Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Veralteter Browser erkannt /Java /Flashplayer

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.01.2014, 13:44   #1
Nergalia
 
Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



Hallo und zwar habe ich seit ein paar Tagen das Problem das in meinem Firefox nach einiger Zeit ein neuer TAB aufgeht mit einem Popup wo unterschiedliche Sachen drin stehen. Also ich hatte schon : veralteter Browser erkannt, Java veraltet oder Flashplayer veraltet.

Wir haben folgendes unternommen am 3.1.14 :
Antivir drüberlaufen lassen
Windows Defender
Malwarebytes Anti-Malware
Emsisoft Anti-Malware.

Es hat nichts geholfen. Heute hatte ich diese Meldungen noch nicht aber ich bin mir nicht sicher ob sie nicht wieder auftauchen. Hatte im Forum schon sowas ähnliches gelesen und auch schon FRST runtergeladen. Ich hoffe ihr könnt mir helfen .


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2014
Ran by Cyberhexe at 2014-01-04 13:35:36
Running from C:\Users\Cyberhexe\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (x32 Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4399.36214 - Advanced Micro Devices, Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battle.net (x32 Version:  - Blizzard Entertainment)
Black Mirror 2 (x32 Version:  - dtp)
Brother MFL-Pro Suite DCP-150C (x32 Version: 1.0.2.0 - Brother Industries, Ltd.)
Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden
Cool & Quiet (x32 Version:  - )
Dark Mysteries - Der Seelensammler (x32 Version:  - cerasus.media GmbH)
DeathMan (x32 Version:  - DominiGames)
Diablo III (x32 Version:  - Blizzard Entertainment)
Die Sims™ 3 (x32 Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Inselparadies (x32 Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Supernatural (x32 Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (x32 Version: 18.0.126 - Electronic Arts)
Eastville Chronicles Fluch des Opernhauses (x32 Version:  - rondomedia)
Edna Bricht Aus - Sammler Edition (x32 Version: 1.2 - Daedalic Entertainment)
Emsisoft Anti-Malware (x32 Version: 8.1 - Emsisoft GmbH)
EPU-4 Engine (x32 Version: 1.02.01 - )
Fallen Shadows - Schatten der Kindheit (x32 Version: 1.0.0 - Happy Muffin Top)
Farm Mystery - Das Grauen von Orchardville (x32 Version: 1.0 - rondomedia)
Google Chrome (HKCU Version: 31.0.1650.63 - Google Inc.)
Guild Wars 2 (x32 Version:  - NCsoft Corporation, Ltd.)
Harveys neue Augen Special Edition (x32 Version: 1.3 - Daedalic Entertainment)
Hearthstone (x32 Version:  - Blizzard Entertainment)
Hidden Runaway (x32 Version:  - rondomedia Marketing & Vertriebs GmbH)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Logitech Webcam Software (x32 Version: 1.20 - Logitech)
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Midnight Mysteries Haunted Houdini (x32 Version: 1.1.0.0 - MumboJumbo)
Missing Mona Lisa (x32 Version:  - rondomedia Marketing & Vertriebs GmbH)
MobMap 4.31 (x32 Version:  - Slarti on EU-Blackhand)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSI Afterburner 2.1.0 (x32 Version: 2.1.0 - MSI Co., LTD)
Mystery Stories - Das Geisterschiff (x32 Version:  - Rondomedia)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Update 1.12.12 (Version: 1.12.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
OpenAL (x32 Version:  - )
Origin (x32 Version: 9.1.15.109 - Electronic Arts, Inc.)
posterXXL Designer 5.2 (x32 Version:  - )
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.2 - RealNetworks)
Realtek Ethernet Controller Driver (x32 Version: 7.46.610.2011 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6402 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Red Crow Mysteries - Legion (x32 Version:  - )
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab (x32 Version:  - )
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot Version 1.213647 (x32 Version: 1.213647 - )
The Walking Dead (x32 Version: 1.0.0.15 - Telltale Games)
Torchlight II (x32 Version:  - White Rabbit Interactive)
TuneUp Utilities (x32 Version: 9.0.6000.19 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6000.19 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.6000.19 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Walsingham‘s Manor - Verlies der Seelen (x32 Version:  - rondomedia Marketing & Vertriebs GmbH)
Winamp (x32 Version: 5.623  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
World of Warcraft (x32 Version:  - Blizzard Entertainment)
World of Warcraft Beta (x32 Version: 5.0.1.15781 - Blizzard Entertainment)

==================== Restore Points  =========================

27-12-2013 17:53:55 Windows Update
31-12-2013 14:10:45 Windows Update
03-01-2014 19:22:43 Installed SpyHunter
03-01-2014 20:08:50 Removed SpyHunter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {15DC1780-FB12-4B45-837E-B44229BD12C9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {42085168-BA67-41B0-BBC2-402E390055E9} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2010-02-03] (ASUSTeK Computer Inc.)
Task: {580057D9-C60E-43E3-9445-61E783F4883E} - System32\Tasks\Real Networks Scheduler => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2013-07-11] (RealNetworks, Inc.)
Task: {5955968B-A03F-4042-BFBE-824DA62554E6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2893454199-3596817668-125467067-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {5D112AE4-C3F6-4579-AC77-3DCD43F9F9B6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {9D48FD3E-241A-4941-BC20-5C12D2DA1BF1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-03] (Adobe Systems Incorporated)
Task: {A9F325BB-EC7B-4BCF-B9C2-1BDF7F47D73B} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {ACE2B3EE-3E09-4372-8052-34086BC2DFC8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {B5002373-35F9-41C8-99CE-8A9B09F78B1C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C2561D23-5FDD-47E8-9465-0DAB0824DF2B} - System32\Tasks\Google Updater and Installer => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-23] (Google Inc.)
Task: {FFB29655-1881-4B3D-8018-5E36F1224E29} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\TuneUp Utilities 2010\OneClickStarter.exe [2011-05-31] (TuneUp Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job => C:\Users\Cyberhexe\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-14 12:48 - 2013-04-14 12:42 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-11-21 18:15 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-01-03 17:41 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 17:54 - 2014-01-03 16:44 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:1234ADAE
AlternateDataStreams: C:\Users\Cyberhexe\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Cookies:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Cyberhexe\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2014 01:06:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 09:08:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (01/03/2014 07:27:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 03:57:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 02:35:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 00:00:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 04:41:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 03:59:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 03:17:51 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (01/02/2014 03:16:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (01/04/2014 01:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/04/2014 01:07:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/04/2014 01:05:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/03/2014 10:53:57 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/03/2014 07:28:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/03/2014 07:28:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (01/03/2014 07:26:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (01/03/2014 06:51:48 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/03/2014 03:58:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (01/03/2014 03:58:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================
Error: (01/04/2014 01:06:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 09:08:36 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8de401cf08bf6a2ef839C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dlld37c04ad-74b2-11e3-8012-5404a653c917

Error: (01/03/2014 07:27:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 03:57:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 02:35:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/03/2014 00:00:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 04:41:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 03:59:16 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/02/2014 03:17:51 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\recordingmanager.exe

Error: (01/02/2014 03:16:18 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\ATI\CIM\Bin64\SetACL64.exe


==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 8174.12 MB
Available physical RAM: 6111.7 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 13623.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:40.06 GB) NTFS
Drive d: () (Fixed) (Total:244.14 GB) (Free:85.84 GB) NTFS
Drive e: () (Fixed) (Total:123.87 GB) (Free:86.52 GB) NTFS
Drive g: () (Fixed) (Total:74.52 GB) (Free:57.88 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 74BC26AE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=124 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 75 GB) (Disk ID: CF4FCF4F)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Cyberhexe (administrator) on FIRESTORMOMEGA on 04-01-2014 13:34:43
Running from C:\Users\Cyberhexe\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nullsoft, Inc.) E:\Winamp\winampa.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1607DB3DE0D9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Bubble Island) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgmamcledfbjjcekmpppenaomjihgea\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 13:34 - 2014-01-04 13:35 - 00012299 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Downloads\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-04 13:30 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:16 - 2014-01-03 21:24 - 235256512 _____ (Emsisoft GmbH                                               ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:22 - 2014-01-03 21:09 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 14:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-22 21:02 - 2014-01-02 18:27 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2013-12-21 13:11 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 19:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:39 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 19:39 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:39 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:39 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:39 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:39 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:39 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:39 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 19:39 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 19:39 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 17:56 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 17:55 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 17:55 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 17:55 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 17:55 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 17:55 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 17:55 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 17:55 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 17:55 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 17:55 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 17:55 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf

==================== One Month Modified Files and Folders =======

2014-01-04 13:35 - 2014-01-04 13:34 - 00012299 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:31 - 2012-12-22 11:44 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000
2014-01-04 13:30 - 2014-01-03 21:24 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Downloads\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:25 - 2012-01-23 20:27 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-04 13:15 - 2012-04-29 10:08 - 00055771 _____ C:\Windows\setupact.log
2014-01-04 13:12 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 13:12 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 13:09 - 2012-01-23 15:54 - 01297842 _____ C:\Windows\WindowsUpdate.log
2014-01-04 13:09 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-04 13:09 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-04 13:09 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 13:05 - 2012-01-24 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-04 13:05 - 2012-01-23 15:55 - 00000000 ____D C:\Users\Cyberhexe
2014-01-04 13:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 22:53 - 2012-04-04 20:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:16 - 235256512 _____ (Emsisoft GmbH                                               ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 21:09 - 2014-01-03 20:22 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 20:18 - 2013-08-16 16:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Battle.net
2014-01-03 19:25 - 2012-11-20 18:18 - 00016566 _____ C:\Windows\PFRO.log
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:41 - 2013-12-21 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 17:16 - 2012-02-10 18:20 - 00003808 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-03 16:45 - 2012-02-03 18:21 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Adobe
2014-01-03 16:44 - 2012-04-04 20:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-03 16:44 - 2012-04-04 20:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 16:44 - 2012-01-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:27 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 14:23 - 2012-02-03 18:20 - 00000000 ____D C:\ProgramData\Adobe
2014-01-02 10:31 - 2013-03-13 17:54 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Dies und Das
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-31 15:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 19:25 - 2012-01-23 20:27 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job
2013-12-30 16:08 - 2013-06-17 17:29 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Spiele
2013-12-30 16:06 - 2013-07-10 17:04 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Wimmelspiele
2013-12-30 16:06 - 2012-04-14 12:05 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Winamp
2013-12-29 13:12 - 2013-10-18 15:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\._LiveCode_
2013-12-23 14:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-21 13:23 - 2013-08-16 16:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-20 17:55 - 2013-05-08 19:52 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2013-08-14 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 16:51 - 2013-08-30 18:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-13 16:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
2013-12-06 15:27 - 2012-01-23 20:28 - 00002382 _____ C:\Users\Cyberhexe\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Users\Cyberhexe\AppData\Local\Temp\11-12_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Cyberhexe\AppData\Local\Temp\avgnt.exe
C:\Users\Cyberhexe\AppData\Local\Temp\CheckLang.dll
C:\Users\Cyberhexe\AppData\Local\Temp\CtRunApp.dll
C:\Users\Cyberhexe\AppData\Local\Temp\devcon.exe
C:\Users\Cyberhexe\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Cyberhexe\AppData\Local\Temp\Gw2.exe
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2208147.dll
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2218739.dll
C:\Users\Cyberhexe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStInst.exe
C:\Users\Cyberhexe\AppData\Local\Temp\rootsupd.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Setup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\SHSetup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Uninstaller-828.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cyberhexe\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 15:16

==================== End Of Log ============================
         

Alt 04.01.2014, 13:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



hi,

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 04.01.2014, 20:07   #3
Nergalia
 
Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



Code:
ATTFilter
# AdwCleaner v3.016 - Bericht erstellt am 04/01/2014 um 13:57:33
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Cyberhexe - FIRESTORMOMEGA
# Gestartet von : C:\Users\Cyberhexe\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.AudioCD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Imesh

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2617 octets] - [04/01/2014 13:52:40]
AdwCleaner[R1].txt - [2675 octets] - [04/01/2014 13:56:39]
AdwCleaner[S0].txt - [2540 octets] - [04/01/2014 13:57:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2600 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x64
Ran by Cyberhexe on 04.01.2014 at 14:01:59,86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Cyberhexe\AppData\Roaming\getrighttogo"



~~~ FireFox

Emptied folder: C:\Users\Cyberhexe\AppData\Roaming\mozilla\firefox\profiles\oiaiudte.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.01.2014 at 14:14:52,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2014
Ran by Cyberhexe (administrator) on FIRESTORMOMEGA on 04-01-2014 14:16:22
Running from C:\Users\Cyberhexe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [emsisoft anti-malware] - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe [4329408 2013-12-04] (Emsisoft GmbH)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1607DB3DE0D9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Bubble Island) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgmamcledfbjjcekmpppenaomjihgea\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4161512 2013-12-04] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-04 14:16 - 2014-01-04 14:16 - 00011997 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-04 14:14 - 2014-01-04 14:14 - 00000848 _____ C:\Users\Cyberhexe\Desktop\JRT.txt
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:01 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Desktop\JRT.exe
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:59 - 2014-01-04 13:59 - 00002688 _____ C:\Users\Cyberhexe\Desktop\AdwCleaner[S0].txt
2014-01-04 13:52 - 2014-01-04 13:57 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:52 - 2014-01-04 13:52 - 01233962 _____ C:\Users\Cyberhexe\Desktop\adwcleaner.exe
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:34 - 2014-01-04 13:35 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-04 14:12 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:16 - 2014-01-03 21:24 - 235256512 _____ (Emsisoft GmbH                                               ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:22 - 2014-01-03 21:09 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 14:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-22 21:02 - 2014-01-02 18:27 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2013-12-21 13:11 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 19:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:39 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 19:39 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:39 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:39 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:39 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:39 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:39 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:39 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 19:39 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 19:39 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 17:56 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 17:55 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 17:55 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 17:55 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 17:55 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 17:55 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 17:55 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 17:55 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 17:55 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 17:55 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 17:55 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf

==================== One Month Modified Files and Folders =======

2014-01-04 14:16 - 2014-01-04 14:16 - 00011997 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-04 14:14 - 2014-01-04 14:14 - 00000848 _____ C:\Users\Cyberhexe\Desktop\JRT.txt
2014-01-04 14:12 - 2014-01-03 21:24 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-04 14:06 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 14:06 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 14:05 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-04 14:05 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-04 14:05 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:00 - 2014-01-04 14:01 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Desktop\JRT.exe
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:59 - 2014-01-04 13:59 - 00002688 _____ C:\Users\Cyberhexe\Desktop\AdwCleaner[S0].txt
2014-01-04 13:59 - 2012-04-29 10:08 - 00055827 _____ C:\Windows\setupact.log
2014-01-04 13:59 - 2012-01-24 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-04 13:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-04 13:57 - 2014-01-04 13:52 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:57 - 2012-01-23 15:55 - 00000000 ____D C:\Users\Cyberhexe
2014-01-04 13:57 - 2012-01-23 15:54 - 01309699 _____ C:\Windows\WindowsUpdate.log
2014-01-04 13:53 - 2012-04-04 20:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 13:52 - 2014-01-04 13:52 - 01233962 _____ C:\Users\Cyberhexe\Desktop\adwcleaner.exe
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:35 - 2014-01-04 13:34 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:34 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-04 13:31 - 2012-12-22 11:44 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000
2014-01-04 13:27 - 2014-01-04 13:27 - 01931368 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:25 - 2012-01-23 20:27 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:25 - 2014-01-03 21:25 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-01-03 21:24 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:24 - 2014-01-03 21:16 - 235256512 _____ (Emsisoft GmbH                                               ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 21:09 - 2014-01-03 20:22 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 20:18 - 2013-08-16 16:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Battle.net
2014-01-03 19:25 - 2012-11-20 18:18 - 00016566 _____ C:\Windows\PFRO.log
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:41 - 2013-12-21 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 17:16 - 2012-02-10 18:20 - 00003808 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-03 16:45 - 2012-02-03 18:21 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Adobe
2014-01-03 16:44 - 2012-04-04 20:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-03 16:44 - 2012-04-04 20:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 16:44 - 2012-01-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:27 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 14:23 - 2012-02-03 18:20 - 00000000 ____D C:\ProgramData\Adobe
2014-01-02 10:31 - 2013-03-13 17:54 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Dies und Das
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-31 15:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 19:25 - 2012-01-23 20:27 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job
2013-12-30 16:08 - 2013-06-17 17:29 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Spiele
2013-12-30 16:06 - 2013-07-10 17:04 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Wimmelspiele
2013-12-30 16:06 - 2012-04-14 12:05 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Winamp
2013-12-29 13:12 - 2013-10-18 15:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\._LiveCode_
2013-12-23 14:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-21 13:23 - 2013-08-16 16:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-20 17:55 - 2013-05-08 19:52 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2013-08-14 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 16:51 - 2013-08-30 18:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-13 16:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf
2013-12-06 15:27 - 2012-01-23 20:28 - 00002382 _____ C:\Users\Cyberhexe\Desktop\Google Chrome.lnk

Some content of TEMP:
====================
C:\Users\Cyberhexe\AppData\Local\Temp\11-12_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Cyberhexe\AppData\Local\Temp\avgnt.exe
C:\Users\Cyberhexe\AppData\Local\Temp\CheckLang.dll
C:\Users\Cyberhexe\AppData\Local\Temp\CtRunApp.dll
C:\Users\Cyberhexe\AppData\Local\Temp\devcon.exe
C:\Users\Cyberhexe\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Cyberhexe\AppData\Local\Temp\Gw2.exe
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2208147.dll
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2218739.dll
C:\Users\Cyberhexe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStInst.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Quarantine.exe
C:\Users\Cyberhexe\AppData\Local\Temp\rootsupd.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Setup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\SHSetup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Uninstaller-828.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cyberhexe\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 15:16

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Wollte Danke sagen also bis jetzt habe ich keine weiteren Tabs/Popups bekommen
__________________

Alt 05.01.2014, 16:22   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.01.2014, 14:33   #5
Nergalia
 
Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



Hier die Logs:

Eset:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f1904efb8fc91c41b6b10d5b29f0c31c
# engine=16544
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-07 01:26:00
# local_time=2014-01-07 02:26:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 8477 159772465 1247 0
# compatibility_mode=5893 16776573 100 94 257455 140731010 0 0
# scanned=215249
# found=0
# cleaned=0
# scan_time=4615
         
SecurityCheck:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.78  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities    
 TuneUp Utilities Language Pack (de-DE) 
 TuneUp Utilities    
 Java 7 Update 45  
 Adobe Flash Player 11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 windows defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
und das frische FRST Log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-01-2014
Ran by Cyberhexe (administrator) on FIRESTORMOMEGA on 07-01-2014 14:32:06
Running from C:\Users\Cyberhexe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\BrCtrCen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1607DB3DE0D9CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1

FireFox:
========
FF ProfilePath: C:\Users\Cyberhexe\AppData\Roaming\Mozilla\Firefox\Profiles\oiaiudte.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Cyberhexe\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0
CHR Extension: (Bubble Island) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcgmamcledfbjjcekmpppenaomjihgea\1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Cyberhexe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-12] (Avira Operations GmbH & Co. KG)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2012-01-23] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-05-31] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-12] (Avira Operations GmbH & Co. KG)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
S3 AODDriver4.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 MSICDSetup; \??\F:\CDriver64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-07 14:32 - 2014-01-07 14:32 - 00011212 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-07 14:32 - 2014-01-07 14:32 - 00000000 ____D C:\Users\Cyberhexe\Desktop\FRST-OlderVersion
2014-01-07 14:29 - 2014-01-07 14:29 - 00000958 _____ C:\Users\Cyberhexe\Desktop\checkup.txt
2014-01-07 14:28 - 2014-01-07 14:28 - 00987410 _____ C:\Users\Cyberhexe\Desktop\SecurityCheck.exe
2014-01-07 13:06 - 2014-01-07 13:06 - 02347384 _____ (ESET) C:\Users\Cyberhexe\Downloads\esetsmartinstaller_enu.exe
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:52 - 2014-01-04 13:57 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:34 - 2014-01-07 14:32 - 00000000 ____D C:\FRST
2014-01-04 13:34 - 2014-01-04 13:35 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:27 - 2014-01-07 14:32 - 01931762 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:24 - 2014-01-07 14:27 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-03 21:24 - 2014-01-07 14:27 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-03 21:16 - 2014-01-03 21:24 - 235256512 _____ (Emsisoft GmbH                                               ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:22 - 2014-01-03 21:09 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-03 14:22 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-22 21:02 - 2014-01-02 18:27 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2013-12-21 13:11 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-11 19:40 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 19:40 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-11 19:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-11 19:39 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-11 19:39 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-11 19:39 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-11 19:39 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-11 19:39 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-11 19:39 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-11 19:39 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-11 19:39 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-11 19:39 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-11 19:39 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-11 19:39 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-11 19:39 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-11 19:39 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-11 19:39 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-11 19:39 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-11 19:39 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-11 19:39 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-11 19:39 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-11 19:39 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-11 19:39 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-11 19:39 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-11 19:39 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-11 17:56 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 17:56 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 17:55 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 17:55 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 17:55 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 17:55 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 17:55 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 17:55 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 17:55 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 17:55 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 17:55 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 17:55 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 17:55 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 17:55 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 17:55 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 17:55 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf

==================== One Month Modified Files and Folders =======

2014-01-07 14:32 - 2014-01-07 14:32 - 00011212 _____ C:\Users\Cyberhexe\Desktop\FRST.txt
2014-01-07 14:32 - 2014-01-07 14:32 - 00000000 ____D C:\Users\Cyberhexe\Desktop\FRST-OlderVersion
2014-01-07 14:32 - 2014-01-04 13:34 - 00000000 ____D C:\FRST
2014-01-07 14:32 - 2014-01-04 13:27 - 01931762 _____ (Farbar) C:\Users\Cyberhexe\Desktop\FRST64.exe
2014-01-07 14:29 - 2014-01-07 14:29 - 00000958 _____ C:\Users\Cyberhexe\Desktop\checkup.txt
2014-01-07 14:28 - 2014-01-07 14:28 - 00987410 _____ C:\Users\Cyberhexe\Desktop\SecurityCheck.exe
2014-01-07 14:27 - 2014-01-03 21:24 - 00000000 ____D C:\Users\Cyberhexe\Documents\Anti-Malware
2014-01-07 14:27 - 2014-01-03 21:24 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2014-01-07 14:25 - 2012-01-23 20:27 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000UA.job
2014-01-07 14:16 - 2012-01-23 15:54 - 01417488 _____ C:\Windows\WindowsUpdate.log
2014-01-07 13:53 - 2012-04-04 20:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-07 13:12 - 2012-04-29 10:08 - 00056499 _____ C:\Windows\setupact.log
2014-01-07 13:11 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-07 13:11 - 2009-07-14 05:45 - 00021856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-07 13:09 - 2011-04-12 08:43 - 00696832 _____ C:\Windows\system32\perfh007.dat
2014-01-07 13:09 - 2011-04-12 08:43 - 00148128 _____ C:\Windows\system32\perfc007.dat
2014-01-07 13:09 - 2009-07-14 06:13 - 01613340 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 13:06 - 2014-01-07 13:06 - 02347384 _____ (ESET) C:\Users\Cyberhexe\Downloads\esetsmartinstaller_enu.exe
2014-01-07 13:03 - 2012-01-24 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-07 13:03 - 2012-01-23 15:55 - 00000000 ____D C:\Users\Cyberhexe
2014-01-07 13:03 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 20:13 - 2013-08-16 16:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Battle.net
2014-01-06 19:25 - 2012-01-23 20:27 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2893454199-3596817668-125467067-1000Core.job
2014-01-05 11:55 - 2013-10-18 15:12 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\._LiveCode_
2014-01-04 14:20 - 2013-03-13 17:54 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Dies und Das
2014-01-04 14:01 - 2014-01-04 14:01 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 14:00 - 2014-01-04 14:00 - 01036305 _____ (Thisisu) C:\Users\Cyberhexe\Downloads\JRT.exe
2014-01-04 13:57 - 2014-01-04 13:52 - 00000000 ____D C:\AdwCleaner
2014-01-04 13:35 - 2014-01-04 13:35 - 00024577 _____ C:\Users\Cyberhexe\Downloads\Addition.txt
2014-01-04 13:35 - 2014-01-04 13:34 - 00031881 _____ C:\Users\Cyberhexe\Downloads\FRST.txt
2014-01-04 13:31 - 2012-12-22 11:44 - 00003236 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2893454199-3596817668-125467067-1000
2014-01-04 13:26 - 2014-01-04 13:26 - 00003584 _____ C:\Users\Cyberhexe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 13:26 - 2014-01-04 13:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\MusicNet
2014-01-04 13:25 - 2014-01-04 13:25 - 00000000 ____D C:\Users\Cyberhexe\Documents\My Received Files
2014-01-04 13:24 - 2014-01-04 13:24 - 01272360 _____ (iMesh Inc) C:\Users\Cyberhexe\Downloads\iMeshSetup-r1487-w-bf.exe
2014-01-03 21:24 - 2014-01-03 21:16 - 235256512 _____ (Emsisoft GmbH                                               ) C:\Users\Cyberhexe\Downloads\EmsisoftAntiMalwareSetup.exe
2014-01-03 21:09 - 2014-01-03 20:22 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 ____D C:\Program Files\Enigma Software Group
2014-01-03 20:23 - 2014-01-03 20:23 - 00000000 _____ C:\autoexec.bat
2014-01-03 20:20 - 2014-01-03 20:20 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Cyberhexe\Downloads\SpyHunter-Installer.exe
2014-01-03 19:25 - 2012-11-20 18:18 - 00016566 _____ C:\Windows\PFRO.log
2014-01-03 17:41 - 2014-01-03 17:41 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Mozilla
2014-01-03 17:41 - 2014-01-03 17:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 17:41 - 2013-12-21 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-03 17:40 - 2014-01-03 17:40 - 00283096 _____ (Mozilla) C:\Users\Cyberhexe\Downloads\Firefox Setup Stub 26.0.exe
2014-01-03 17:30 - 2014-01-03 17:30 - 00056617 _____ C:\Users\Cyberhexe\Desktop\bookmarks-2014-01-03.json
2014-01-03 17:16 - 2012-02-10 18:20 - 00003808 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-01-03 16:45 - 2012-02-03 18:21 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\Adobe
2014-01-03 16:44 - 2012-04-04 20:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-03 16:44 - 2012-04-04 20:08 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-03 16:44 - 2012-01-23 19:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 14:22 - 2014-01-03 14:22 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-03 14:22 - 2014-01-03 14:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-02 18:27 - 2013-12-22 21:02 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Hochzeitsfotos
2014-01-02 14:23 - 2014-01-02 14:23 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-01-02 14:23 - 2014-01-02 14:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2014-01-02 14:23 - 2012-02-03 18:20 - 00000000 ____D C:\ProgramData\Adobe
2014-01-02 10:26 - 2014-01-02 10:26 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\PhotoGenie
2014-01-02 10:25 - 2014-01-02 10:25 - 00000586 _____ C:\Users\Public\Desktop\posterXXL Designer.lnk
2014-01-02 10:25 - 2014-01-02 10:25 - 00000000 ____D C:\ProgramData\PhotoGenie
2013-12-31 15:04 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-30 16:08 - 2013-06-17 17:29 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Spiele
2013-12-30 16:06 - 2013-07-10 17:04 - 00000000 ____D C:\Users\Cyberhexe\Desktop\Wimmelspiele
2013-12-30 16:06 - 2012-04-14 12:05 - 00000000 ____D C:\Users\Cyberhexe\AppData\Roaming\Winamp
2013-12-23 14:18 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-12-21 13:23 - 2013-08-16 16:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2013-12-20 17:55 - 2013-05-08 19:52 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-20 17:55 - 2013-04-14 12:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-15 20:29 - 2013-08-14 18:57 - 00000000 ____D C:\Windows\system32\MRT
2013-12-13 18:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 16:51 - 2013-08-30 18:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2013-12-13 16:22 - 2009-07-14 05:45 - 00275856 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-08 15:57 - 2013-12-08 15:57 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTOR
2013-12-08 15:55 - 2013-12-08 15:55 - 00001064 _____ C:\Users\Cyberhexe\Desktop\Star Wars.lnk
2013-12-08 15:55 - 2013-12-08 15:55 - 00000000 ____D C:\Users\Cyberhexe\AppData\Local\SWTORPerf

Some content of TEMP:
====================
C:\Users\Cyberhexe\AppData\Local\Temp\11-12_vista64_win7_64_dd_ccc_ocl.exe
C:\Users\Cyberhexe\AppData\Local\Temp\avgnt.exe
C:\Users\Cyberhexe\AppData\Local\Temp\CheckLang.dll
C:\Users\Cyberhexe\AppData\Local\Temp\CtRunApp.dll
C:\Users\Cyberhexe\AppData\Local\Temp\devcon.exe
C:\Users\Cyberhexe\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Cyberhexe\AppData\Local\Temp\Gw2.exe
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2208147.dll
C:\Users\Cyberhexe\AppData\Local\Temp\installerdll2218739.dll
C:\Users\Cyberhexe\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Cyberhexe\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Cyberhexe\AppData\Local\Temp\nvStInst.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Quarantine.exe
C:\Users\Cyberhexe\AppData\Local\Temp\rootsupd.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Setup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Cyberhexe\AppData\Local\Temp\SHSetup.exe
C:\Users\Cyberhexe\AppData\Local\Temp\Uninstaller-828.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Cyberhexe\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Cyberhexe\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-02 15:16

==================== End Of Log ============================
         
--- --- ---



Bis jetzt scheint alles ruhig zu sein Die komischen Meldungen erscheinen auf jeden fall net mehr

Danke nochmal für deine Hilfe!


Alt 08.01.2014, 08:34   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
--> Veralteter Browser erkannt /Java /Flashplayer

Alt 08.01.2014, 14:23   #7
Nergalia
 
Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



Nochmal ein riesen Dankeschön an Dich!

Bisher hab ich keine Probleme mehr mit dem/den Browser/n!

Die Log-Datei hat das Programm gelöscht *g* aber dazu gesagt, hab ich das Anti-Maleware Programm vorher schon deinstalliert gehabt.

Also nochmal ein riesen Dankeschön

Alt 09.01.2014, 11:00   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Veralteter Browser erkannt /Java /Flashplayer - Standard

Veralteter Browser erkannt /Java /Flashplayer



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Veralteter Browser erkannt /Java /Flashplayer
antivirus, avira, browser, computer, desktop, einstellungen, error, firefox, flash player, help, helper, home, homepage, popup, problem, programm, registry, rundll, scan, security, services.exe, software, super, svchost.exe, usb, vcredist, veralteter browser, vista, white




Ähnliche Themen: Veralteter Browser erkannt /Java /Flashplayer


  1. Java wird nicht erkannt
    Alles rund um Windows - 09.02.2015 (11)
  2. Flashplayer wird von IE11 nicht erkannt
    Alles rund um Windows - 03.02.2015 (48)
  3. Java oder Flashplayer Virus - Win32 iBryte - savinshop\8JTwbcaP6xPjVE.exe
    Log-Analyse und Auswertung - 21.11.2014 (5)
  4. Veralteter Browser / Flashplayer / Java
    Plagegeister aller Art und deren Bekämpfung - 01.11.2014 (1)
  5. Problem: Java / Flashplayer Update Virus?
    Log-Analyse und Auswertung - 01.11.2014 (11)
  6. Windows 8.1 : Webseiten werden im IE auf Werbung umgeleitet, es sei ein veralteter Browser erkannt, obwohl aktuell
    Mülltonne - 26.10.2014 (0)
  7. Win7, Firefox, Weiterleitung zu mysteriösen Java; FlashPlayer und MediaPlayer updates
    Plagegeister aller Art und deren Bekämpfung - 29.06.2014 (8)
  8. Nach "falschem" Java- / Flashplayer-Update ist der PC infiziert
    Log-Analyse und Auswertung - 24.06.2014 (11)
  9. [WIN7] Fake Flashplayer/Java Redirect auf fertig geladenen Seiten
    Log-Analyse und Auswertung - 03.06.2014 (13)
  10. " Veralteter Browser erkannt " / Taskleiste weg
    Plagegeister aller Art und deren Bekämpfung - 01.02.2014 (21)
  11. Veralteter Browser Erkannt - in Firefox
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (9)
  12. Veralteter Browser erkannt: http://www.updating-your-browser.com/Firefox-DE/
    Plagegeister aller Art und deren Bekämpfung - 08.01.2014 (9)
  13. Veralteter Browser Erkannt: http://www.browse-update.net/Firefox-DE/
    Plagegeister aller Art und deren Bekämpfung - 04.01.2014 (14)
  14. Windows 7: Webseiten werden auf Werbung umgeleitet, veralteter Browser erkannt obwohl aktuell wie auch flashplayer, spybot search mit Virus
    Log-Analyse und Auswertung - 11.12.2013 (16)
  15. Bitte um Hilfe - Browser Spam/Pop Ups + Forum gehackt + Browserabstürtze + Java Script und Flashplayer-Probleme
    Log-Analyse und Auswertung - 19.10.2013 (21)
  16. Werde immer auf FlashPlayer und JAVA-Update Seite geleitet
    Plagegeister aller Art und deren Bekämpfung - 29.07.2013 (17)
  17. TR/Dldr.Java.Agent und JAVA/Agent.F.1 allerdings nur von antivir erkannt
    Plagegeister aller Art und deren Bekämpfung - 06.06.2010 (8)

Zum Thema Veralteter Browser erkannt /Java /Flashplayer - Hallo und zwar habe ich seit ein paar Tagen das Problem das in meinem Firefox nach einiger Zeit ein neuer TAB aufgeht mit einem Popup wo unterschiedliche Sachen drin stehen. - Veralteter Browser erkannt /Java /Flashplayer...
Archiv
Du betrachtest: Veralteter Browser erkannt /Java /Flashplayer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.