Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: JS/Kromtracker Viren u.a.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.01.2014, 20:13   #1
Grinsbart
 
JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Hallo! Heute wollte ich mir das Animationprogramm Pivot downloaden und habe versehentlich bei der Installation unerwünschtes Zeugs installiert. Habe dann erst mal AdwCleaner durchlaufen gelassen. Jetzt hat mein Antivirenprogramm Avira allerdings Viren gefunden. Habe im abgesicherten Windowsmodus einen Scan gemacht. Der Scan ergab 5 Funde. Anschließend kam, die Meldung, dass allerdings nur 3 in die Quarantäne verschoben wurden. Habe danach erneut einen Scan durchgeführt und dieser ergab dann keine Funde.

Hier mal die Logs:

Erster Scan:

Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 20. Januar 2014  17:15


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 8
Windowsversion : (plain)  [6.2.9200]
Boot Modus     : Abgesicherter Modus
Benutzername   : Valiäöü
Computername   : LAPPI

Versionsinformationen:
BUILD.DAT      : 14.0.2.286     55547 Bytes  09.12.2013 11:37:00
AVSCAN.EXE     : 14.0.2.254   1032760 Bytes  17.12.2013 14:51:47
AVSCANRC.DLL   : 14.0.2.180     62008 Bytes  17.12.2013 14:52:43
LUKE.DLL       : 14.0.2.234     65592 Bytes  17.12.2013 14:53:12
AVSCPLR.DLL    : 14.0.2.254    124472 Bytes  17.12.2013 14:52:44
AVREG.DLL      : 14.0.2.212    250424 Bytes  17.12.2013 14:51:46
avlode.dll     : 14.0.2.254    540216 Bytes  17.12.2013 14:51:44
avlode.rdf     : 13.0.1.66      56973 Bytes  15.01.2014 16:24:22
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 23:03:03
VBASE001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 23:03:08
VBASE002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 23:03:14
VBASE003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 23:03:19
VBASE004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 23:03:27
VBASE005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 23:03:42
VBASE006.VDF   : 7.11.103.230  2293248 Bytes  24.09.2013 13:44:14
VBASE007.VDF   : 7.11.116.38  5485568 Bytes  28.11.2013 17:16:18
VBASE008.VDF   : 7.11.120.140  1154560 Bytes  19.12.2013 19:29:02
VBASE009.VDF   : 7.11.120.141     2048 Bytes  19.12.2013 19:29:02
VBASE010.VDF   : 7.11.120.142     2048 Bytes  19.12.2013 19:29:02
VBASE011.VDF   : 7.11.120.143     2048 Bytes  19.12.2013 19:29:02
VBASE012.VDF   : 7.11.120.144     2048 Bytes  19.12.2013 19:29:02
VBASE013.VDF   : 7.11.120.145     2048 Bytes  19.12.2013 19:29:02
VBASE014.VDF   : 7.11.121.19   126976 Bytes  21.12.2013 16:14:33
VBASE015.VDF   : 7.11.121.147   122880 Bytes  24.12.2013 08:50:08
VBASE016.VDF   : 7.11.121.233   115712 Bytes  25.12.2013 19:18:43
VBASE017.VDF   : 7.11.122.57   325120 Bytes  27.12.2013 09:37:27
VBASE018.VDF   : 7.11.122.123   199680 Bytes  28.12.2013 17:27:39
VBASE019.VDF   : 7.11.122.219   368640 Bytes  01.01.2014 11:50:03
VBASE020.VDF   : 7.11.123.39   182272 Bytes  03.01.2014 11:38:11
VBASE021.VDF   : 7.11.123.141   124416 Bytes  05.01.2014 18:26:06
VBASE022.VDF   : 7.11.124.11   172032 Bytes  08.01.2014 15:52:31
VBASE023.VDF   : 7.11.124.79   144896 Bytes  09.01.2014 16:04:05
VBASE024.VDF   : 7.11.124.177   178176 Bytes  11.01.2014 10:24:37
VBASE025.VDF   : 7.11.125.41   319488 Bytes  14.01.2014 16:24:21
VBASE026.VDF   : 7.11.125.149   260096 Bytes  17.01.2014 12:30:07
VBASE027.VDF   : 7.11.125.207   190976 Bytes  20.01.2014 15:35:40
VBASE028.VDF   : 7.11.125.208     2048 Bytes  20.01.2014 15:35:40
VBASE029.VDF   : 7.11.125.209     2048 Bytes  20.01.2014 15:35:40
VBASE030.VDF   : 7.11.125.210     2048 Bytes  20.01.2014 15:35:40
VBASE031.VDF   : 7.11.125.224    87040 Bytes  20.01.2014 15:35:41
Engineversion  : 8.2.12.174
AEVDF.DLL      : 8.1.3.4       102774 Bytes  12.09.2013 23:03:59
AESCRIPT.DLL   : 8.1.4.180     520574 Bytes  16.01.2014 15:43:14
AESCN.DLL      : 8.1.10.6      131447 Bytes  11.12.2013 17:17:04
AESBX.DLL      : 8.2.20.6     1331575 Bytes  13.01.2014 16:08:39
AERDL.DLL      : 8.2.0.138     704888 Bytes  11.12.2013 17:17:03
AEPACK.DLL     : 8.3.3.8       762232 Bytes  19.12.2013 19:29:11
AEOFFICE.DLL   : 8.1.2.76      205181 Bytes  12.09.2013 23:03:56
AEHEUR.DLL     : 8.1.4.870    6459770 Bytes  16.01.2014 15:43:13
AEHELP.DLL     : 8.1.27.10     266618 Bytes  22.11.2013 14:04:34
AEGEN.DLL      : 8.1.7.22      446839 Bytes  15.01.2014 16:24:22
AEEXP.DLL      : 8.4.1.164     409976 Bytes  09.01.2014 16:04:19
AEEMU.DLL      : 8.1.3.2       393587 Bytes  12.09.2013 23:03:49
AECORE.DLL     : 8.1.33.0      225657 Bytes  11.12.2013 17:16:33
AEBB.DLL       : 8.1.1.4        53619 Bytes  12.09.2013 23:03:48
AVWINLL.DLL    : 14.0.2.180     23608 Bytes  17.12.2013 14:50:44
AVPREF.DLL     : 14.0.2.180     48696 Bytes  17.12.2013 14:51:46
AVREP.DLL      : 14.0.2.180    175672 Bytes  17.12.2013 14:51:46
AVARKT.DLL     : 14.0.2.254    256056 Bytes  17.12.2013 14:51:18
AVEVTLOG.DLL   : 14.0.2.180    165944 Bytes  17.12.2013 14:51:35
SQLITE3.DLL    : 3.7.0.1       394824 Bytes  12.09.2013 23:05:06
AVSMTP.DLL     : 14.0.2.180     60472 Bytes  17.12.2013 14:52:46
NETNT.DLL      : 14.0.2.180     13368 Bytes  17.12.2013 14:53:13
RCIMAGE.DLL    : 14.0.2.180   4786744 Bytes  17.12.2013 14:50:44
RCTEXT.DLL     : 14.0.2.270     73272 Bytes  17.12.2013 14:50:44

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Montag, 20. Januar 2014  17:15

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '137' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'helppane.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '49' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1946' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <OS_Install>
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx
    [0] Archivtyp: ZIP
    --> background.js
        [FUND]      Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.A
        [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
    --> content.js
        [FUND]      Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
        [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\644XJ1I1\Setup[1].exe
    [0] Archivtyp: NSIS
    --> ProgramFilesDir/hphehadppenpmajgnkjdcopcfijjegaf.crx
        [1] Archivtyp: ZIP
      --> background.js
          [FUND]      Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.A
          [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
      --> content.js
          [FUND]      Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
          [WARNUNG]   Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYGJB4K5\adsapi_3_0_99[1].swf
  [FUND]      Enthält den SWF-Virus SWF/Dldr.AdSechost.A
Beginne mit der Suche in 'D:\' <Data>

Beginne mit der Desinfektion:
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XYGJB4K5\adsapi_3_0_99[1].swf
  [FUND]      Enthält den SWF-Virus SWF/Dldr.AdSechost.A
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5d83c1ca.qua' verschoben!
C:\Users\Valiäöü\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\644XJ1I1\Setup[1].exe
  [FUND]      Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4515ee6e.qua' verschoben!
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx
  [FUND]      Enthält Erkennungsmuster des Java-Scriptvirus JS/KromTracker.B
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '175eb471.qua' verschoben!


Ende des Suchlaufs: Montag, 20. Januar 2014  18:42
Benötigte Zeit:  1:25:34 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  78300 Verzeichnisse wurden überprüft
 1238627 Dateien wurden geprüft
      5 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      3 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 1238622 Dateien ohne Befall
   7883 Archive wurden durchsucht
      4 Warnungen
      3 Hinweise
         
Und hier der 2. Scan:



Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 20. Januar 2014  18:46


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 8
Windowsversion : (plain)  [6.2.9200]
Boot Modus     : Abgesicherter Modus
Benutzername   : Valiäöü
Computername   : LAPPI

Versionsinformationen:
BUILD.DAT      : 14.0.2.286     55547 Bytes  09.12.2013 11:37:00
AVSCAN.EXE     : 14.0.2.254   1032760 Bytes  17.12.2013 14:51:47
AVSCANRC.DLL   : 14.0.2.180     62008 Bytes  17.12.2013 14:52:43
LUKE.DLL       : 14.0.2.234     65592 Bytes  17.12.2013 14:53:12
AVSCPLR.DLL    : 14.0.2.254    124472 Bytes  17.12.2013 14:52:44
AVREG.DLL      : 14.0.2.212    250424 Bytes  17.12.2013 14:51:46
avlode.dll     : 14.0.2.254    540216 Bytes  17.12.2013 14:51:44
avlode.rdf     : 13.0.1.66      56973 Bytes  15.01.2014 16:24:22
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 23:03:03
VBASE001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 23:03:08
VBASE002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 23:03:14
VBASE003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 23:03:19
VBASE004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 23:03:27
VBASE005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 23:03:42
VBASE006.VDF   : 7.11.103.230  2293248 Bytes  24.09.2013 13:44:14
VBASE007.VDF   : 7.11.116.38  5485568 Bytes  28.11.2013 17:16:18
VBASE008.VDF   : 7.11.120.140  1154560 Bytes  19.12.2013 19:29:02
VBASE009.VDF   : 7.11.120.141     2048 Bytes  19.12.2013 19:29:02
VBASE010.VDF   : 7.11.120.142     2048 Bytes  19.12.2013 19:29:02
VBASE011.VDF   : 7.11.120.143     2048 Bytes  19.12.2013 19:29:02
VBASE012.VDF   : 7.11.120.144     2048 Bytes  19.12.2013 19:29:02
VBASE013.VDF   : 7.11.120.145     2048 Bytes  19.12.2013 19:29:02
VBASE014.VDF   : 7.11.121.19   126976 Bytes  21.12.2013 16:14:33
VBASE015.VDF   : 7.11.121.147   122880 Bytes  24.12.2013 08:50:08
VBASE016.VDF   : 7.11.121.233   115712 Bytes  25.12.2013 19:18:43
VBASE017.VDF   : 7.11.122.57   325120 Bytes  27.12.2013 09:37:27
VBASE018.VDF   : 7.11.122.123   199680 Bytes  28.12.2013 17:27:39
VBASE019.VDF   : 7.11.122.219   368640 Bytes  01.01.2014 11:50:03
VBASE020.VDF   : 7.11.123.39   182272 Bytes  03.01.2014 11:38:11
VBASE021.VDF   : 7.11.123.141   124416 Bytes  05.01.2014 18:26:06
VBASE022.VDF   : 7.11.124.11   172032 Bytes  08.01.2014 15:52:31
VBASE023.VDF   : 7.11.124.79   144896 Bytes  09.01.2014 16:04:05
VBASE024.VDF   : 7.11.124.177   178176 Bytes  11.01.2014 10:24:37
VBASE025.VDF   : 7.11.125.41   319488 Bytes  14.01.2014 16:24:21
VBASE026.VDF   : 7.11.125.149   260096 Bytes  17.01.2014 12:30:07
VBASE027.VDF   : 7.11.125.207   190976 Bytes  20.01.2014 15:35:40
VBASE028.VDF   : 7.11.125.208     2048 Bytes  20.01.2014 15:35:40
VBASE029.VDF   : 7.11.125.209     2048 Bytes  20.01.2014 15:35:40
VBASE030.VDF   : 7.11.125.210     2048 Bytes  20.01.2014 15:35:40
VBASE031.VDF   : 7.11.125.224    87040 Bytes  20.01.2014 15:35:41
Engineversion  : 8.2.12.174
AEVDF.DLL      : 8.1.3.4       102774 Bytes  12.09.2013 23:03:59
AESCRIPT.DLL   : 8.1.4.180     520574 Bytes  16.01.2014 15:43:14
AESCN.DLL      : 8.1.10.6      131447 Bytes  11.12.2013 17:17:04
AESBX.DLL      : 8.2.20.6     1331575 Bytes  13.01.2014 16:08:39
AERDL.DLL      : 8.2.0.138     704888 Bytes  11.12.2013 17:17:03
AEPACK.DLL     : 8.3.3.8       762232 Bytes  19.12.2013 19:29:11
AEOFFICE.DLL   : 8.1.2.76      205181 Bytes  12.09.2013 23:03:56
AEHEUR.DLL     : 8.1.4.870    6459770 Bytes  16.01.2014 15:43:13
AEHELP.DLL     : 8.1.27.10     266618 Bytes  22.11.2013 14:04:34
AEGEN.DLL      : 8.1.7.22      446839 Bytes  15.01.2014 16:24:22
AEEXP.DLL      : 8.4.1.164     409976 Bytes  09.01.2014 16:04:19
AEEMU.DLL      : 8.1.3.2       393587 Bytes  12.09.2013 23:03:49
AECORE.DLL     : 8.1.33.0      225657 Bytes  11.12.2013 17:16:33
AEBB.DLL       : 8.1.1.4        53619 Bytes  12.09.2013 23:03:48
AVWINLL.DLL    : 14.0.2.180     23608 Bytes  17.12.2013 14:50:44
AVPREF.DLL     : 14.0.2.180     48696 Bytes  17.12.2013 14:51:46
AVREP.DLL      : 14.0.2.180    175672 Bytes  17.12.2013 14:51:46
AVARKT.DLL     : 14.0.2.254    256056 Bytes  17.12.2013 14:51:18
AVEVTLOG.DLL   : 14.0.2.180    165944 Bytes  17.12.2013 14:51:35
SQLITE3.DLL    : 3.7.0.1       394824 Bytes  12.09.2013 23:05:06
AVSMTP.DLL     : 14.0.2.180     60472 Bytes  17.12.2013 14:52:46
NETNT.DLL      : 14.0.2.180     13368 Bytes  17.12.2013 14:53:13
RCIMAGE.DLL    : 14.0.2.180   4786744 Bytes  17.12.2013 14:50:44
RCTEXT.DLL     : 14.0.2.270     73272 Bytes  17.12.2013 14:50:44

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Montag, 20. Januar 2014  18:46

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '19' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '177' Modul(e) wurden durchsucht
Durchsuche Prozess 'ctfmon.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'helppane.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '51' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1946' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <OS_Install>
Beginne mit der Suche in 'D:\' <Data>


Ende des Suchlaufs: Montag, 20. Januar 2014  19:52
Benötigte Zeit:  1:06:00 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

  78299 Verzeichnisse wurden überprüft
 1238622 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 1238622 Dateien ohne Befall
   7877 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise
         
Sind die Viren jetzt alle weg? Kann ich sichergehen, dass meinem PC nichts passiert?

Würde mich über Hilfe sehr freuen!

Gruß Grinsbart

Alt 20.01.2014, 21:21   #2
schrauber
/// the machine
/// TB-Ausbilder
 

JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 20.01.2014, 21:40   #3
Grinsbart
 
JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Danke erstmal für die schnelle Hilfe!

Hier die Logs :


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by Valiäöü (administrator) on LAPPI on 20-01-2014 21:38:08
Running from C:\Users\Public\Documents
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
() C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRE.EXE
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [EPSONCEF5A2 (Epson Stylus Office BX305 Plus)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = 
BHO-x32: Jump Flip - {6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} - C:\Program Files (x86)\Jump Flip\JumpFlipbho.dll (Jump Flip)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-13]
CHR Extension: (Google Drive) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-13]
CHR Extension: (YouTube) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-13]
CHR Extension: (Google-Suche) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-13]
CHR Extension: (Google Wallet) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2013-09-13]

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
U2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.)
U2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI)
U2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
U3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
U2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
U2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
U2 Update Jump Flip; C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe [97056 2014-01-16] ()
U2 Util Jump Flip; C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe [97056 2014-01-20] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
U2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
U3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
U3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation                           )
U0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
U0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-20 21:38 - 2014-01-20 21:38 - 00016646 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:54 - 2014-01-20 20:23 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:54 - 2014-01-20 19:56 - 00000000 ____D C:\AdwCleaner
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 19:58 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:44 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-20 16:42 - 2014-01-20 16:42 - 01765888 _____ C:\Users\Public\Documents\Pivot_hrdc_ns.exe
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:39 - 2014-01-19 19:40 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 17:32 - 2014-01-19 19:33 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 16:07 - 2014-01-19 19:17 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-15 18:44 - 2014-01-15 18:44 - 00336936 _____ (Amônétízé Ltd) C:\Users\Valiäöü\Downloads\FlashPlayersetup__3873_i266056225_il3.exe
2014-01-15 17:31 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 17:31 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 17:31 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 17:31 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 17:31 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 17:31 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 17:31 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 17:31 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 17:31 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-12 12:50 - 2009-09-30 18:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBHRE.DLL
2014-01-12 12:50 - 2008-11-11 18:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHRE.DLL
2014-01-12 12:50 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-27 15:35 - 2013-12-27 15:38 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 16:50 - 2013-12-25 16:53 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 18:37 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER                                                 ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:23 - 2013-12-25 16:25 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 15:49 - 2013-12-25 15:58 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:36 - 2013-12-25 15:47 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:16 - 2013-12-25 15:28 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:55 - 2014-01-19 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:52 - 2014-01-19 20:55 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2013-12-25 14:51 - 2013-12-25 16:20 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2014-01-19 20:56 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-02-22 19:12 - 00002110 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-25 14:49 - 2013-12-25 15:05 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:49 - 2013-09-26 21:04 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 14:49 - 2013-09-16 22:03 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:23 - 2013-12-24 21:47 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:21 - 2013-12-24 21:22 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 12:29 - 2014-01-19 13:20 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt

==================== One Month Modified Files and Folders =======

2014-01-20 21:38 - 2014-01-20 21:38 - 00016646 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 21:31 - 2013-09-12 05:51 - 02091182 _____ C:\Windows\WindowsUpdate.log
2014-01-20 21:27 - 2013-09-12 23:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1002
2014-01-20 21:26 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\VirtualStore
2014-01-20 21:24 - 2013-09-13 00:09 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-20 21:23 - 2013-11-12 20:46 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Windows Live
2014-01-20 21:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-20 20:47 - 2013-09-25 15:31 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CrashDumps
2014-01-20 20:46 - 2013-09-26 18:00 - 00000000 ____D C:\Users\Valiäöü\Documents\FIFA 14
2014-01-20 20:42 - 2013-09-25 15:37 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-20 20:23 - 2014-01-20 18:54 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 20:01 - 2013-09-12 05:53 - 00039382 _____ C:\Users\Valiäöü\AppData\Local\BTServer.log
2014-01-20 19:58 - 2014-01-20 16:45 - 00000000 ____D C:\Program Files (x86)\Jump Flip
2014-01-20 19:58 - 2013-04-28 00:49 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-20 19:57 - 2013-09-13 00:09 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-20 19:57 - 2013-04-28 00:51 - 00000000 ____D C:\ProgramData\Realtek
2014-01-20 19:57 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-20 19:56 - 2014-01-20 16:54 - 00000000 ____D C:\AdwCleaner
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:45 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-20 16:42 - 2014-01-20 16:42 - 01765888 _____ C:\Users\Public\Documents\Pivot_hrdc_ns.exe
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 21:46 - 2013-09-13 03:01 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Skype
2014-01-19 20:56 - 2013-12-25 14:50 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2014-01-19 20:55 - 2013-12-25 14:52 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:40 - 2014-01-19 19:39 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:33 - 2014-01-19 17:32 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 19:17 - 2014-01-19 16:07 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 18:30 - 2013-12-25 14:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2014-01-19 17:38 - 2013-10-05 20:48 - 00131072 ___SH C:\Users\Valiäöü\Downloads\Thumbs.db
2014-01-19 17:32 - 2013-09-13 03:01 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:32 - 2013-09-13 03:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 13:20 - 2013-12-23 12:29 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
2014-01-18 22:46 - 2013-09-18 20:52 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Spotify
2014-01-18 18:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-18 14:26 - 2013-09-13 00:11 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 13:29 - 2013-02-22 09:34 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-18 13:29 - 2013-02-22 09:34 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-18 13:29 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 21:54 - 2013-09-13 00:21 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\PMB Files
2014-01-16 17:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-15 22:12 - 2013-09-13 00:21 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 18:44 - 2014-01-15 18:44 - 00336936 _____ (Amônétízé Ltd) C:\Users\Valiäöü\Downloads\FlashPlayersetup__3873_i266056225_il3.exe
2014-01-15 18:08 - 2013-09-18 20:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Spotify
2014-01-15 17:54 - 2013-09-15 19:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:52 - 2013-09-15 19:32 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 21:13 - 2013-10-16 18:57 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Audacity
2014-01-12 21:13 - 2013-09-13 00:56 - 00000000 ____D C:\Users\Valiäöü\Desktop\Neuer Ordner
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 16:24 - 2013-12-15 12:14 - 00072704 ___SH C:\Users\Valiäöü\Documents\Thumbs.db
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-09 09:02 - 2013-12-12 16:57 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-12 16:57 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:00 - 2013-11-16 16:13 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Battle.net
2014-01-08 20:44 - 2013-11-05 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 18:09 - 2013-09-22 12:13 - 00000000 ____D C:\Users\Valiäöü\.gimp-2.8
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-08 18:05 - 2013-09-22 12:15 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\gtk-2.0
2014-01-08 17:10 - 2013-11-16 16:21 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-07 20:36 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-04 17:43 - 2013-09-25 15:41 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-04 14:25 - 2013-09-13 01:08 - 00000000 ____D C:\Users\Valiäöü\Desktop\ProtzischesRPGInventar
2014-01-04 13:42 - 2012-07-26 08:21 - 00040377 _____ C:\Windows\setupact.log
2014-01-03 21:16 - 2013-09-18 20:03 - 00000000 ____D C:\Program Files (x86)\DevPro
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-31 13:59 - 2013-12-18 20:59 - 00000000 ____D C:\Users\Valiäöü\Documents\TrackMania
2013-12-31 13:51 - 2013-12-18 20:59 - 00000000 ____D C:\ProgramData\TrackMania
2013-12-27 15:38 - 2013-12-27 15:35 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 18:37 - 2013-12-25 16:48 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:53 - 2013-12-25 16:50 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER                                                 ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:25 - 2013-12-25 16:23 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 16:20 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 15:58 - 2013-12-25 15:49 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:47 - 2013-12-25 15:36 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:28 - 2013-12-25 15:16 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 15:05 - 2013-12-25 14:49 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-09-12 05:55 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:47 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:22 - 2013-12-24 21:21 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 20:54 - 2013-11-18 21:17 - 00000000 ____D C:\Users\Valiäöü\Desktop\KEEPCALM

Some content of TEMP:
====================
C:\Users\FIFA Offline\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\devpro.dll
C:\Users\Valiäöü\AppData\Local\Temp\DevPro.exe
C:\Users\Valiäöü\AppData\Local\Temp\DownloadManager.exe
C:\Users\Valiäöü\AppData\Local\Temp\htmlayout.dll
C:\Users\Valiäöü\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Valiäöü\AppData\Local\Temp\project1.exe
C:\Users\Valiäöü\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Valiäöü\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138630187.exe
C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138703140.exe
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138815593.exe
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138819890.exe
C:\Users\Valiäöü\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-18 14:49

==================== End Of Log ============================
         
--- --- ---











Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 04
Ran by Valiäöü at 2014-01-20 21:38:49
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
AruaROSE v893 (x32 Version: 893 - )
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battery Calibration (x32 Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (x32 Version:  - Blizzard Entertainment)
BlueStacks App Player (x32 Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (x32 Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Castle Crashers (x32 Version:  - The Behemoth)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (x32 Version:  - )
Creation Master 14.1 (x32 Version:  - FIFA MASTER)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DartPro 2.9.0.0 (x32 Version:  - RuSyS)
EPSON BX305 Plus Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Free M4a to MP3 Converter 8.0 (x32 Version:  - ManiacTools.com)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version:  - Blizzard Entertainment)
HyperCam 2 (x32 Version: 2.28.01 - Hyperionics Technology LLC)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jump Flip (Version: 2014.01.16.002256 - Jump Flip) <==== ATTENTION
KB9X Radio Switch Driver (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Lazarus 1.0.12 (Version: 1.0.12 - Lazarus Team)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Remind Manager (x32 Version: 2.12.1003 - MSI)
MSI Social Media Collection (x32 Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Anti-Theft (x32 Version: 1.10.0.9 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pokemon Online 2.3.2 (x32 Version:  - Dreambelievers)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - )
Roll (x32 Version:  - )
SCM (Version: 13.013.04234 - Application)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster Cinema (x32 Version: 1.00.01 - Creative Technology Limited)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.017 - MSI)
TrackMania Nations ESWC 1.7.9 (x32 Version:  - Nadeo)
TrackMania Nations Forever (x32 Version:  - Nadeo)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Vokabel Trainer 5 (x32 Version:  - Manuel Wäschle)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
XSplit Broadcaster (x32 Version: 1.3.1309.1602 - SplitMediaLabs)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

14-01-2014 19:15:11 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0712A20A-E1DF-4B2D-8C6D-C216E6B8C03F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {098E7BEA-23E9-4277-AD91-7BC15F3B6C79} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3003F08D-CD3D-40D6-958B-6E45B8374FAB} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {503EBE27-D462-4FF9-98EA-D3C73E3AD2E2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5B165D58-39AF-4565-937B-31E0514D6631} - \Advanced System Protector No Task File
Task: {6FB1BFF5-DE4B-4847-A257-DFF94BAFB991} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {71AF0919-21AF-4CC1-9630-1AB0ADD2C3A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {74D01EBA-913D-457C-B836-64C7426959A2} - \RegClean Pro No Task File
Task: {8FF40BF9-ECC7-4A03-B683-A97B278CEE28} - System32\Tasks\{1C87B510-71F4-4B03-8345-C620F11E8915} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {9480CA09-2CC2-4215-8A4B-9455965D8F62} - \RegClean Pro_UPDATES No Task File
Task: {A15D2791-E443-4E09-A3AC-F53CA4B1AA98} - \RegClean Pro_DEFAULT No Task File
Task: {A62EE018-AD91-4912-9457-41A25DDA5F45} - \Advanced System Protector_startup No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8BDB1EA-27F5-4F42-89BE-0ABB20788B63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {CABDCEAD-6014-4C10-B33D-19EC237C4007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5E2B5DB-6BDC-4F10-ACF5-6695E2AC6600} - \Express FilesUpdate No Task File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-28 01:02 - 2012-11-01 19:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2013-09-13 00:07 - 2013-09-13 00:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-07-26 00:29 - 2012-07-26 04:06 - 00924672 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2012-07-26 00:26 - 2012-07-26 04:06 - 00720384 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2014-01-18 14:26 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
2013-04-28 00:44 - 2013-03-12 21:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 19:57 - 2012-06-14 19:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-16 04:15 - 2011-08-16 04:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 00:41 - 2011-08-18 00:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 19:56 - 2012-06-14 19:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 20:06 - 2012-06-14 20:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 19:55 - 2012-06-14 19:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2013-09-25 15:39 - 2013-11-28 21:24 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info =========================== 

Percentage of memory in use: 39%
Total physical RAM: 8111.66 MB
Available physical RAM: 4896.82 MB
Total Pagefile: 13487.66 MB
Available Pagefile: 9495.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:469.36 GB) (Free:323.38 GB) NTFS
Drive d: (Data) (Fixed) (Total:209.58 GB) (Free:98.81 GB) NTFS
Drive e: (RCTYCOON) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4CC0E3F6)

Partition: GPT Partition Type
==================== End Of Log ============================
         


Dankeschön!
__________________

Alt 21.01.2014, 12:01   #4
schrauber
/// the machine
/// TB-Ausbilder
 

JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.01.2014, 16:45   #5
Grinsbart
 
JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Hallo! Hier die Logs :

Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.21.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Valiäöü :: LAPPI [Administrator]

Schutz: Aktiviert

21.01.2014 16:08:05
mbam-log-2014-01-21 (16-08-05).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 272952
Laufzeit: 4 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 2
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 2364 -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> 1964 -> Löschen bei Neustart.

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 8
HKCR\CLSID\{6db9fdfe-b718-4962-be0c-0a5fce7f7f7b} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{f325945d-dafe-4312-95d8-1913aeb1d810} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{4318395F-DFF1-48AF-B5F0-958E93D16D56} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DB9FDFE-B718-4962-BE0C-0A5FCE7F7F7B} (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Update Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\Util Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\Software\Jump Flip (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Program Files (x86)\Jump Flip (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin\plugins (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 21
C:\Program Files (x86)\Jump Flip\JumpFlipBHO.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\AppData\Local\Temp\DownloadManager.exe (PUP.Optional.Smart) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138630187.exe (PUP.Optional.Smart) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\AppData\Local\Temp\toolbar2138703140.exe (PUP.Optional.Smart) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138815593.exe (PUP.Optional.ExpressFiles.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\AppData\Local\Temp\is616603462\184721341_stp\JumpFlipSetup.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Public\Documents\Pivot_hrdc_ns.exe (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\Downloads\FlashPlayersetup__3873_i266056225_il3.exe (PUP.Optional.InstallMonetizer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Valiäöü\Downloads\SoftonicDownloader_fuer_trackmania-nations.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\JumpFlip.ico (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\JumpFlipUninstall.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\sqlite3.exe (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\updateJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\sqlite3.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.exe (PUP.Optional.JumpFlip.A) -> Löschen bei Neustart.
C:\Program Files (x86)\Jump Flip\bin\utilJumpFlip.InstallState (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.FFUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.GCUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Jump Flip\bin\plugins\JumpFlip.IEUpdate.dll (PUP.Optional.JumpFlip.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

AdwCleaner:


Code:
ATTFilter
# AdwCleaner v3.017 - Bericht erstellt am 21/01/2014 um 16:27:22
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Valiäöü - LAPPI
# Gestartet von : C:\Users\Public\Documents\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v32.0.1700.76

[ Datei : C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\FIFA Offline\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [968 octets] - [20/01/2014 16:55:01]
AdwCleaner[R1].txt - [1088 octets] - [20/01/2014 17:00:51]
AdwCleaner[R2].txt - [1148 octets] - [20/01/2014 18:44:25]
AdwCleaner[R3].txt - [1209 octets] - [20/01/2014 19:55:55]
AdwCleaner[R4].txt - [1259 octets] - [21/01/2014 16:26:35]
AdwCleaner[S0].txt - [1028 octets] - [20/01/2014 16:56:04]
AdwCleaner[S1].txt - [1180 octets] - [21/01/2014 16:27:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1240 octets] ##########
         


JunkwareRemovalTool:


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 8 x64
Ran by Vali„” on 21.01.2014 at 16:36:49,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\caphyon



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.2014 at 16:38:51,62
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST:



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Valiäöü (administrator) on LAPPI on 21-01-2014 16:42:16
Running from C:\Users\Public\Documents
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRE.EXE
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Public\Documents\FRST64 (1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [EPSONCEF5A2 (Epson Stylus Office BX305 Plus)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-13]
CHR Extension: (Google Drive) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-13]
CHR Extension: (YouTube) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-13]
CHR Extension: (Google-Suche) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-13]
CHR Extension: (Google Wallet) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2013-09-13]

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
U2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.)
U2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI)
U2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
U3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
U2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
U2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
U2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
U3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation                           )
U0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
U0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:40 - 2014-01-21 16:41 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64 (1).exe
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-20 21:38 - 2014-01-21 16:42 - 00016963 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:38 - 2014-01-20 21:39 - 00021882 _____ C:\Users\Public\Documents\Addition.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:54 - 2014-01-20 20:23 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:54 - 2014-01-21 16:27 - 00000000 ____D C:\AdwCleaner
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:44 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:39 - 2014-01-19 19:40 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 17:32 - 2014-01-19 19:33 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 16:07 - 2014-01-19 19:17 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-15 17:31 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 17:31 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 17:31 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 17:31 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 17:31 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 17:31 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 17:31 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 17:31 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 17:31 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-12 12:50 - 2009-09-30 18:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBHRE.DLL
2014-01-12 12:50 - 2008-11-11 18:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHRE.DLL
2014-01-12 12:50 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-27 15:35 - 2013-12-27 15:38 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 16:50 - 2013-12-25 16:53 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 18:37 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER                                                 ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:23 - 2013-12-25 16:25 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 15:49 - 2013-12-25 15:58 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:36 - 2013-12-25 15:47 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:16 - 2013-12-25 15:28 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:55 - 2014-01-19 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:52 - 2014-01-19 20:55 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2013-12-25 14:51 - 2013-12-25 16:20 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2014-01-19 20:56 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-02-22 19:12 - 00002110 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-25 14:49 - 2013-12-25 15:05 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:49 - 2013-09-26 21:04 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 14:49 - 2013-09-16 22:03 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:23 - 2013-12-24 21:47 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:21 - 2013-12-24 21:22 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 12:29 - 2014-01-19 13:20 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt

==================== One Month Modified Files and Folders =======

2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:42 - 2014-01-20 21:38 - 00016963 _____ C:\Users\Public\Documents\FRST.txt
2014-01-21 16:42 - 2013-09-12 23:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1002
2014-01-21 16:41 - 2014-01-21 16:40 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64 (1).exe
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:39 - 2013-09-12 05:53 - 00063368 _____ C:\Users\Valiäöü\AppData\Local\BTServer.log
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:36 - 2013-09-13 00:09 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 16:36 - 2013-04-28 00:49 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-21 16:35 - 2013-04-28 00:51 - 00000000 ____D C:\ProgramData\Realtek
2014-01-21 16:35 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 16:34 - 2013-09-12 05:51 - 01137339 _____ C:\Windows\WindowsUpdate.log
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:27 - 2014-01-20 16:54 - 00000000 ____D C:\AdwCleaner
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:24 - 2013-09-13 00:09 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 16:15 - 2013-02-22 08:00 - 00779826 _____ C:\Windows\PFRO.log
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-21 16:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-20 21:39 - 2014-01-20 21:38 - 00021882 _____ C:\Users\Public\Documents\Addition.txt
2014-01-20 21:34 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-20 21:33 - 02076672 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 21:26 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\VirtualStore
2014-01-20 21:23 - 2013-11-12 20:46 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Windows Live
2014-01-20 20:47 - 2013-09-25 15:31 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CrashDumps
2014-01-20 20:46 - 2013-09-26 18:00 - 00000000 ____D C:\Users\Valiäöü\Documents\FIFA 14
2014-01-20 20:42 - 2013-09-25 15:37 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-20 20:23 - 2014-01-20 18:54 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:45 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 21:46 - 2013-09-13 03:01 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Skype
2014-01-19 20:56 - 2013-12-25 14:50 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2014-01-19 20:55 - 2013-12-25 14:52 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:40 - 2014-01-19 19:39 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:33 - 2014-01-19 17:32 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 19:17 - 2014-01-19 16:07 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 18:30 - 2013-12-25 14:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2014-01-19 17:38 - 2013-10-05 20:48 - 00131072 ___SH C:\Users\Valiäöü\Downloads\Thumbs.db
2014-01-19 17:32 - 2013-09-13 03:01 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:32 - 2013-09-13 03:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 13:20 - 2013-12-23 12:29 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
2014-01-18 22:46 - 2013-09-18 20:52 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Spotify
2014-01-18 18:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-18 14:26 - 2013-09-13 00:11 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 13:29 - 2013-02-22 09:34 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-18 13:29 - 2013-02-22 09:34 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-18 13:29 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 21:54 - 2013-09-13 00:21 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\PMB Files
2014-01-16 17:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-15 22:12 - 2013-09-13 00:21 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 18:08 - 2013-09-18 20:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Spotify
2014-01-15 17:54 - 2013-09-15 19:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:52 - 2013-09-15 19:32 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 21:13 - 2013-10-16 18:57 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Audacity
2014-01-12 21:13 - 2013-09-13 00:56 - 00000000 ____D C:\Users\Valiäöü\Desktop\Neuer Ordner
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 16:24 - 2013-12-15 12:14 - 00072704 ___SH C:\Users\Valiäöü\Documents\Thumbs.db
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-09 09:02 - 2013-12-12 16:57 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-12 16:57 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:00 - 2013-11-16 16:13 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Battle.net
2014-01-08 20:44 - 2013-11-05 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 18:09 - 2013-09-22 12:13 - 00000000 ____D C:\Users\Valiäöü\.gimp-2.8
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-08 18:05 - 2013-09-22 12:15 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\gtk-2.0
2014-01-08 17:10 - 2013-11-16 16:21 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-07 20:36 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-04 17:43 - 2013-09-25 15:41 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-04 14:25 - 2013-09-13 01:08 - 00000000 ____D C:\Users\Valiäöü\Desktop\ProtzischesRPGInventar
2014-01-04 13:42 - 2012-07-26 08:21 - 00040377 _____ C:\Windows\setupact.log
2014-01-03 21:16 - 2013-09-18 20:03 - 00000000 ____D C:\Program Files (x86)\DevPro
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-31 13:59 - 2013-12-18 20:59 - 00000000 ____D C:\Users\Valiäöü\Documents\TrackMania
2013-12-31 13:51 - 2013-12-18 20:59 - 00000000 ____D C:\ProgramData\TrackMania
2013-12-27 15:38 - 2013-12-27 15:35 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 18:37 - 2013-12-25 16:48 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:53 - 2013-12-25 16:50 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER                                                 ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:25 - 2013-12-25 16:23 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 16:20 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 15:58 - 2013-12-25 15:49 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:47 - 2013-12-25 15:36 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:28 - 2013-12-25 15:16 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 15:05 - 2013-12-25 14:49 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-09-12 05:55 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:47 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:22 - 2013-12-24 21:21 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 20:54 - 2013-11-18 21:17 - 00000000 ____D C:\Users\Valiäöü\Desktop\KEEPCALM

Some content of TEMP:
====================
C:\Users\FIFA Offline\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\devpro.dll
C:\Users\Valiäöü\AppData\Local\Temp\DevPro.exe
C:\Users\Valiäöü\AppData\Local\Temp\htmlayout.dll
C:\Users\Valiäöü\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Valiäöü\AppData\Local\Temp\project1.exe
C:\Users\Valiäöü\AppData\Local\Temp\Quarantine.exe
C:\Users\Valiäöü\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Valiäöü\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138819890.exe
C:\Users\Valiäöü\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-18 14:49

==================== End Of Log ============================
         
--- --- ---



Addition.txt :


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2014
Ran by Valiäöü at 2014-01-21 16:42:41
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
AruaROSE v893 (x32 Version: 893 - )
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battery Calibration (x32 Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (x32 Version:  - Blizzard Entertainment)
BlueStacks App Player (x32 Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (x32 Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Castle Crashers (x32 Version:  - The Behemoth)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (x32 Version:  - )
Creation Master 14.1 (x32 Version:  - FIFA MASTER)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DartPro 2.9.0.0 (x32 Version:  - RuSyS)
EPSON BX305 Plus Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Free M4a to MP3 Converter 8.0 (x32 Version:  - ManiacTools.com)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version:  - Blizzard Entertainment)
HyperCam 2 (x32 Version: 2.28.01 - Hyperionics Technology LLC)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jump Flip (Version: 2014.01.16.002256 - Jump Flip) <==== ATTENTION
KB9X Radio Switch Driver (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Lazarus 1.0.12 (Version: 1.0.12 - Lazarus Team)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Remind Manager (x32 Version: 2.12.1003 - MSI)
MSI Social Media Collection (x32 Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Anti-Theft (x32 Version: 1.10.0.9 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pokemon Online 2.3.2 (x32 Version:  - Dreambelievers)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - )
Roll (x32 Version:  - )
SCM (Version: 13.013.04234 - Application)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster Cinema (x32 Version: 1.00.01 - Creative Technology Limited)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.017 - MSI)
TrackMania Nations ESWC 1.7.9 (x32 Version:  - Nadeo)
TrackMania Nations Forever (x32 Version:  - Nadeo)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Vokabel Trainer 5 (x32 Version:  - Manuel Wäschle)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
XSplit Broadcaster (x32 Version: 1.3.1309.1602 - SplitMediaLabs)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

14-01-2014 19:15:11 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0712A20A-E1DF-4B2D-8C6D-C216E6B8C03F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {098E7BEA-23E9-4277-AD91-7BC15F3B6C79} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3003F08D-CD3D-40D6-958B-6E45B8374FAB} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {503EBE27-D462-4FF9-98EA-D3C73E3AD2E2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5B165D58-39AF-4565-937B-31E0514D6631} - \Advanced System Protector No Task File
Task: {6FB1BFF5-DE4B-4847-A257-DFF94BAFB991} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {71AF0919-21AF-4CC1-9630-1AB0ADD2C3A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {74D01EBA-913D-457C-B836-64C7426959A2} - \RegClean Pro No Task File
Task: {8FF40BF9-ECC7-4A03-B683-A97B278CEE28} - System32\Tasks\{1C87B510-71F4-4B03-8345-C620F11E8915} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {9480CA09-2CC2-4215-8A4B-9455965D8F62} - \RegClean Pro_UPDATES No Task File
Task: {A15D2791-E443-4E09-A3AC-F53CA4B1AA98} - \RegClean Pro_DEFAULT No Task File
Task: {A62EE018-AD91-4912-9457-41A25DDA5F45} - \Advanced System Protector_startup No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8BDB1EA-27F5-4F42-89BE-0ABB20788B63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {CABDCEAD-6014-4C10-B33D-19EC237C4007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5E2B5DB-6BDC-4F10-ACF5-6695E2AC6600} - \Express FilesUpdate No Task File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2013-09-13 00:07 - 2013-09-13 00:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-07-26 00:29 - 2012-07-26 04:06 - 00924672 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2012-07-26 00:26 - 2012-07-26 04:06 - 00720384 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2013-04-28 00:44 - 2013-03-12 21:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 8111.66 MB
Available physical RAM: 5342.73 MB
Total Pagefile: 13487.66 MB
Available Pagefile: 10117.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:469.36 GB) (Free:323.33 GB) NTFS
Drive d: (Data) (Fixed) (Total:209.58 GB) (Free:98.81 GB) NTFS
Drive e: (RCTYCOON) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4CC0E3F6)

Partition: GPT Partition Type
==================== End Of Log ============================
         

Weiterhin vielen Dank für die Unterstützun!


Alt 22.01.2014, 10:37   #6
schrauber
/// the machine
/// TB-Ausbilder
 

JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> JS/Kromtracker Viren u.a.

Alt 22.01.2014, 16:12   #7
Grinsbart
 
JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Hallo! Hier der Log vom ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=2e94406cedbcbb418190d3902a0f7b23
# engine=16748
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-22 11:43:11
# local_time=2014-01-22 12:43:11 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode=1799 16775165 100 94 6071 11364154 2436 0
# compatibility_mode=5893 16776574 100 94 2848868 23286609 0 0
# scanned=314677
# found=1
# cleaned=0
# scan_time=5704
sh=4663ED4D796C718A09B37C2891C456FF0D5D5E0B ft=1 fh=5e50dd5f7db39132 vn="Win32/AdWare.1ClickDownload.AQ application" ac=I fn="C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000"
         


Hier der von SecurityCheck:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.79  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
Avira Desktop      
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 45  
 Java version out of Date! 
 Google Chrome 31.0.1650.63  
 Google Chrome 32.0.1700.76  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Und hier die FRST- Textdateien:



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-01-2014 01
Ran by Valiäöü (administrator) on LAPPI on 22-01-2014 16:10:00
Running from C:\Users\Public\Documents
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(MSI) C:\Program Files (x86)\SCM\Radio Manager.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Spotify Ltd) C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHRE.EXE
() C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-27] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [452608 2013-01-28] (Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2875728 2013-04-27] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Radio Manager] - C:\Program Files (x86)\SCM\Radio Manager.exe [406920 2013-04-24] (MSI)
HKLM\...\Run: [SCM] - C:\Program Files (x86)\SCM\SCM.exe [406944 2013-04-24] (MSI)
HKLM\...\Run: [MBCfg64] - C:\Windows\system32\MBCfg64.dll [27648 2013-01-07] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Sound Blaster Cinema] - C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-02-07] (MSI)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [BlueStacks Agent] - c:\Program Files (x86)\BlueStacks\HD-Agent.exe [597880 2013-01-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1277688 2013-08-21] (Bogdan Sharkov)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Valiäöü\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-15] (Spotify Ltd)
HKCU\...\Run: [EPSONCEF5A2 (Epson Stylus Office BX305 Plus)] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-04-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-04-27] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi13.msn.com
SearchScopes: HKLM - DefaultScope {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKLM-x32 - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAMIJS;
SearchScopes: HKCU - {86092E39-277A-42CE-8D21-1C344B57E52B} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (         "name": "",) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-13]
CHR Extension: (Google Drive) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-13]
CHR Extension: (YouTube) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-13]
CHR Extension: (Google-Suche) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-13]
CHR Extension: (Google Wallet) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Valiäöü\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-13]
CHR HKLM-x32\...\Chrome\Extension: [hphehadppenpmajgnkjdcopcfijjegaf] - C:\Program Files (x86)\Jump Flip\hphehadppenpmajgnkjdcopcfijjegaf.crx [2013-09-13]

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)
U2 BstHdAndroidSvc; c:\Program Files (x86)\BlueStacks\HD-Service.exe [393080 2013-01-07] (BlueStack Systems, Inc.)
U2 BstHdLogRotatorSvc; c:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384888 2013-01-07] (BlueStack Systems, Inc.)
U2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [39424 2012-12-07] ()
U2 ETDService; C:\Program Files\Elantech\ETDService.exe [99664 2013-04-27] (ELAN Microelectronics Corp.)
U2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
U3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
U2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
U2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-04-24] (Micro-Star International Co., Ltd.)
U2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [154112 2013-02-08] (MSI)
U2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
U3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
U2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
U2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
U2 Qualcomm Atheros Killer Service; C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [495616 2013-03-15] ()
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-11] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-17] (Avira Operations GmbH & Co. KG)
U1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [74096 2013-03-15] (Qualcomm Atheros, Inc.)
U2 BstHdDrv; c:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [71032 2013-01-07] (BlueStack Systems)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
U3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
U3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [174448 2013-03-15] (Qualcomm Atheros, Inc.)
U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
U3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
U3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [524360 2013-04-27] (Realtek Semiconductor Corporation)
U3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [448072 2013-04-27] (RTS Corporation)
U3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1552456 2013-04-27] (Realtek Semiconductor Corporation                           )
U0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
U0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
U3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 16:09 - 2014-01-22 16:09 - 00000000 ____D C:\Users\Public\Documents\FRST-OlderVersion
2014-01-22 16:06 - 2014-01-22 16:06 - 00987425 _____ C:\Users\Public\Documents\SecurityCheck.exe
2014-01-22 11:04 - 2014-01-22 11:04 - 02347384 _____ (ESET) C:\Users\Public\Documents\esetsmartinstaller_enu.exe
2014-01-21 21:25 - 2014-01-21 21:25 - 00084969 _____ C:\Users\Public\Documents\Hilferuf aus einer anderen Zeit.odt
2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:04 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-20 21:38 - 2014-01-22 16:10 - 00016927 _____ C:\Users\Public\Documents\FRST.txt
2014-01-20 21:38 - 2014-01-21 16:43 - 00020307 _____ C:\Users\Public\Documents\Addition.txt
2014-01-20 21:34 - 2014-01-22 16:09 - 00000000 ____D C:\FRST
2014-01-20 21:33 - 2014-01-22 16:09 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:54 - 2014-01-20 20:23 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:54 - 2014-01-21 16:27 - 00000000 ____D C:\AdwCleaner
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:44 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:39 - 2014-01-19 19:40 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 17:32 - 2014-01-19 19:33 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 16:07 - 2014-01-19 19:17 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-15 17:31 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-15 17:31 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-15 17:31 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-15 17:31 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-15 17:31 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-15 17:31 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-15 17:31 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-15 17:31 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-15 17:31 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-15 17:31 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-15 17:30 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-15 17:30 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-12 12:50 - 2009-09-30 18:01 - 00088064 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBHRE.DLL
2014-01-12 12:50 - 2008-11-11 18:00 - 00118784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMHRE.DLL
2014-01-12 12:50 - 2007-04-09 16:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-27 15:35 - 2013-12-27 15:38 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 16:50 - 2013-12-25 16:53 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 18:37 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER                                                 ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:23 - 2013-12-25 16:25 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 15:49 - 2013-12-25 15:58 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:36 - 2013-12-25 15:47 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:16 - 2013-12-25 15:28 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:55 - 2014-01-19 18:30 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:52 - 2014-01-19 20:55 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2013-12-25 14:51 - 2013-12-25 16:20 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2014-01-19 20:56 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-02-22 19:12 - 00002110 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2013-12-25 14:49 - 2013-12-25 15:05 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:49 - 2013-09-26 21:04 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 14:49 - 2013-09-16 22:03 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 14:49 - 2012-07-26 09:13 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:23 - 2013-12-24 21:47 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:21 - 2013-12-24 21:22 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 12:29 - 2014-01-19 13:20 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt

==================== One Month Modified Files and Folders =======

2014-01-22 16:10 - 2014-01-20 21:38 - 00016927 _____ C:\Users\Public\Documents\FRST.txt
2014-01-22 16:09 - 2014-01-22 16:09 - 00000000 ____D C:\Users\Public\Documents\FRST-OlderVersion
2014-01-22 16:09 - 2014-01-20 21:34 - 00000000 ____D C:\FRST
2014-01-22 16:09 - 2014-01-20 21:33 - 02077184 _____ (Farbar) C:\Users\Public\Documents\FRST64.exe
2014-01-22 16:06 - 2014-01-22 16:06 - 00987425 _____ C:\Users\Public\Documents\SecurityCheck.exe
2014-01-22 16:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-22 14:17 - 2013-09-12 05:53 - 00065273 _____ C:\Users\Valiäöü\AppData\Local\BTServer.log
2014-01-22 13:58 - 2013-09-12 05:51 - 01179291 _____ C:\Windows\WindowsUpdate.log
2014-01-22 13:53 - 2013-04-28 00:51 - 00000000 ____D C:\ProgramData\Realtek
2014-01-22 13:24 - 2013-09-13 00:09 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-22 12:43 - 2013-09-12 23:44 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1002
2014-01-22 12:16 - 2013-09-26 18:00 - 00000000 ____D C:\Users\Valiäöü\Documents\FIFA 14
2014-01-22 11:04 - 2014-01-22 11:04 - 02347384 _____ (ESET) C:\Users\Public\Documents\esetsmartinstaller_enu.exe
2014-01-22 11:01 - 2013-09-13 00:09 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-22 11:01 - 2013-04-28 00:49 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2014-01-21 21:25 - 2014-01-21 21:25 - 00084969 _____ C:\Users\Public\Documents\Hilferuf aus einer anderen Zeit.odt
2014-01-21 18:32 - 2013-09-25 15:37 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-21 16:51 - 2013-09-25 15:31 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CrashDumps
2014-01-21 16:43 - 2014-01-20 21:38 - 00020307 _____ C:\Users\Public\Documents\Addition.txt
2014-01-21 16:42 - 2014-01-21 16:42 - 00046025 _____ C:\Users\Valiäöü\Documents\FRST.txt
2014-01-21 16:39 - 2014-01-21 16:39 - 00000840 _____ C:\Users\Valiäöü\Documents\JRT.txt
2014-01-21 16:38 - 2014-01-21 16:38 - 00000840 _____ C:\Users\Valiäöü\Desktop\JRT.txt
2014-01-21 16:35 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 16:32 - 2014-01-21 16:32 - 00000000 ____D C:\Windows\ERUNT
2014-01-21 16:31 - 2014-01-21 16:31 - 01037068 _____ (Thisisu) C:\Users\Public\Documents\JRT.exe
2014-01-21 16:30 - 2014-01-21 16:30 - 00001320 _____ C:\Users\Valiäöü\Documents\AdwCleaner[S1].txt
2014-01-21 16:27 - 2014-01-20 16:54 - 00000000 ____D C:\AdwCleaner
2014-01-21 16:26 - 2014-01-21 16:26 - 01236282 _____ C:\Users\Public\Documents\adwcleaner.exe
2014-01-21 16:15 - 2013-02-22 08:00 - 00779826 _____ C:\Windows\PFRO.log
2014-01-21 16:04 - 2014-01-21 16:04 - 00001123 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-21 16:04 - 2014-01-21 16:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-21 16:03 - 2014-01-21 16:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Public\Documents\mbam-setup-1.75.0.1300.exe
2014-01-20 21:26 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\VirtualStore
2014-01-20 21:23 - 2013-11-12 20:46 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Windows Live
2014-01-20 20:23 - 2014-01-20 18:54 - 00000000 ____D C:\ProgramData\Pivot Animator
2014-01-20 19:53 - 2014-01-20 19:53 - 00016878 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-184605-07DEF6F7.LOG
2014-01-20 18:44 - 2014-01-20 18:44 - 00021078 _____ C:\Users\Valiäöü\Documents\AVSCAN-20140120-171458-0DE4EA07.LOG
2014-01-20 16:49 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-20 16:46 - 2014-01-20 16:46 - 01236282 _____ C:\Users\Public\Documents\adwcleaner_3.017 (1).exe
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\cache
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 ____D C:\Users\Valiäöü\.android
2014-01-20 16:45 - 2014-01-20 16:45 - 00000000 _____ C:\Users\Valiäöü\daemonprocess.txt
2014-01-20 16:45 - 2013-09-12 05:53 - 00000000 ____D C:\Users\Valiäöü
2014-01-20 16:43 - 2014-01-20 16:43 - 00001044 _____ C:\Users\Public\Desktop\Pivot Animator.lnk
2014-01-20 16:43 - 2014-01-20 16:43 - 00000000 ____D C:\Program Files (x86)\Pivot Animator
2014-01-19 21:46 - 2014-01-19 21:46 - 00099421 _____ C:\Users\Valiäöü\Documents\saarländische grammatikas.odt
2014-01-19 21:46 - 2013-09-13 03:01 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Skype
2014-01-19 20:56 - 2013-12-25 14:50 - 00017343 _____ C:\Users\FIFA Offline\AppData\Local\BTServer.log
2014-01-19 20:55 - 2013-12-25 14:52 - 00000000 ____D C:\Users\FIFA Offline\Documents\FIFA 14
2014-01-19 19:40 - 2014-01-19 19:40 - 00000000 ____D C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5
2014-01-19 19:40 - 2014-01-19 19:39 - 17744734 _____ C:\Users\FIFA Offline\Downloads\EEP14-BETA-Fix-Version-1.0.5.rar
2014-01-19 19:33 - 2014-01-19 17:32 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Skype
2014-01-19 19:17 - 2014-01-19 16:07 - 00000000 ____D C:\Users\FIFA Offline\Downloads\Füfä
2014-01-19 19:12 - 2014-01-19 19:12 - 01977432 _____ C:\Users\FIFA Offline\Downloads\winrar-x64-501.exe
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\WinRAR
2014-01-19 19:12 - 2014-01-19 19:12 - 00000000 ____D C:\Program Files\WinRAR
2014-01-19 18:30 - 2013-12-25 14:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1572427592-3260132124-4199956381-1006
2014-01-19 17:38 - 2013-10-05 20:48 - 00131072 ___SH C:\Users\Valiäöü\Downloads\Thumbs.db
2014-01-19 17:32 - 2013-09-13 03:01 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-19 17:32 - 2013-09-13 03:01 - 00000000 ____D C:\ProgramData\Skype
2014-01-19 16:35 - 2014-01-19 16:35 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\OpenOffice
2014-01-19 13:20 - 2013-12-23 12:29 - 00036056 _____ C:\Users\Valiäöü\Documents\Saarländisch.odt
2014-01-18 22:46 - 2013-09-18 20:52 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Spotify
2014-01-18 18:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2014-01-18 14:26 - 2013-09-13 00:11 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-18 13:29 - 2013-02-22 09:34 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-18 13:29 - 2013-02-22 09:34 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-18 13:29 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-16 21:54 - 2013-09-13 00:21 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\PMB Files
2014-01-16 17:21 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2014-01-15 22:12 - 2013-09-13 00:21 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 18:08 - 2013-09-18 20:53 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Spotify
2014-01-15 17:54 - 2013-09-15 19:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 17:52 - 2013-09-15 19:32 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-14 15:56 - 2014-01-14 15:56 - 03300370 _____ C:\Users\Valiäöü\Downloads\Wintertransfers-bis-11.01.14.rar
2014-01-12 21:18 - 2014-01-12 21:18 - 00003348 _____ C:\Users\Valiäöü\Documents\letsspriite3.wlmp
2014-01-12 21:13 - 2013-10-16 18:57 - 00000000 ____D C:\Users\Valiäöü\AppData\Roaming\Audacity
2014-01-12 21:13 - 2013-09-13 00:56 - 00000000 ____D C:\Users\Valiäöü\Desktop\Neuer Ordner
2014-01-12 16:33 - 2014-01-12 16:33 - 00008682 _____ C:\Users\Valiäöü\Documents\letssprite3.wlmp
2014-01-12 16:24 - 2013-12-15 12:14 - 00072704 ___SH C:\Users\Valiäöü\Documents\Thumbs.db
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\ProgramData\EPSON
2014-01-12 12:50 - 2014-01-12 12:50 - 00000000 ____D C:\Program Files\Common Files\EPSON
2014-01-09 09:02 - 2013-12-12 16:57 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-12-12 16:57 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-08 21:00 - 2013-11-16 16:13 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Battle.net
2014-01-08 20:44 - 2013-11-05 16:27 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-08 18:09 - 2013-09-22 12:13 - 00000000 ____D C:\Users\Valiäöü\.gimp-2.8
2014-01-08 18:05 - 2014-01-08 18:05 - 00020123 _____ C:\Users\Valiäöü\AppData\Local\recently-used.xbel
2014-01-08 18:05 - 2013-09-22 12:15 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\gtk-2.0
2014-01-08 17:10 - 2013-11-16 16:21 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-07 20:36 - 2013-11-16 16:13 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-04 17:43 - 2013-09-25 15:41 - 00000000 ____D C:\Program Files (x86)\Origin Games
2014-01-04 14:25 - 2013-09-13 01:08 - 00000000 ____D C:\Users\Valiäöü\Desktop\ProtzischesRPGInventar
2014-01-04 13:42 - 2012-07-26 08:21 - 00040377 _____ C:\Windows\setupact.log
2014-01-03 21:16 - 2013-09-18 20:03 - 00000000 ____D C:\Program Files (x86)\DevPro
2014-01-01 12:56 - 2014-01-01 12:56 - 00001177 _____ C:\Users\Valiäöü\Desktop\DartPro.lnk
2014-01-01 12:56 - 2014-01-01 12:56 - 00000000 ____D C:\Program Files (x86)\Rusys
2014-01-01 12:55 - 2014-01-01 12:55 - 03435126 _____ C:\Users\Valiäöü\Downloads\DartPro2.9.0.0.Install.zip
2013-12-31 13:59 - 2013-12-18 20:59 - 00000000 ____D C:\Users\Valiäöü\Documents\TrackMania
2013-12-31 13:51 - 2013-12-18 20:59 - 00000000 ____D C:\ProgramData\TrackMania
2013-12-27 15:38 - 2013-12-27 15:35 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 14online
2013-12-25 18:37 - 2013-12-25 16:48 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\CrashDumps
2013-12-25 16:53 - 2013-12-25 16:50 - 00000000 ____D C:\Users\FIFA Offline\Desktop\FIFA 143liga
2013-12-25 16:49 - 2013-12-25 16:49 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\CreationMaster
2013-12-25 16:48 - 2013-12-25 16:48 - 07778957 _____ (FIFA MASTER                                                 ) C:\Users\FIFA Offline\Downloads\Setup_CM_14_1.exe
2013-12-25 16:48 - 2013-12-25 16:48 - 00001283 _____ C:\Users\Valiäöü\Desktop\CM 14.lnk
2013-12-25 16:48 - 2013-12-25 16:48 - 00000000 ____D C:\Program Files (x86)\Fifa Master
2013-12-25 16:25 - 2013-12-25 16:23 - 00000000 ____D C:\Users\FIFA Offline\Downloads\3. Liga Patch by Slim & Community
2013-12-25 16:20 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Origin
2013-12-25 15:58 - 2013-12-25 15:49 - 233959268 _____ C:\Users\FIFA Offline\Downloads\3.-Liga-Patch-by-Slim---Community.rar
2013-12-25 15:47 - 2013-12-25 15:36 - 262945949 _____ C:\Users\FIFA Offline\Downloads\data1.rar
2013-12-25 15:29 - 2013-12-25 15:29 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\WinZip
2013-12-25 15:28 - 2013-12-25 15:16 - 148127918 _____ C:\Users\FIFA Offline\Downloads\FIFA14MWM05.rar
2013-12-25 15:05 - 2013-12-25 15:05 - 00000000 _____ C:\Users\FIFA Offline\agent.log
2013-12-25 15:05 - 2013-12-25 14:49 - 00000000 ____D C:\Users\FIFA Offline
2013-12-25 14:56 - 2013-12-25 14:56 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Avira
2013-12-25 14:53 - 2013-12-25 14:53 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Google
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Intel Corporation
2013-12-25 14:51 - 2013-12-25 14:51 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Origin
2013-12-25 14:50 - 2013-12-25 14:50 - 00001452 _____ C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 14:50 - 2013-12-25 14:50 - 00000020 ___SH C:\Users\FIFA Offline\ntuser.ini
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Vorlagen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Startmenü
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Netzwerkumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Lokale Einstellungen
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Eigene Dateien
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Druckumgebung
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Musik
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Documents\Eigene Bilder
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Verlauf
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\AppData\Local\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 _SHDL C:\Users\FIFA Offline\Anwendungsdaten
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ___RD C:\Users\FIFA Offline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\Documents\My Bluetooth
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Roaming\Adobe
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\VirtualStore
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\Packages
2013-12-25 14:50 - 2013-12-25 14:50 - 00000000 ____D C:\Users\FIFA Offline\AppData\Local\MSI
2013-12-25 14:50 - 2013-09-12 05:55 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 12:23 - 2013-12-25 12:23 - 00001456 _____ C:\Users\Valiäöü\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FIFA 14.lnk
2013-12-24 21:47 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\Documents\Pokemon Online
2013-12-24 21:23 - 2013-12-24 21:23 - 00001093 _____ C:\Users\Public\Desktop\Pokemon Online.lnk
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Users\Valiäöü\AppData\Local\Dreambelievers
2013-12-24 21:23 - 2013-12-24 21:23 - 00000000 ____D C:\Program Files (x86)\Pokemon Online
2013-12-24 21:22 - 2013-12-24 21:21 - 38691253 _____ (Dreambelievers                                              ) C:\Users\Valiäöü\Downloads\Pokemon-Online-v2.3.2-Setup.exe
2013-12-23 20:54 - 2013-11-18 21:17 - 00000000 ____D C:\Users\Valiäöü\Desktop\KEEPCALM

Some content of TEMP:
====================
C:\Users\FIFA Offline\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\avgnt.exe
C:\Users\Valiäöü\AppData\Local\Temp\devpro.dll
C:\Users\Valiäöü\AppData\Local\Temp\DevPro.exe
C:\Users\Valiäöü\AppData\Local\Temp\htmlayout.dll
C:\Users\Valiäöü\AppData\Local\Temp\ICSharpCode.SharpZipLib.dll
C:\Users\Valiäöü\AppData\Local\Temp\project1.exe
C:\Users\Valiäöü\AppData\Local\Temp\Quarantine.exe
C:\Users\Valiäöü\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Valiäöü\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Valiäöü\AppData\Local\Temp\uninstall2138819890.exe
C:\Users\Valiäöü\AppData\Local\Temp\YgoUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-18 14:49

==================== End Of Log ============================
         
--- --- ---




Addition.txt :


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-01-2014 01
Ran by Valiäöü at 2014-01-22 16:10:32
Running from C:\Users\Public\Documents
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

„Windows Live Essentials“ (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
AruaROSE v893 (x32 Version: 893 - )
Audacity 2.0.4 (x32 Version: 2.0.4 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Battery Calibration (x32 Version: 1.0.1208.0301 - Micro-Star International Co., Ltd.)
Battle.net (x32 Version:  - Blizzard Entertainment)
BlueStacks App Player (x32 Version: 0.7.9.844 - BlueStack Systems, Inc.)
BurnRecovery (x32 Version: 4.0.1304.1501 - Micro-Star International Co., Ltd.)
Castle Crashers (x32 Version:  - The Behemoth)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Clownfish for Skype (x32 Version:  - )
Creation Master 14.1 (x32 Version:  - FIFA MASTER)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DartPro 2.9.0.0 (x32 Version:  - RuSyS)
EPSON BX305 Plus Series Printer Uninstall (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.13.2.4_WHQL (Version: 11.13.2.4 - ELAN Microelectronic Corp.)
FIFA 14 (x32 Version: 1.0.0.4 - Electronic Arts)
Fotoattēlu galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foto-galerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (x32 Version:  - )
Free M4a to MP3 Converter 8.0 (x32 Version:  - ManiacTools.com)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerija fotografija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GIMP 2.8.6 (Version: 2.8.6 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version:  - Blizzard Entertainment)
HyperCam 2 (x32 Version: 2.28.01 - Hyperionics Technology LLC)
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.18.10.3111 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.5.0.1066 - Intel Corporation) Hidden
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 3.0.0.63463 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jump Flip (Version: 2014.01.16.002256 - Jump Flip) <==== ATTENTION
KB9X Radio Switch Driver (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
Lazarus 1.0.12 (Version: 1.0.12 - Lazarus Team)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSI Remind Manager (x32 Version: 2.12.1003 - MSI)
MSI Social Media Collection (x32 Version: 1.13.0123 - MSI)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Anti-Theft (x32 Version: 1.10.0.9 - Symantec Corporation)
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
NVIDIA Control Panel 311.48 (Version: 311.48 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.48 (Version: 311.48 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Animator version 4.1.10 (x32 Version: 4.1.10 - Motus Software Ltd)
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pokemon Online 2.3.2 (x32 Version:  - Dreambelievers)
Qualcomm Atheros Killer Network Manager (Version: 6.1.0.550 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager (x32 Version: 6.1.0.550 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (x32 Version: 3.9691.663.020613 - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.2.9200.21219 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 1.00.0212 - )
Roll (x32 Version:  - )
SCM (Version: 13.013.04234 - Application)
Skype™ 6.7 (x32 Version: 6.7.102 - Skype Technologies S.A.)
Sound Blaster Cinema (x32 Version: 1.00.01 - Creative Technology Limited)
Spotify (HKCU Version: 0.9.7.16.g4b197456 - Spotify AB)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super-Charger (x32 Version: 1.2.017 - MSI)
TrackMania Nations ESWC 1.7.9 (x32 Version:  - Nadeo)
TrackMania Nations Forever (x32 Version:  - Nadeo)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Valokuvavalikoima (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Vokabel Trainer 5 (x32 Version:  - Manuel Wäschle)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Liven peruspaketti (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (Version: 5.01.0 - win.rar GmbH)
WinZip 16.5 (Version: 16.5.10095 - WinZip Computing, S.L. )
XSplit Broadcaster (x32 Version: 1.3.1309.1602 - SplitMediaLabs)
YGOPro DevPro Version 1.9.6 r0 (x32 Version: 1.9.6 r0 - YGOPro DevPro Online)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоальбом (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотогалерия (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотографии (общедоступная версия) (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Фотоколекція (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
גלריית התמונות (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points  =========================


==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0712A20A-E1DF-4B2D-8C6D-C216E6B8C03F} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {098E7BEA-23E9-4277-AD91-7BC15F3B6C79} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3003F08D-CD3D-40D6-958B-6E45B8374FAB} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {503EBE27-D462-4FF9-98EA-D3C73E3AD2E2} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {5B165D58-39AF-4565-937B-31E0514D6631} - \Advanced System Protector No Task File
Task: {6FB1BFF5-DE4B-4847-A257-DFF94BAFB991} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {71AF0919-21AF-4CC1-9630-1AB0ADD2C3A9} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {74D01EBA-913D-457C-B836-64C7426959A2} - \RegClean Pro No Task File
Task: {8FF40BF9-ECC7-4A03-B683-A97B278CEE28} - System32\Tasks\{1C87B510-71F4-4B03-8345-C620F11E8915} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/de/abandoninstall?page=tsProgressBar
Task: {9480CA09-2CC2-4215-8A4B-9455965D8F62} - \RegClean Pro_UPDATES No Task File
Task: {A15D2791-E443-4E09-A3AC-F53CA4B1AA98} - \RegClean Pro_DEFAULT No Task File
Task: {A62EE018-AD91-4912-9457-41A25DDA5F45} - \Advanced System Protector_startup No Task File
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C8BDB1EA-27F5-4F42-89BE-0ABB20788B63} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {CABDCEAD-6014-4C10-B33D-19EC237C4007} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-13] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F5E2B5DB-6BDC-4F10-ACF5-6695E2AC6600} - \Express FilesUpdate No Task File
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-28 01:02 - 2012-11-01 19:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2011-05-10 04:46 - 2011-05-10 04:46 - 02760192 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtCore4.dll
2011-05-10 04:56 - 2011-05-10 04:56 - 09856000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtGui4.dll
2011-05-10 04:48 - 2011-05-10 04:48 - 00990720 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtNetwork4.dll
2011-05-10 04:47 - 2011-05-10 04:47 - 00416256 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\QtXml4.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00217600 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFCommon.dll
2011-05-10 20:32 - 2011-05-10 20:32 - 00731648 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\qwt5.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00404992 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modApplications.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00036864 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFeatures.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00025088 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modFraps.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00240128 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modGraph.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00062464 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modlcd.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00291328 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNetwork.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00184832 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modNpu.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00211456 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOptions.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00064000 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modOverview.dll
2013-03-15 20:22 - 2013-03-15 20:22 - 00317440 _____ () C:\Program Files\Qualcomm Atheros\Killer Network Manager\plugins\modSystemInfo.dll
2013-09-13 00:07 - 2013-09-13 00:05 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-28 00:44 - 2013-03-12 21:19 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2012-07-26 00:29 - 2012-07-26 04:06 - 00924672 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2012-07-26 00:26 - 2012-07-26 04:06 - 00720384 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2013-09-25 15:39 - 2013-11-28 21:24 - 00064000 _____ () C:\Program Files (x86)\Origin\tufao.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2012-06-14 19:57 - 2012-06-14 19:57 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-16 04:12 - 2011-08-16 04:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-16 04:15 - 2011-08-16 04:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-18 00:41 - 2011-08-18 00:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-18 00:48 - 2011-08-18 00:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-16 03:23 - 2011-08-16 03:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-06-14 19:56 - 2012-06-14 19:56 - 00481792 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-06-14 20:06 - 2012-06-14 20:06 - 00500064 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-06-14 19:55 - 2012-06-14 19:55 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-20 00:05 - 2011-07-20 00:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-08-16 04:17 - 2011-08-16 04:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2011-07-20 00:04 - 2011-07-20 00:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-18 14:26 - 2014-01-11 11:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-18 14:26 - 2014-01-11 11:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Could not start eventlog service, could not read events.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 8111.66 MB
Available physical RAM: 4846.53 MB
Total Pagefile: 13487.66 MB
Available Pagefile: 9602.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:469.36 GB) (Free:334.28 GB) NTFS
Drive d: (Data) (Fixed) (Total:209.58 GB) (Free:98.76 GB) NTFS
Drive e: (RCTYCOON) (CDROM) (Total:4.25 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4CC0E3F6)

Partition: GPT Partition Type
==================== End Of Log ============================
         

Ansonsten fühlt sich mein Computer eigentlich ganz normal an. Kann dadurch jetzt was kaputtgegangen sein?

Danke weiterhin! Grüße!

Alt 23.01.2014, 09:01   #8
schrauber
/// the machine
/// TB-Ausbilder
 

JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Nee

Java updaten.

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.01.2014, 16:34   #9
Grinsbart
 
JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Vielen Dank für alles! Ist nun alles erledigt!

Alt 24.01.2014, 09:33   #10
schrauber
/// the machine
/// TB-Ausbilder
 

JS/Kromtracker Viren u.a. - Standard

JS/Kromtracker Viren u.a.



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu JS/Kromtracker Viren u.a.
appdata, datei, dllhost.exe, explorer.exe, free, hdd0(c:, installation, internet, js/kromtracker.a, js/kromtracker.b, lsass.exe, modul, programm, prozesse, pup.optional.expressfiles.a, pup.optional.installcore.a, pup.optional.installmonetizer, pup.optional.jumpflip.a, pup.optional.smart, pup.optional.softonic.a, services.exe, svchost.exe, swf-virus swf/dldr.adsechost.a, swf/dldr.adsechost.a, treiber, win32/adware.1clickdownload.aq, winlogon.exe



Ähnliche Themen: JS/Kromtracker Viren u.a.


  1. Acer Windows 7-Rechner * Befall von Viren und Trojanern? * Antivir Rescue CD beseitigt Viren/Trojanernicht
    Plagegeister aller Art und deren Bekämpfung - 14.12.2014 (15)
  2. Jeder Viren chutz erkennt bei normalen Programmen über 300 Viren auf meinem PC
    Log-Analyse und Auswertung - 01.08.2013 (9)
  3. Jeder Viren Schutz erkennt bei normalen Programmen über 300 Viren auf meinem PC
    Mülltonne - 31.07.2013 (1)
  4. These: Avira installiert eigene Viren bzw. parallel AV-Programme, die Viren enthalten ...
    Antiviren-, Firewall- und andere Schutzprogramme - 13.05.2013 (7)
  5. 74 Viren gefunden, Firewall down, 95p und Media.. Viren
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (1)
  6. Viren befall kein viren programm geht
    Plagegeister aller Art und deren Bekämpfung - 06.01.2010 (22)
  7. Viren....Hilfe...überall Viren....
    Mülltonne - 04.11.2008 (0)
  8. POPUPS und VERSCHIEDENE VIREN VIREN UND TROJANER !
    Mülltonne - 11.10.2008 (0)
  9. msn viren
    Mülltonne - 14.09.2008 (1)
  10. Viren bekämpfen ohne Anti Viren Programm
    Plagegeister aller Art und deren Bekämpfung - 28.11.2007 (22)
  11. Viren auf Pc?
    Log-Analyse und Auswertung - 02.11.2007 (0)
  12. War eine ganze Weile fei von Viren aber jetzt habe ich Viren Bursters !!!
    Log-Analyse und Auswertung - 17.12.2006 (1)
  13. kaspersky findet angeblich viren ind java dateien - sind es wirklich viren ?
    Plagegeister aller Art und deren Bekämpfung - 22.08.2005 (6)
  14. viren?
    Log-Analyse und Auswertung - 02.08.2005 (2)
  15. Viren über Viren
    Log-Analyse und Auswertung - 29.03.2005 (1)
  16. 3 viren auf dem pc
    Plagegeister aller Art und deren Bekämpfung - 02.11.2004 (12)
  17. Viren+Co
    Plagegeister aller Art und deren Bekämpfung - 10.10.2004 (9)

Zum Thema JS/Kromtracker Viren u.a. - Hallo! Heute wollte ich mir das Animationprogramm Pivot downloaden und habe versehentlich bei der Installation unerwünschtes Zeugs installiert. Habe dann erst mal AdwCleaner durchlaufen gelassen. Jetzt hat mein Antivirenprogramm Avira - JS/Kromtracker Viren u.a....
Archiv
Du betrachtest: JS/Kromtracker Viren u.a. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.