 14:25 - 2014-01-03 14:25 - 00000000 ____D C:\FRST
2014-01-03 14:24 - 2014-01-03 14:24 - 01931750 _____ (Farbar) C:\Users\Pc\Downloads\FRST64.exe
2014-01-03 13:15 - 2014-01-03 13:15 - 00000000 ____D C:\Users\Pc\AppData\Local\Avg2014
2014-01-03 13:14 - 2013-12-31 14:42 - 00000000 ____D C:\ProgramData\AVAST Software
2014-01-02 20:33 - 2014-01-02 20:18 - 00000000 ____D C:\ProgramData\MFAData
2014-01-02 20:28 - 2014-01-02 20:28 - 00385944 _____ C:\Users\Pc\Downloads\reset_access_avg2013_en.exe
2014-01-02 20:24 - 2014-01-02 20:24 - 00000000 ____D C:\Program Files (x86)\AVG
2014-01-02 20:18 - 2014-01-02 20:18 - 00000000 ____D C:\Users\Pc\AppData\Local\MFAData
2014-01-02 20:17 - 2014-01-02 20:16 - 137189352 _____ (AVG Technologies) C:\Users\Pc\Downloads\avg_free_x86_all_2014_4259a6848.exe
2014-01-02 19:07 - 2014-01-02 19:07 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388686108
2014-01-02 19:07 - 2014-01-02 19:07 - 00000000 ____D C:\Program Files\AVAST Software
2014-01-02 15:56 - 2014-01-02 15:57 - 00082744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys.1388674647
2013-12-31 17:12 - 2012-01-23 20:06 - 00000000 ____D C:\Program Files\Lx_cats
2013-12-31 17:12 - 2012-01-13 12:20 - 00000000 ____D C:\Users\Pc
2013-12-31 17:10 - 2013-12-31 15:46 - 00000000 ____D C:\Program Files\WinZip
2013-12-31 17:10 - 2013-12-14 19:03 - 00000000 ____D C:\Users\Pc\Desktop\20131203222657758_Consuegra-Pino_Juan-Miguel_
2013-12-31 17:10 - 2013-07-02 20:37 - 00000000 ____D C:\Users\Pc\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
2013-12-31 17:10 - 2012-09-26 19:58 - 00000000 ____D C:\Users\Pc\Desktop\Uni
2013-12-31 17:10 - 2012-06-21 18:25 - 00000000 ____D C:\Users\Pc\Documents\MOH
2013-12-31 17:10 - 2012-06-21 18:25 - 00000000 ____D C:\Users\Pc\Desktop\MOH
2013-12-31 17:10 - 2012-02-06 21:41 - 00000000 ____D C:\Program Files (x86)\WinZip
2013-12-31 17:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-12-31 17:09 - 2012-10-22 21:35 - 00000000 ____D C:\Program Files\Java
2013-12-31 17:00 - 2013-12-25 14:25 - 00000000 ____D C:\Users\Pc\AppData\Local\CrashDumps
2013-12-31 15:51 - 2013-11-24 18:49 - 00000000 ____D C:\ProgramData\Oracle
2013-12-31 15:49 - 2012-02-06 21:41 - 00000000 ____D C:\ProgramData\WinZip
2013-12-31 14:47 - 2013-12-31 14:43 - 80481712 _____ C:\Users\Pc\Downloads\cjs5400EN.exe
2013-12-27 04:17 - 2013-12-27 04:17 - 00018276 _____ C:\Users\Pc\Documents\liste schimmelbefall.odt
2013-12-22 14:12 - 2012-10-22 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 23:46 - 2012-04-20 21:12 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Spotify
2013-12-20 17:06 - 2012-04-20 21:12 - 00000000 ____D C:\Users\Pc\AppData\Local\Spotify
2013-12-20 16:26 - 2013-12-20 16:26 - 00000000 ____D C:\Users\Pc\AppData\Roaming\Unity
2013-12-20 14:27 - 2013-12-20 14:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-17 22:11 - 2014-01-04 15:37 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2013-12-16 22:35 - 2013-07-02 21:00 - 00008192 _____ C:\Users\Pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-16 20:23 - 2013-12-15 20:42 - 00000000 ____D C:\Users\Pc\Documents\Camtasia Studio
2013-12-15 21:33 - 2013-12-15 21:33 - 00000000 ____D C:\Users\Pc\AppData\Local\TechSmith
2013-12-15 20:43 - 2013-12-15 20:43 - 00000000 ____D C:\Users\Pc\AppData\Roaming\TechSmith
2013-12-15 20:41 - 2013-12-15 20:41 - 00001168 _____ C:\Users\Public\Desktop\Camtasia Studio 8.lnk
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\ProgramData\regid.1995-08.com.techsmith
2013-12-15 20:41 - 2013-12-15 20:41 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\ProgramData\TechSmith
2013-12-15 20:40 - 2013-12-15 20:40 - 00000000 ____D C:\Program Files (x86)\TechSmith
2013-12-15 20:36 - 2013-12-15 20:21 - 251749736 _____ C:\Users\Pc\Downloads\camtasiade.exe
2013-12-15 15:19 - 2013-12-15 15:19 - 00000018 _____ C:\Users\Pc\Documents\galeria gutschein.txt
2013-12-15 15:11 - 2013-12-15 15:11 - 13989336 _____ C:\Users\Pc\Downloads\G-Force_513.exe
2013-12-15 15:08 - 2013-12-15 15:08 - 00182168 _____ (Microsoft Corporation) C:\Users\Pc\Downloads\trilogyiii.exe
2013-12-15 12:30 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 02:52 - 2013-08-16 03:33 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 02:51 - 2012-01-14 22:01 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 02:35 - 2013-12-15 02:28 - 134291079 _____ C:\Users\Pc\Downloads\a-gachata.rar
2013-12-15 01:09 - 2013-12-15 01:09 - 00003222 _____ C:\Windows\System32\Tasks\{E43154D1-D38D-4DF9-9A37-014ADA5A3912}
2013-12-15 01:06 - 2013-12-15 01:06 - 00003222 _____ C:\Windows\System32\Tasks\{00947A04-1915-4E54-8649-AD374A4C7888}
2013-12-15 01:05 - 2013-12-15 01:03 - 51380224 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part1.rar
2013-12-15 01:03 - 2013-12-15 01:03 - 15201403 _____ C:\Users\Pc\Downloads\Ricardo_Arjona.part2.rar
2013-12-14 19:05 - 2013-12-14 19:05 - 00000000 ____D C:\Users\Pc\AppData\Roaming\MedicView40
2013-12-14 19:01 - 2013-12-14 19:00 - 91387882 _____ C:\Users\Pc\Downloads\20131203222657758_Consuegra-Pino_Juan-Miguel_.rar
2013-12-14 15:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-14 13:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-14 03:08 - 2013-12-14 03:01 - 00009768 _____ C:\Windows\IE11_main.log
2013-12-11 11:25 - 2009-07-14 05:45 - 00290776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-10 22:42 - 2012-09-28 20:27 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-10 22:42 - 2012-09-28 20:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 22:42 - 2012-09-28 20:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-10 22:24 - 2012-01-13 12:26 - 00065176 _____ C:\Users\Pc\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-09 00:28 - 2012-02-07 22:02 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-09 00:13 - 2013-12-09 00:13 - 06052208 _____ (TeamViewer GmbH) C:\Users\Pc\Downloads\TeamViewer_Setup_de.exe
ZeroAccess:
C:\Users\Pc\AppData\Local\f683b4d7
C:\Users\Pc\AppData\Local\f683b4d7\@
C:\Users\Pc\AppData\Local\f683b4d7\loader.tlb
Some content of TEMP:
====================
C:\Users\Pc\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 00:42
==================== End Of Log ============================
|
|
| Themen zu Computer lässt die Installation von Antiviren nicht mehr zu |
| aktiv, aktiviere, aktivieren, antiviren, antivirus, avast, avg, booten, computer, daten, deinstallation, ebenfalls, erkannt, hallo zusammen, hoffe, inaktiv, installation, laufen, malwarebytes, neu, nicht mehr, problem, wichtig, würde, zusammen |
Linear-Darstellung
