Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.02.2014, 11:45   #1
KUF
 
McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Standard

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da



Hallo zusammen,
ich wollte "No Panic- Gute Geiseln sind selten", den ich schon einmal ohne Probleme in englisch auf You Tube angesehen hatte, auf deutsch sehen. Nach längerer Suche, fand ich eine Seite, wo ich den Film mit Hilfe einer App aus dem windows-Store runterladen und ansehen konnte. Es handelte sich nicht um eine offensichtlich illegale Seite (wie zB kinox.to) mit lauter ganz neuen Filmen, sondern man konnte dort eher weniger bekannte oder ältere Filme downloaden (wie z.B. Netzkino). Nachdem das mit dem ansehen des Films nicht klappen wollte und auch die App nicht zu funktionieren schien, wollte ich gerade aufgeben, da meldete mein McAfee einen Trojaner. Das Problem wurde gefunden, aber als ich den "entfernen"-Button drücken wollte, ging das nicht und McAffee reagierte nicht mehr. Ich fuhr den PC runter und wieder hoch, liess McAffee scannen - aber nun war scheinbar wieder alles in bester Ordnung.
Da ich jedoch weiterhin ein ungutes Gefühl hatte, habe ich mir im Januar Spybot S&D runtergeladen. Merkwürdigerweise lief der erste Scan in Millisekunden und ohne Ergebnis durch. Danach scannte ich nochmal und der Scan dauerte mehr als eine Stunde, war jedoch auch ohne Ergebnis (außer ein paar weniger bewegende Sachen wie Cookies und so). Ausserdem führte ich einen ausführlichen Rootkit-Scan durch, mit dem ich jedoch nichts anfangen konnte. Seitdem habe ich meinen PC immer einmal wieder gescannt und ein bis dreimal konnte Spybot dann doch Malware (Adware-Amonetize!659BDC9DCA05) entdecken, aber wenn das ganze entfernen wollte, scheiterte es am speichern des "Wiederherstellungszeitpunktes". Die Malware konnte nicht entfernt und dann eine ganze Weile auch nicht wieder entdeckt werden. Nachdem ich mir ein Update von Spybot runter geladen hatte, war der erste Scan wieder verdächtig schnell (Milli-Sekunden) und natürlich auch ohne Ergebnis. Da ich mir nun nicht mehr zu helfen weiß, wende ich mich an Euch (wollte ich schon vor kurzem machen und habe deshalb mehrere Log-Dateien) Zuerst Eure Log-Dateien (die neueste jeweils zuerst) und dann noch die Log-Datei vom Rootkit-Scan aus Januar durch Spybot. Es gibt noch mehr Log-Dateien, aber ich bin nicht sicher, ob ihr die überhaupt braucht und ob das nicht ein bisschen viel wird.Mit Eurem „Gmer“ gab es jedesmal ein Problem, von dem ich ein Bildschirmfoto in OpenOffice gespeichert habe und Euch per Mail zukommen lassen könnte. Heute habe ich den PC beim GMER-Scan alleine gelassen. Als ich wieder zurück kam war mein Bildschirm schwarz und beim Runterfahren meldete mein PC das erste Mal einen Systemfehler. Nachdem ich das Ganze wieder hoch gefahren hatte, war mein McAffe wieder aktiviert. Nachdem ich den wieder deaktiviert hatte, scannte ich mit GMER und es kam wieder die erwähnte Fehlermeldung. Hier nun alle Ergebniss.

Code:
ATTFilter
GMER 2.1.19324 - hxxp://www.gmer.net
Rootkit scan 2014-02-07 10:14:18
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST320LT020-9YG142 rev.0010SDM1 298,09GB
Running: gmer.exe; Driver: C:\Users\Katja\AppData\Local\Temp\kxdcrpog.sys


---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\system32\winlogon.exe[584] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffc2eed0670 7 bytes JMP 00007ffd2ee50430
.text   C:\WINDOWS\system32\lsass.exe[644] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                        00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[708] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[752] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\System32\svchost.exe[400] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[428] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[528] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\System32\svchost.exe[784] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[472] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\System32\spoolsv.exe[1188] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[1220] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe[1532] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe[1532] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe[1532] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                   00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe[1532] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                   00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\windows\system32\mfevtps.exe[1608] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                       00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\windows\system32\mfevtps.exe[1608] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                       00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\windows\system32\mfevtps.exe[1608] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                          00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\windows\system32\mfevtps.exe[1608] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                          00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe[1724] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194          00007ffc24ba1f6a 4 bytes [BA, 24, FC, 7F]
.text   C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe[1724] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218          00007ffc24ba1f82 4 bytes [BA, 24, FC, 7F]
.text   C:\WINDOWS\system32\rundll32.exe[1844] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                    00007ffc2eed0670 7 bytes JMP 00007ffd2ee50430
.text   C:\WINDOWS\system32\rundll32.exe[1852] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                    00007ffc2eed0670 7 bytes JMP 00007ffd2ee50430
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                             00007ffc2eed0670 7 bytes JMP 00007ffd2ee50430
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                               00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                               00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                  00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                  00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2520] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506              00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2520] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514              00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2520] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                 00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2520] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                 00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2896] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506  00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2896] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514  00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2896] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118     00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2896] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142     00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\WINDOWS\system32\svchost.exe[2468] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\WINDOWS\system32\svchost.exe[3256] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffc2eed0670 7 bytes JMP 00007ffd2ee90430
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4164] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506             00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4164] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514             00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4164] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[4164] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Windows\System32\igfxpers.exe[4536] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                      00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Windows\System32\igfxpers.exe[4536] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                      00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Windows\System32\igfxpers.exe[4536] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                         00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Windows\System32\igfxpers.exe[4536] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                         00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4436] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506            00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4436] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514            00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4436] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118               00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4436] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142               00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[3604] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506            00007ffc2eb2169a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[3604] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514            00007ffc2eb216a2 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[3604] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118               00007ffc2eb2181a 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[3604] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142               00007ffc2eb21832 4 bytes [B2, 2E, FC, 7F]
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[4172] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                          00007ffc24ba1f6a 4 bytes [BA, 24, FC, 7F]
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[4172] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                          00007ffc24ba1f82 4 bytes [BA, 24, FC, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [540:564]                                                                                            fffff960008584d0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                              unknown MBR code

---- EOF - GMER 2.1 ----
         
Code:
ATTFilter
GMER 2.1.19324 - hxxp://www.gmer.net
Rootkit scan 2014-02-07 09:59:29
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST320LT020-9YG142 rev.0010SDM1 298,09GB
Running: gmer.exe; Driver: C:\Users\Katja\AppData\Local\Temp\kxdcrpog.sys


---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\system32\winlogon.exe[580] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffac3d50670 7 bytes JMP 00007ffbc3bd0430
.text   C:\WINDOWS\system32\lsass.exe[640] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                        00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[704] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[748] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\System32\svchost.exe[396] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[408] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[424] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\System32\svchost.exe[688] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[980] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                      00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\System32\spoolsv.exe[1172] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[1200] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\windows\system32\mfevtps.exe[1576] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                       00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\windows\system32\mfevtps.exe[1576] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                       00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\windows\system32\mfevtps.exe[1576] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                          00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\windows\system32\mfevtps.exe[1576] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                          00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe[1812] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194          00007ffaba221f6a 4 bytes [22, BA, FA, 7F]
.text   C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe[1812] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218          00007ffaba221f82 4 bytes [22, BA, FA, 7F]
.text   C:\WINDOWS\system32\rundll32.exe[1848] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                    00007ffac3d50670 7 bytes JMP 00007ffbc3bd0430
.text   C:\WINDOWS\system32\rundll32.exe[1856] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                    00007ffac3d50670 7 bytes JMP 00007ffbc39e0430
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                             00007ffac3d50670 7 bytes JMP 00007ffbc39e0430
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                               00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                               00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                  00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\WINDOWS\Explorer.EXE[2208] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                  00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\WINDOWS\system32\svchost.exe[2380] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2500] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506              00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2500] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514              00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2500] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                 00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe[2500] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                 00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2820] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506  00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2820] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514  00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2820] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118     00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe[2820] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142     00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\WINDOWS\system32\svchost.exe[2084] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\WINDOWS\system32\svchost.exe[2360] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                     00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\Windows\System32\igfxpers.exe[4368] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                      00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Windows\System32\igfxpers.exe[4368] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                      00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Windows\System32\igfxpers.exe[4368] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                         00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Windows\System32\igfxpers.exe[4368] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                         00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[4780] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506             00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[4780] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514             00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[4780] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[4780] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[844] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506              00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[844] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514              00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[844] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                 00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe[844] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                 00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4940] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506            00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4940] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514            00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4940] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118               00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[4940] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142               00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[5048] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506            00007ffac1c9169a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[5048] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514            00007ffac1c916a2 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[5048] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118               00007ffac1c9181a 4 bytes [C9, C1, FA, 7F]
.text   C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe[5048] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142               00007ffac1c91832 4 bytes [C9, C1, FA, 7F]
.text   C:\WINDOWS\system32\vssvc.exe[3168] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                       00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[3812] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                  00007ffac3d50670 7 bytes JMP 00007ffbc3d10430
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[3812] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                          00007ffaba221f6a 4 bytes [22, BA, FA, 7F]
.text   C:\Program Files\Windows Media Player\wmpnetwk.exe[3812] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                          00007ffaba221f82 4 bytes [22, BA, FA, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [536:560]                                                                                            fffff960008654d0

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                              unknown MBR code

---- EOF - GMER 2.1 ----
         
Code:
ATTFilter
GMER 2.1.19324 - hxxp://www.gmer.net
Rootkit scan 2014-01-21 20:22:20
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000029 ST320LT020-9YG142 rev.0010SDM1 298,09GB
Running: gmer.exe; Driver: C:\Users\Katja\AppData\Local\Temp\kxdcrpog.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                         fffff96000118700 15 bytes [00, EA, 0F, 02, 00, 7F, 6F, ...]
.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                    fffff96000118710 11 bytes [00, 1F, FC, FF, 80, 52, DE, ...]

---- User code sections - GMER 2.1 ----

.text   C:\WINDOWS\system32\lsass.exe[624] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                             00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\system32\svchost.exe[688] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\system32\svchost.exe[720] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\System32\svchost.exe[260] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\system32\svchost.exe[396] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa27e30430
.text   C:\WINDOWS\system32\svchost.exe[452] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\System32\svchost.exe[628] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa27e30430
.text   C:\WINDOWS\system32\svchost.exe[996] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                           00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\System32\spoolsv.exe[1184] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                          00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\system32\svchost.exe[1208] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                          00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                                  00007ff928050670 7 bytes JMP 00007ffa27e30430
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                    00007ff92617169a 4 bytes [17, 26, F9, 7F]
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                    00007ff9261716a2 4 bytes [17, 26, F9, 7F]
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                       00007ff92617181a 4 bytes [17, 26, F9, 7F]
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                       00007ff926171832 4 bytes [17, 26, F9, 7F]
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194                                          00007ff91dd01f6a 4 bytes [D0, 1D, F9, 7F]
.text   C:\WINDOWS\Explorer.EXE[2320] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218                                          00007ff91dd01f82 4 bytes [D0, 1D, F9, 7F]
.text   C:\WINDOWS\system32\svchost.exe[3032] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                          00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\system32\svchost.exe[2148] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                          00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\WINDOWS\System32\svchost.exe[5880] C:\WINDOWS\SYSTEM32\ntdll.dll!LdrLoadDll                                          00007ff928050670 7 bytes JMP 00007ffa28010430
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[8664] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506  00007ff92617169a 4 bytes [17, 26, F9, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[8664] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514  00007ff9261716a2 4 bytes [17, 26, F9, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[8664] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118     00007ff92617181a 4 bytes [17, 26, F9, 7F]
.text   C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe[8664] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142     00007ff926171832 4 bytes [17, 26, F9, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [528:8952]                                                                                fffff960008974d0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1964]                 0000000071ca814e
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:212]                  0000000071d2fd2c
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1676]                 0000000076f84c23
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1640]                 0000000074f8ffa8
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1700]                 000000006ff46134
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:5040]                 000000006d907c1b
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:796]                  0000000076f84c23
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2248]                 0000000076f84c23
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:5108]                 0000000075b65264
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4292]                 000000006b3ba08f
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2648]                 0000000076f84c23
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2840]                 0000000069534de8
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4296]                 0000000069534de8
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:668]                  0000000069534de8
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:5028]                 0000000069534de8
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3576]                 000000006861f3a0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3552]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1152]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2952]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3408]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:376]                  000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:5052]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3680]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2652]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3804]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2468]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:5092]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:5112]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1436]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:424]                  000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4524]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2948]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4316]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3352]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3396]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3548]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3588]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3584]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3572]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2260]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:588]                  000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4864]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:1236]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4220]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3732]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2656]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4248]                 000000006861f3f0
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:3852]                 0000000074f92ebc
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4328]                 0000000071d2fd2c
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:2528]                 0000000071d2fd2c
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4948]                 0000000071d2fd2c
Thread  C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe [4396:4612]                 0000000071c24208

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                   unknown MBR code

---- EOF - GMER 2.1 ----
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Katja (administrator) on KATJASNETBOOK on 07-02-2014 09:33:59
Running from C:\Users\Katja\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.1.1312.2401_x86__8wekyb3d8bbwe\Solitaire.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_2.1.1312.2409_x86__8wekyb3d8bbwe\Minesweeper.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [McAfeeWrapperApplication] - C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe [453344 2011-05-11] (McAfee, Inc.)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - [X]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2693933126-1470808564-1985995006-1001\...\Run: [AcerCloud] - C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18222336 2013-12-04] (Acer Incorporated)
HKU\S-1-5-21-2693933126-1470808564-1985995006-1001\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {BF18DC60-61D4-4CCD-8AD2-AB24B365DE47} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {BF18DC60-61D4-4CCD-8AD2-AB24B365DE47} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {7C730DA2-C8DA-4622-B792-C6C76AC6D4D4} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzy0FtAzy0E0B0DtD0A0BtN0D0Tzu0CyBtBtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1038555440&ir=
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DuckDuckGo Plus - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-18]
FF Extension: NoTrace - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\Extensions\notrace@unisa.it.xpi [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-20]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-20]

Chrome: 
=======
CHR HomePage: hxxp://feed.snap.do/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=92f443c9-0a2c-4c80-9be7-a2ec555431c8&searchtype=hp&installDate={installDate}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Angry Birds) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-05-26]
CHR Extension: (Google Docs) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-19]
CHR Extension: (Google Drive) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-19]
CHR Extension: (YouTube) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-19]
CHR Extension: (Google-Suche) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-19]
CHR Extension: (Multiple Account Checker for Gmailâ„¢) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2013-09-09]
CHR Extension: (SiteAdvisor) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-19]
CHR Extension: (Animated Lion Theme) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jckhkbpmpbglbdkachfmedhpckaghenn [2013-05-24]
CHR Extension: (Scriffon) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcogdkjlajlgojgnjaiojdfepaakkea [2013-09-09]
CHR Extension: (WordPress.com) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2013-09-11]
CHR Extension: (Checkthis) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgkcpocjciadmnmilkhnhcnfbddcbidp [2013-09-09]
CHR Extension: (Google Maps) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-05-26]
CHR Extension: (Google Wallet) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Outlook.com) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2013-06-01]
CHR Extension: (Google Mail) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-02-05]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-04] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-23] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-28] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-28] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-27] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-07 09:33 - 2014-02-07 09:33 - 00000000 ____D () C:\Users\Katja\Downloads\FRST-OlderVersion
2014-02-07 09:32 - 2014-02-07 09:32 - 00000472 _____ () C:\WINDOWS\SysWOW64\defogger_disable.log
2014-02-07 08:29 - 2014-02-05 18:59 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140207-082908.backup
2014-02-05 18:59 - 2014-01-25 10:45 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140205-185954.backup
2014-02-02 07:42 - 2014-02-02 07:51 - 00000000 ____D () C:\Users\Katja\AppData\Local\Adobe
2014-01-26 20:34 - 2014-01-26 20:34 - 00002384 _____ () C:\Users\Public\Desktop\Spiel Royal Envoy - Campaign for the Crown Sammleredition.lnk
2014-01-26 20:32 - 2014-01-26 20:34 - 00000000 ____D () C:\Program Files (x86)\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:32 - 2014-01-26 20:32 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:02 - 2014-01-26 20:02 - 00236648 _____ (Big Fish Games) C:\Users\Katja\Downloads\bigfishgames_p203360593_s2_l2.exe
2014-01-26 17:47 - 2014-01-26 18:16 - 307143568 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigsKroneSE.exe
2014-01-26 14:47 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\BC Soft Games
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\ProgramData\BC Soft Games
2014-01-25 16:13 - 2014-01-25 16:13 - 00000000 ____D () C:\ProgramData\Big Fish Games
2014-01-25 14:21 - 2014-01-25 14:21 - 00000000 ____D () C:\ProgramData\ScreenSeven
2014-01-25 14:15 - 2014-01-25 14:18 - 27147304 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\MoorhuhnJDF.exe
2014-01-25 10:45 - 2014-01-19 10:20 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140125-104530.backup
2014-01-23 17:14 - 2014-01-23 17:15 - 00546095 ____T () C:\Users\Katja\Desktop\Was wir mit dem Bösen machen sollen.oxps
2014-01-23 13:33 - 2014-01-23 13:33 - 00000000 ____D () C:\ProgramData\Melesta
2014-01-23 13:22 - 2014-01-23 13:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-01-21 20:22 - 2014-01-21 20:22 - 00012869 _____ () C:\Users\Katja\Desktop\gmer.txt
2014-01-21 20:21 - 2014-01-21 20:21 - 00533567 _____ () C:\Users\Katja\Desktop\gmer fehlermeldung.odt
2014-01-21 20:01 - 2014-01-21 20:01 - 00039226 _____ () C:\Users\Katja\Desktop\FRST.txt
2014-01-21 12:17 - 2014-01-21 12:17 - 00026209 _____ () C:\Users\Katja\Desktop\Addition.txt
2014-01-21 12:14 - 2014-01-21 12:15 - 00370672 _____ () C:\Users\Katja\Downloads\gmer_2.1.19324.zip
2014-01-21 12:12 - 2014-01-21 12:16 - 00026209 _____ () C:\Users\Katja\Downloads\Addition.txt
2014-01-21 12:08 - 2014-02-07 09:33 - 00022592 _____ () C:\Users\Katja\Downloads\FRST.txt
2014-01-21 12:08 - 2014-02-07 09:33 - 00000000 ____D () C:\FRST
2014-01-21 12:07 - 2014-02-07 09:33 - 02079744 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2014-01-21 12:05 - 2014-01-21 12:05 - 00000472 _____ () C:\Users\Katja\Downloads\defogger_disable.log
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 _____ () C:\Users\Katja\defogger_reenable
2014-01-21 12:03 - 2014-01-21 12:03 - 00050477 _____ () C:\Users\Katja\Downloads\Defogger.exe
2014-01-21 11:29 - 2014-01-21 11:29 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017 (1).exe
2014-01-21 11:23 - 2014-01-21 11:23 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-01-21 11:15 - 2014-01-21 11:20 - 00000000 ____D () C:\AdwCleaner
2014-01-21 11:15 - 2014-01-21 11:15 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017.exe
2014-01-20 15:05 - 2014-01-20 15:12 - 84628320 _____ () C:\Users\Katja\Downloads\derek_prince_die_letzte_grosse_erschuetterung_DV9007GE_1.flv
2014-01-19 11:19 - 2014-01-19 11:19 - 00000000 ____D () C:\Users\Katja\Documents\ProcAlyzer Dumps
2014-01-19 10:20 - 2013-08-22 14:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140119-102057.backup
2014-01-19 09:23 - 2014-01-19 09:23 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-19 09:22 - 2014-02-07 09:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-01-19 09:22 - 2014-01-19 09:22 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-19 09:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-01-19 09:21 - 2014-01-19 15:04 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-19 09:19 - 2014-01-19 09:20 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Katja\Downloads\nw_27341_spybotexe.exe
2014-01-16 15:58 - 2014-01-16 16:02 - 00000000 ____D () C:\a2f621b105c6fcd8f273d7
2014-01-16 10:45 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-16 10:45 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-16 10:45 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-16 10:45 - 2013-11-27 11:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-16 10:45 - 2013-11-27 10:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-16 10:45 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-16 10:45 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-16 10:45 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-16 10:45 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-16 10:45 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-16 10:45 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-11 16:55 - 2014-01-11 16:55 - 00532792 ____T () C:\Users\Katja\Desktop\Adresse Kuks 2.oxps
2014-01-11 16:54 - 2014-01-11 16:54 - 00572768 ____T () C:\Users\Katja\Desktop\Adresse Kuks Bielefeld.oxps
2014-01-10 19:16 - 2014-01-10 19:16 - 00002079 _____ () C:\Users\Public\Desktop\McAfee Online-Backup-Service konfigurieren.lnk
2014-01-08 18:20 - 2014-01-08 18:22 - 49651360 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\ZeitDerAbenteuerDerHeldInDir.exe
2014-01-08 16:59 - 2014-01-08 17:04 - 128349592 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigs.exe
2014-01-08 14:16 - 2014-01-08 14:16 - 00545166 _____ () C:\Users\Katja\Documents\Antwort  Fw  DELIVERY FAILURE  User christoph.nordmeyer (christ.oxps
2014-01-08 14:15 - 2014-01-08 14:15 - 00214123 _____ () C:\Users\Katja\Documents\Kaufvertrag Monika Noack Katja Funke.oxps
2014-01-08 14:13 - 2014-01-08 14:13 - 00212594 _____ () C:\Users\Katja\Documents\Verkauf meiner Wohnung  Hausgeld Januar.oxps

==================== One Month Modified Files and Folders =======

2014-02-07 09:35 - 2014-01-21 12:08 - 00022592 _____ () C:\Users\Katja\Downloads\FRST.txt
2014-02-07 09:33 - 2014-02-07 09:33 - 00000000 ____D () C:\Users\Katja\Downloads\FRST-OlderVersion
2014-02-07 09:33 - 2014-01-21 12:08 - 00000000 ____D () C:\FRST
2014-02-07 09:33 - 2014-01-21 12:07 - 02079744 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2014-02-07 09:32 - 2014-02-07 09:32 - 00000472 _____ () C:\WINDOWS\SysWOW64\defogger_disable.log
2014-02-07 09:26 - 2014-01-19 09:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-07 09:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-07 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-07 08:45 - 2013-05-18 11:19 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-07 08:45 - 2013-05-02 15:57 - 00000000 ____D () C:\Users\Katja\AppData\Local\CrashDumps
2014-02-07 08:45 - 2013-04-21 14:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-07 08:15 - 2013-11-27 14:44 - 01554117 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-07 08:04 - 2013-04-21 09:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2693933126-1470808564-1985995006-1001
2014-02-07 07:55 - 2013-02-13 13:55 - 00000000 __RSD () C:\Users\Katja\Documents\McAfee-Tresore
2014-02-07 07:54 - 2013-11-28 11:38 - 00000000 __RDO () C:\Users\Katja\SkyDrive
2014-02-07 07:54 - 2013-05-18 11:21 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-07 07:52 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-07 07:52 - 2013-05-18 11:19 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 21:49 - 2013-08-22 14:25 - 02097152 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-06 07:37 - 2013-06-20 12:46 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-06 07:36 - 2013-09-29 20:04 - 00010296 _____ () C:\WINDOWS\PFRO.log
2014-02-05 18:59 - 2014-02-07 08:29 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140207-082908.backup
2014-02-05 09:45 - 2013-04-21 14:52 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-02 07:51 - 2014-02-02 07:42 - 00000000 ____D () C:\Users\Katja\AppData\Local\Adobe
2014-02-02 07:38 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-01-31 14:41 - 2012-08-09 14:01 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 09:55 - 2013-08-18 08:16 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-01-27 08:30 - 2014-01-01 12:00 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-01-26 22:50 - 2013-10-27 14:44 - 00000000 ____D () C:\BigFishCache
2014-01-26 20:38 - 2013-11-20 17:07 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Playrix Entertainment
2014-01-26 20:34 - 2014-01-26 20:34 - 00002384 _____ () C:\Users\Public\Desktop\Spiel Royal Envoy - Campaign for the Crown Sammleredition.lnk
2014-01-26 20:34 - 2014-01-26 20:32 - 00000000 ____D () C:\Program Files (x86)\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:32 - 2014-01-26 20:32 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:02 - 2014-01-26 20:02 - 00236648 _____ (Big Fish Games) C:\Users\Katja\Downloads\bigfishgames_p203360593_s2_l2.exe
2014-01-26 19:47 - 2013-08-27 16:19 - 00002520 ____N () C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2014-01-26 18:36 - 2014-01-01 11:57 - 00001155 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2014-01-26 18:16 - 2014-01-26 17:47 - 307143568 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigsKroneSE.exe
2014-01-26 15:30 - 2013-11-28 09:03 - 00454656 ___SH () C:\Users\Katja\Desktop\Thumbs.db
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\BC Soft Games
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\ProgramData\BC Soft Games
2014-01-25 16:13 - 2014-01-25 16:13 - 00000000 ____D () C:\ProgramData\Big Fish Games
2014-01-25 14:21 - 2014-01-25 14:21 - 00000000 ____D () C:\ProgramData\ScreenSeven
2014-01-25 14:18 - 2014-01-25 14:15 - 27147304 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\MoorhuhnJDF.exe
2014-01-25 10:45 - 2014-02-05 18:59 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140205-185954.backup
2014-01-23 17:15 - 2014-01-23 17:14 - 00546095 ____T () C:\Users\Katja\Desktop\Was wir mit dem Bösen machen sollen.oxps
2014-01-23 13:33 - 2014-01-23 13:33 - 00000000 ____D () C:\ProgramData\Melesta
2014-01-23 13:22 - 2014-01-23 13:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-01-23 13:21 - 2012-08-09 13:54 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-01-22 10:06 - 2013-03-06 10:29 - 00000000 ____D () C:\Users\Katja\Documents\Dokumente
2014-01-21 20:22 - 2014-01-21 20:22 - 00012869 _____ () C:\Users\Katja\Desktop\gmer.txt
2014-01-21 20:21 - 2014-01-21 20:21 - 00533567 _____ () C:\Users\Katja\Desktop\gmer fehlermeldung.odt
2014-01-21 20:01 - 2014-01-21 20:01 - 00039226 _____ () C:\Users\Katja\Desktop\FRST.txt
2014-01-21 12:17 - 2014-01-21 12:17 - 00026209 _____ () C:\Users\Katja\Desktop\Addition.txt
2014-01-21 12:16 - 2014-01-21 12:12 - 00026209 _____ () C:\Users\Katja\Downloads\Addition.txt
2014-01-21 12:15 - 2014-01-21 12:14 - 00370672 _____ () C:\Users\Katja\Downloads\gmer_2.1.19324.zip
2014-01-21 12:05 - 2014-01-21 12:05 - 00000472 _____ () C:\Users\Katja\Downloads\defogger_disable.log
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 _____ () C:\Users\Katja\defogger_reenable
2014-01-21 12:05 - 2013-11-27 14:15 - 00000000 ____D () C:\Users\Katja
2014-01-21 12:03 - 2014-01-21 12:03 - 00050477 _____ () C:\Users\Katja\Downloads\Defogger.exe
2014-01-21 11:29 - 2014-01-21 11:29 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017 (1).exe
2014-01-21 11:26 - 2013-12-05 09:15 - 00000000 ____D () C:\Users\Katja\Desktop\Alte Firefox-Daten
2014-01-21 11:23 - 2014-01-21 11:23 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-01-21 11:20 - 2014-01-21 11:15 - 00000000 ____D () C:\AdwCleaner
2014-01-21 11:15 - 2014-01-21 11:15 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017.exe
2014-01-20 15:12 - 2014-01-20 15:05 - 84628320 _____ () C:\Users\Katja\Downloads\derek_prince_die_letzte_grosse_erschuetterung_DV9007GE_1.flv
2014-01-19 15:04 - 2014-01-19 09:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-19 11:19 - 2014-01-19 11:19 - 00000000 ____D () C:\Users\Katja\Documents\ProcAlyzer Dumps
2014-01-19 10:20 - 2014-01-25 10:45 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140125-104530.backup
2014-01-19 09:23 - 2014-01-19 09:23 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-19 09:22 - 2014-01-19 09:22 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-19 09:20 - 2014-01-19 09:19 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Katja\Downloads\nw_27341_spybotexe.exe
2014-01-17 11:39 - 2012-11-13 01:51 - 00000000 ____D () C:\Users\Katja\AppData\Local\Packages
2014-01-16 21:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-16 16:02 - 2014-01-16 15:58 - 00000000 ____D () C:\a2f621b105c6fcd8f273d7
2014-01-16 16:02 - 2013-07-20 17:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-16 15:58 - 2013-04-21 11:25 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-11 16:55 - 2014-01-11 16:55 - 00532792 ____T () C:\Users\Katja\Desktop\Adresse Kuks 2.oxps
2014-01-11 16:54 - 2014-01-11 16:54 - 00572768 ____T () C:\Users\Katja\Desktop\Adresse Kuks Bielefeld.oxps
2014-01-10 19:20 - 2013-07-02 14:01 - 00001308 _____ () C:\Users\Katja\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2014-01-10 19:16 - 2014-01-10 19:16 - 00002079 _____ () C:\Users\Public\Desktop\McAfee Online-Backup-Service konfigurieren.lnk
2014-01-08 18:22 - 2014-01-08 18:20 - 49651360 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\ZeitDerAbenteuerDerHeldInDir.exe
2014-01-08 17:28 - 2014-01-01 13:02 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Intenium
2014-01-08 17:04 - 2014-01-08 16:59 - 128349592 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigs.exe
2014-01-08 15:04 - 2013-05-17 11:01 - 00000000 ____D () C:\Users\Katja\Documents\Ausdrucken
2014-01-08 14:16 - 2014-01-08 14:16 - 00545166 _____ () C:\Users\Katja\Documents\Antwort  Fw  DELIVERY FAILURE  User christoph.nordmeyer (christ.oxps
2014-01-08 14:15 - 2014-01-08 14:15 - 00214123 _____ () C:\Users\Katja\Documents\Kaufvertrag Monika Noack Katja Funke.oxps
2014-01-08 14:13 - 2014-01-08 14:13 - 00212594 _____ () C:\Users\Katja\Documents\Verkauf meiner Wohnung  Hausgeld Januar.oxps

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-06 11:32

==================== End Of Log ============================
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-01-2014
Ran by Katja (administrator) on KATJASNETBOOK on 21-01-2014 12:08:55
Running from C:\Users\Katja\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.Taptiles_1.8.0.31101_x86__8wekyb3d8bbwe\Taptiles.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
() C:\Program Files (x86)\MediaHuman\YouTube to MP3 Converter\YouTubeToMp3.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
() C:\Program Files (x86)\Opera\18.0.1284.68\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\18.0.1284.68\opera.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\iron.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [McAfeeWrapperApplication] - C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe [453344 2011-05-11] (McAfee, Inc.)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - [x]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKCU\...\Run: [AcerCloud] - C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18222336 2013-12-04] (Acer Incorporated)
HKU\Administrator\...\RunOnce: [WAB Migrate] - C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Windows\regedit.exe [151552 2013-08-22] (Microsoft Corporation)
AppInit_DLLs-x32:  => File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {BF18DC60-61D4-4CCD-8AD2-AB24B365DE47} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {BF18DC60-61D4-4CCD-8AD2-AB24B365DE47} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - {7C730DA2-C8DA-4622-B792-C6C76AC6D4D4} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=md1202&cd=2XzuyEtN2Y1L1Qzu0Bzzzzzz0EtAzy0FtAzy0E0B0DtD0A0BtN0D0Tzu0CyBtBtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1038555440&ir=
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DuckDuckGo Plus - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-20]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-20]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel\u00C2\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel\u00C2\u00AE Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Angry Birds) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-05-26]
CHR Extension: (Google Docs) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-19]
CHR Extension: (Google Drive) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-19]
CHR Extension: (YouTube) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-19]
CHR Extension: (Google-Suche) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-19]
CHR Extension: (Multiple Account Checker for Gmail\u00E2\u201E\u00A2) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2013-09-09]
CHR Extension: (SiteAdvisor) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-19]
CHR Extension: (Animated Lion Theme) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jckhkbpmpbglbdkachfmedhpckaghenn [2013-05-24]
CHR Extension: (Scriffon) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcogdkjlajlgojgnjaiojdfepaakkea [2013-09-09]
CHR Extension: (WordPress.com) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2013-09-11]
CHR Extension: (Checkthis) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgkcpocjciadmnmilkhnhcnfbddcbidp [2013-09-09]
CHR Extension: (Google Maps) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-05-26]
CHR Extension: (Google Wallet) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (MySearchDial) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2013-12-20]
CHR Extension: (Outlook.com) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2013-06-01]
CHR Extension: (Google Mail) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-01-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

U2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-04] (Acer Incorporated)
U3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
U3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
U2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2013-12-21] (WildTangent)
U2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
U2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-07] (McAfee, Inc.)
U2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
U2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
U2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
U3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
U2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
U2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
U2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-28] (McAfee, Inc.)
U2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-11-26] (McAfee, Inc.)
U2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
U2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
U2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
U2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
U2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
U3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
U2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
U2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
U2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
U2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
U3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
U3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
U3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
U3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
U2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
U1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-28] (McAfee, Inc.)
U2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
U0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
U3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
U2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
U3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
U3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
U2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
U1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-27] (Microsoft Corporation)
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 12:08 - 2014-01-21 12:10 - 00023790 _____ C:\Users\Katja\Downloads\FRST.txt
2014-01-21 12:08 - 2014-01-21 12:08 - 00000000 ____D C:\FRST
2014-01-21 12:07 - 2014-01-21 12:07 - 02077184 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2014-01-21 12:05 - 2014-01-21 12:05 - 00000472 _____ C:\Users\Katja\Downloads\defogger_disable.log
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 _____ C:\Users\Katja\defogger_reenable
2014-01-21 12:03 - 2014-01-21 12:03 - 00050477 _____ C:\Users\Katja\Downloads\Defogger.exe
2014-01-21 11:29 - 2014-01-21 11:29 - 01236282 _____ C:\Users\Katja\Downloads\adwcleaner_3.017 (1).exe
2014-01-21 11:23 - 2014-01-21 11:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-21 11:15 - 2014-01-21 11:20 - 00000000 ____D C:\AdwCleaner
2014-01-21 11:15 - 2014-01-21 11:15 - 01236282 _____ C:\Users\Katja\Downloads\adwcleaner_3.017.exe
2014-01-20 15:05 - 2014-01-20 15:12 - 84628320 _____ C:\Users\Katja\Downloads\derek_prince_die_letzte_grosse_erschuetterung_DV9007GE_1.flv
2014-01-19 11:19 - 2014-01-19 11:19 - 00000000 ____D C:\Users\Katja\Documents\ProcAlyzer Dumps
2014-01-19 10:20 - 2013-08-22 14:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20140119-102057.backup
2014-01-19 09:23 - 2014-01-19 09:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-19 09:22 - 2014-01-19 11:09 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-19 09:22 - 2014-01-19 09:22 - 00001399 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-19 09:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-01-19 09:21 - 2014-01-19 15:04 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-19 09:19 - 2014-01-19 09:20 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Katja\Downloads\nw_27341_spybotexe.exe
2014-01-16 15:58 - 2014-01-16 16:02 - 00000000 ____D C:\a2f621b105c6fcd8f273d7
2014-01-16 10:45 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-16 10:45 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-16 10:45 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-16 10:45 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-16 10:45 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-16 10:45 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-16 10:45 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-16 10:45 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-16 10:45 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-16 10:45 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-16 10:45 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-11 16:55 - 2014-01-11 16:55 - 00532792 ____T C:\Users\Katja\Desktop\Adresse Kuks 2.oxps
2014-01-11 16:54 - 2014-01-11 16:54 - 00572768 ____T C:\Users\Katja\Desktop\Adresse Kuks Bielefeld.oxps
2014-01-10 19:16 - 2014-01-10 19:16 - 00002079 _____ C:\Users\Public\Desktop\McAfee Online-Backup-Service konfigurieren.lnk
2014-01-08 18:20 - 2014-01-08 18:22 - 49651360 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\ZeitDerAbenteuerDerHeldInDir.exe
2014-01-08 16:59 - 2014-01-08 17:04 - 128349592 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigs.exe
2014-01-08 14:16 - 2014-01-08 14:16 - 00545166 _____ C:\Users\Katja\Documents\Antwort  Fw  DELIVERY FAILURE  User christoph.nordmeyer (christ.oxps
2014-01-08 14:15 - 2014-01-08 14:15 - 00214123 _____ C:\Users\Katja\Documents\Kaufvertrag Monika Noack Katja Funke.oxps
2014-01-08 14:13 - 2014-01-08 14:13 - 00212594 _____ C:\Users\Katja\Documents\Verkauf meiner Wohnung  Hausgeld Januar.oxps
2014-01-03 18:01 - 2014-01-03 20:22 - 00000000 ____D C:\Users\Katja\AppData\Roaming\WildTangent Roads Of Rome 3
2014-01-02 13:34 - 2014-01-02 13:34 - 00000000 ____D C:\ProgramData\Intenium
2014-01-02 13:19 - 2014-01-02 13:19 - 19873128 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\HuehnerRacheDeluxe (1).exe
2014-01-01 14:22 - 2014-01-02 13:35 - 00000000 ____D C:\Users\Katja\AppData\Roaming\ScreenSeven
2014-01-01 14:22 - 2014-01-01 14:23 - 19880952 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\HuehnerRacheDeluxe.exe
2014-01-01 14:21 - 2014-01-01 14:21 - 00001345 _____ C:\Users\Public\Desktop\Beetle Ju 2 VOLLVERSION.lnk
2014-01-01 13:02 - 2014-01-08 17:28 - 00000000 ____D C:\Users\Katja\AppData\Roaming\Intenium
2014-01-01 12:00 - 2014-01-08 18:26 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-01-01 11:58 - 2014-01-01 11:59 - 03234774 _____ C:\Users\Katja\Downloads\dict-de_de-igerman98_2011-06-21.oxt
2014-01-01 11:57 - 2014-01-08 18:26 - 00001155 _____ C:\Users\Public\Desktop\GAME CENTER.lnk
2014-01-01 11:57 - 2014-01-01 11:57 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2014-01-01 11:53 - 2014-01-01 11:55 - 41672928 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\HuhnerRacheDeluxe.exe
2014-01-01 11:51 - 2014-01-01 11:53 - 53728844 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\BeetleJu2.exe
2013-12-31 14:59 - 2013-12-31 15:05 - 163606685 _____ C:\Users\Katja\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de (2).exe
2013-12-31 13:37 - 2013-12-31 13:38 - 00000000 ____D C:\Users\Katja\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
2013-12-31 13:14 - 2013-12-31 13:14 - 00606104 _____ C:\Users\Katja\Downloads\openoffice setup.exe
2013-12-31 13:00 - 2013-12-31 13:08 - 163606685 _____ C:\Users\Katja\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de (1).exe
2013-12-30 16:04 - 2013-12-30 16:05 - 00000000 ____D C:\Users\Katja\AppData\Roaming\Realore_Whiterra Roads Of Rome 2
2013-12-29 19:50 - 2013-12-29 19:50 - 00000000 ____D C:\Users\Katja\AppData\Roaming\FirstColony
2013-12-22 19:13 - 2013-12-22 19:13 - 00000000 ____D C:\Users\Katja\AppData\Roaming\ZOG

==================== One Month Modified Files and Folders =======

2014-01-21 12:10 - 2014-01-21 12:08 - 00023790 _____ C:\Users\Katja\Downloads\FRST.txt
2014-01-21 12:08 - 2014-01-21 12:08 - 00000000 ____D C:\FRST
2014-01-21 12:07 - 2014-01-21 12:07 - 02077184 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2014-01-21 12:05 - 2014-01-21 12:05 - 00000472 _____ C:\Users\Katja\Downloads\defogger_disable.log
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 _____ C:\Users\Katja\defogger_reenable
2014-01-21 12:05 - 2013-11-27 14:15 - 00000000 ____D C:\Users\Katja
2014-01-21 12:03 - 2014-01-21 12:03 - 00050477 _____ C:\Users\Katja\Downloads\Defogger.exe
2014-01-21 12:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-21 11:45 - 2013-05-18 11:19 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-21 11:45 - 2013-04-21 14:52 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-21 11:39 - 2013-03-06 10:29 - 00000000 ____D C:\Users\Katja\Documents\Dokumente
2014-01-21 11:38 - 2013-11-27 14:44 - 01330136 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-21 11:29 - 2014-01-21 11:29 - 01236282 _____ C:\Users\Katja\Downloads\adwcleaner_3.017 (1).exe
2014-01-21 11:28 - 2013-04-21 09:22 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2693933126-1470808564-1985995006-1001
2014-01-21 11:26 - 2013-12-05 09:15 - 00000000 ____D C:\Users\Katja\Desktop\Alte Firefox-Daten
2014-01-21 11:26 - 2013-11-28 11:38 - 00000000 __RDO C:\Users\Katja\SkyDrive
2014-01-21 11:25 - 2013-05-18 11:21 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-21 11:25 - 2013-02-13 13:55 - 00000000 __RSD C:\Users\Katja\Documents\McAfee-Tresore
2014-01-21 11:24 - 2013-05-18 11:19 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-21 11:23 - 2014-01-21 11:23 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-21 11:23 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-21 11:22 - 2013-08-22 14:25 - 02097152 ___SH C:\WINDOWS\system32\config\BBI
2014-01-21 11:20 - 2014-01-21 11:15 - 00000000 ____D C:\AdwCleaner
2014-01-21 11:15 - 2014-01-21 11:15 - 01236282 _____ C:\Users\Katja\Downloads\adwcleaner_3.017.exe
2014-01-20 15:12 - 2014-01-20 15:05 - 84628320 _____ C:\Users\Katja\Downloads\derek_prince_die_letzte_grosse_erschuetterung_DV9007GE_1.flv
2014-01-20 09:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2014-01-19 15:04 - 2014-01-19 09:21 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-19 11:20 - 2013-05-02 15:57 - 00000000 ____D C:\Users\Katja\AppData\Local\CrashDumps
2014-01-19 11:19 - 2014-01-19 11:19 - 00000000 ____D C:\Users\Katja\Documents\ProcAlyzer Dumps
2014-01-19 11:09 - 2014-01-19 09:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-19 09:23 - 2014-01-19 09:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-19 09:22 - 2014-01-19 09:22 - 00001399 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-19 09:20 - 2014-01-19 09:19 - 40658208 _____ (Safer-Networking Ltd.                                       ) C:\Users\Katja\Downloads\nw_27341_spybotexe.exe
2014-01-18 08:21 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2014-01-17 11:39 - 2012-11-13 01:51 - 00000000 ____D C:\Users\Katja\AppData\Local\Packages
2014-01-17 07:00 - 2013-09-29 20:04 - 00007728 _____ C:\WINDOWS\PFRO.log
2014-01-17 07:00 - 2013-06-20 12:46 - 00000000 ____D C:\Program Files (x86)\McAfee
2014-01-16 21:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-16 17:57 - 2012-08-09 14:01 - 00000000 ____D C:\Program Files\Common Files\mcafee
2014-01-16 16:02 - 2014-01-16 15:58 - 00000000 ____D C:\a2f621b105c6fcd8f273d7
2014-01-16 16:02 - 2013-07-20 17:35 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 15:58 - 2013-04-21 11:25 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-14 10:07 - 2013-11-28 09:03 - 00424448 ___SH C:\Users\Katja\Desktop\Thumbs.db
2014-01-11 16:55 - 2014-01-11 16:55 - 00532792 ____T C:\Users\Katja\Desktop\Adresse Kuks 2.oxps
2014-01-11 16:54 - 2014-01-11 16:54 - 00572768 ____T C:\Users\Katja\Desktop\Adresse Kuks Bielefeld.oxps
2014-01-10 19:32 - 2013-08-27 16:19 - 00002520 ____N C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2014-01-10 19:20 - 2013-07-02 14:01 - 00001308 _____ C:\Users\Katja\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2014-01-10 19:16 - 2014-01-10 19:16 - 00002079 _____ C:\Users\Public\Desktop\McAfee Online-Backup-Service konfigurieren.lnk
2014-01-08 18:26 - 2014-01-01 12:00 - 00000000 ____D C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-01-08 18:26 - 2014-01-01 11:57 - 00001155 _____ C:\Users\Public\Desktop\GAME CENTER.lnk
2014-01-08 18:22 - 2014-01-08 18:20 - 49651360 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\ZeitDerAbenteuerDerHeldInDir.exe
2014-01-08 17:28 - 2014-01-01 13:02 - 00000000 ____D C:\Users\Katja\AppData\Roaming\Intenium
2014-01-08 17:04 - 2014-01-08 16:59 - 128349592 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigs.exe
2014-01-08 15:04 - 2013-05-17 11:01 - 00000000 ____D C:\Users\Katja\Documents\Ausdrucken
2014-01-08 14:16 - 2014-01-08 14:16 - 00545166 _____ C:\Users\Katja\Documents\Antwort  Fw  DELIVERY FAILURE  User christoph.nordmeyer (christ.oxps
2014-01-08 14:15 - 2014-01-08 14:15 - 00214123 _____ C:\Users\Katja\Documents\Kaufvertrag Monika Noack Katja Funke.oxps
2014-01-08 14:13 - 2014-01-08 14:13 - 00212594 _____ C:\Users\Katja\Documents\Verkauf meiner Wohnung  Hausgeld Januar.oxps
2014-01-06 23:31 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-03 20:22 - 2014-01-03 18:01 - 00000000 ____D C:\Users\Katja\AppData\Roaming\WildTangent Roads Of Rome 3
2014-01-03 17:40 - 2013-10-27 14:44 - 00000000 ____D C:\BigFishCache
2014-01-02 13:35 - 2014-01-01 14:22 - 00000000 ____D C:\Users\Katja\AppData\Roaming\ScreenSeven
2014-01-02 13:34 - 2014-01-02 13:34 - 00000000 ____D C:\ProgramData\Intenium
2014-01-02 13:19 - 2014-01-02 13:19 - 19873128 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\HuehnerRacheDeluxe (1).exe
2014-01-01 14:23 - 2014-01-01 14:22 - 19880952 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\HuehnerRacheDeluxe.exe
2014-01-01 14:21 - 2014-01-01 14:21 - 00001345 _____ C:\Users\Public\Desktop\Beetle Ju 2 VOLLVERSION.lnk
2014-01-01 11:59 - 2014-01-01 11:58 - 03234774 _____ C:\Users\Katja\Downloads\dict-de_de-igerman98_2011-06-21.oxt
2014-01-01 11:57 - 2014-01-01 11:57 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2014-01-01 11:55 - 2014-01-01 11:53 - 41672928 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\HuhnerRacheDeluxe.exe
2014-01-01 11:53 - 2014-01-01 11:51 - 53728844 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\BeetleJu2.exe
2013-12-31 15:05 - 2013-12-31 14:59 - 163606685 _____ C:\Users\Katja\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de (2).exe
2013-12-31 13:38 - 2013-12-31 13:37 - 00000000 ____D C:\Users\Katja\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
2013-12-31 13:14 - 2013-12-31 13:14 - 00606104 _____ C:\Users\Katja\Downloads\openoffice setup.exe
2013-12-31 13:10 - 2013-08-14 10:26 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-12-31 13:08 - 2013-12-31 13:00 - 163606685 _____ C:\Users\Katja\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de (1).exe
2013-12-30 16:05 - 2013-12-30 16:04 - 00000000 ____D C:\Users\Katja\AppData\Roaming\Realore_Whiterra Roads Of Rome 2
2013-12-29 19:50 - 2013-12-29 19:50 - 00000000 ____D C:\Users\Katja\AppData\Roaming\FirstColony
2013-12-26 09:33 - 2013-06-22 17:41 - 00000000 ____D C:\ProgramData\Cateia Games
2013-12-23 14:59 - 2013-08-06 15:03 - 00000000 ____D C:\Users\Katja\AppData\Roaming\aliasworlds
2013-12-22 19:13 - 2013-12-22 19:13 - 00000000 ____D C:\Users\Katja\AppData\Roaming\ZOG

Some content of TEMP:
====================
C:\Users\Katja\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-20 09:50

==================== End Of Log ============================
         

Alt 07.02.2014, 12:08   #2
schrauber
/// the machine
/// TB-Ausbilder
 

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Standard

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da



hi,

Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
  • Führe die mbrmastr.exe aus.
  • Drücke auf Backup MBR und speichere es als emsi auf den Desktop.
  • Schliesse dann das Programm wieder.
  • Packe die erstellte emsi.mbr in ein zip-Archiv (Rechtsklick -> Senden an -> Zip-komprimierten Ordner) und hänge die Datei hier an.
  • Auf dem Desktop wird ebenfalls eine Textdatei MBRMastr_<date>_<time>.txt erstellt. Poste deren Inhalt bitte hier.
__________________

__________________

Alt 07.02.2014, 13:51   #3
KUF
 
McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Standard

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da



Hallo Schrauber, hier der Inhalt der MBR und die zip-Datei:

Code:
ATTFilter
Detected Windows version: 6.2 Build 9200 
Installing direct disk access driver ...
Driver connection handle: 0x00000170
1 valid drive(s) found.

Details for Disk 0 - ST320LT020-9YG142 Rev 0010SDM1:
  Device name              : \\.\PhysicalDrive0
  Geometry (C/H/S)         : 38913/255/63
  Boot loader reputation   : Unknown
  Cross view comparison    : Passed
  Partition table integrity: Passed

  Boot loader hashes
    SHA-1                  : 639AC5CDF8A5CF3245975932C6A4215450A7B98F
    MD5                    : 5FB38429D5D77768867C76DCBDB35194
         
__________________

Alt 08.02.2014, 11:25   #4
schrauber
/// the machine
/// TB-Ausbilder
 

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Standard

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2014, 17:23   #5
KUF
 
McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Standard

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da



Hallo Schrauber,
ich bin nicht ganz sicher, ob ich alles "korrekt" ausgeführt habe, hänge aber mal alle txt.s hier dran:

Malware Bytes: (21 Einträge wurden gefunden, die ich gelöscht habe)

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.08.04

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Katja :: KATJASNETBOOK [Administrator]

08.02.2014 12:20:10
mbam-log-2014-02-08 (12-20-10).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 446362
Laufzeit: 3 Stunde(n), 9 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 21
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\AdwCleaner\Quarantine\C\Users\Katja\AppData\Local\genienext\nengine.dll.vir (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\AdwCleaner\Quarantine\C\Users\Katja\AppData\Roaming\newnext.me\nengine.dll.vir (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FLVPlayerSetup (1).exe (PUP.Optional.Cooltech) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FLVPlayerSetup (2).exe (PUP.Optional.Cooltech) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FLVPlayerSetup (3).exe (PUP.Optional.Cooltech) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FlvPlayerSetup (4).exe (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FLVPlayerSetup (5).exe (PUP.Optional.Cooltech) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FLVPlayerSetup.exe (PUP.Optional.Cooltech) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FreeVideoConverterSetup-r135-n-bc (1).exe (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FreeVideoConverterSetup-r135-n-bc.exe (PUP.Optional.Koyote.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\FreeYouTubeDownload (1).exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\openoffice setup.exe (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\setup (1).exe (PUP.Optional.AirInstaller) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\setup (2).exe (PUP.Optional.AirInstaller) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\setup (3).exe (PUP.Optional.Ignition.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\setup.exe (PUP.Optional.AirInstaller) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\SoftonicDownloader_fuer_free-youtube-download.exe (PUP.Optional.Softonic.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\SoftonicDownloader_fuer_mediahuman-youtube-to-mp3-converter.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\VLCPlus_Setup (1).exe (Adware.Linkular) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Katja\Downloads\VLCPlus_Setup.exe (Adware.Linkular) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
AdwCleaner

Code:
ATTFilter
# AdwCleaner v3.018 - Bericht erstellt am 08/02/2014 um 16:23:38
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Katja - KATJASNETBOOK
# Gestartet von : C:\Users\Katja\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\boost_interprocess

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\AppDataLow\FoxyDeal

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [19439 octets] - [21/01/2014 11:16:02]
AdwCleaner[R1].txt - [1289 octets] - [08/02/2014 16:06:30]
AdwCleaner[R2].txt - [1349 octets] - [08/02/2014 16:22:00]
AdwCleaner[S0].txt - [17193 octets] - [21/01/2014 11:18:36]
AdwCleaner[S1].txt - [1200 octets] - [08/02/2014 16:23:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1260 octets] ##########
         
Wobei diese LogFile entstanden ist, weiß ich nicht:

Code:
ATTFilter
Detected Windows version: 6.2 Build 9200 
Installing direct disk access driver ...
Driver connection handle: 0x00000170
1 valid drive(s) found.

Details for Disk 0 - ST320LT020-9YG142 Rev 0010SDM1:
  Device name              : \\.\PhysicalDrive0
  Geometry (C/H/S)         : 38913/255/63
  Boot loader reputation   : Unknown
  Cross view comparison    : Passed
  Partition table integrity: Passed

  Boot loader hashes
    SHA-1                  : 639AC5CDF8A5CF3245975932C6A4215450A7B98F
    MD5                    : 5FB38429D5D77768867C76DCBDB35194
         
Junkware Removal Tool

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 x64
Ran by Katja on 08.02.2014 at 16:54:43,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish"
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\free video converter"



~~~ FireFox

Emptied folder: C:\Users\Katja\AppData\Roaming\mozilla\firefox\profiles\f72g0f6s.default-1386231313305\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.02.2014 at 17:09:08,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Aktuelle FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2014
Ran by Katja (administrator) on KATJASNETBOOK on 08-02-2014 17:13:04
Running from C:\Users\Katja\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
() C:\Program Files (x86)\Opera\19.0.1326.56\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
() C:\Program Files (x86)\Opera\19.0.1326.56\opera_autoupdate.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\19.0.1326.56\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [McAfeeWrapperApplication] - C:\Program Files (x86)\McAfeeMOBK\WrapperTrayIcon.exe [453344 2011-05-11] (McAfee, Inc.)
HKLM-x32\...\Run: [BakupManagerTray] - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-31] (NTI Corporation)
HKLM-x32\...\Run: [LManager] - [X]
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2693933126-1470808564-1985995006-1001\...\Run: [AcerCloud] - C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18222336 2013-12-04] (Acer Incorporated)
HKU\S-1-5-21-2693933126-1470808564-1985995006-1001\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {BF18DC60-61D4-4CCD-8AD2-AB24B365DE47} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {BF18DC60-61D4-4CCD-8AD2-AB24B365DE47} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305
FF DefaultSearchEngine: DuckDuckGo
FF SelectedSearchEngine: DuckDuckGo
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DuckDuckGo Plus - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-18]
FF Extension: NoTrace - C:\Users\Katja\AppData\Roaming\Mozilla\Firefox\Profiles\f72g0f6s.default-1386231313305\Extensions\notrace@unisa.it.xpi [2014-02-06]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-06-20]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-06-20]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
CHR Extension: (Angry Birds) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-05-26]
CHR Extension: (Google Docs) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-19]
CHR Extension: (Google Drive) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-19]
CHR Extension: (YouTube) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-19]
CHR Extension: (Google-Suche) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-19]
CHR Extension: (Multiple Account Checker for Gmailâ„¢) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2013-09-09]
CHR Extension: (SiteAdvisor) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-19]
CHR Extension: (Animated Lion Theme) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jckhkbpmpbglbdkachfmedhpckaghenn [2013-05-24]
CHR Extension: (Scriffon) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcogdkjlajlgojgnjaiojdfepaakkea [2013-09-09]
CHR Extension: (WordPress.com) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2013-09-11]
CHR Extension: (Checkthis) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgkcpocjciadmnmilkhnhcnfbddcbidp [2013-09-09]
CHR Extension: (Google Maps) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-05-26]
CHR Extension: (Google Wallet) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Outlook.com) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2013-06-01]
CHR Extension: (Google Mail) - C:\Users\Katja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-02-05]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-04] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-23] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-08-28] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-31] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [74560 2013-09-09] (McAfee, Inc.)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-08-28] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-27] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-08 17:09 - 2014-02-08 17:09 - 00000961 _____ () C:\Users\Katja\Desktop\JRT.txt
2014-02-08 16:51 - 2014-02-08 16:51 - 01037530 _____ (Thisisu) C:\Users\Katja\Downloads\JRT (1).exe
2014-02-08 16:33 - 2014-02-08 16:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-08 16:28 - 2014-02-08 16:28 - 00001340 _____ () C:\Users\Katja\Desktop\AdwCleaner[S1].txt
2014-02-08 16:25 - 2014-02-08 16:25 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-08 13:57 - 2014-02-08 13:57 - 01440846 _____ () C:\Users\Katja\Downloads\mbam-chameleon-1.62.1.1000.zip
2014-02-08 12:15 - 2014-02-08 12:15 - 01037530 _____ (Thisisu) C:\Users\Katja\Downloads\JRT.exe
2014-02-08 12:14 - 2014-02-08 12:14 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 12:14 - 2014-02-08 12:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 12:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-08 12:13 - 2014-02-08 12:13 - 01166132 _____ () C:\Users\Katja\Downloads\adwcleaner.exe
2014-02-08 12:12 - 2014-02-08 12:13 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katja\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 12:09 - 2014-02-08 12:09 - 00044189 _____ () C:\Users\Katja\Desktop\FRSTfrisch.txt
2014-02-07 19:03 - 2014-02-07 19:03 - 00431196 _____ () C:\Users\Katja\Desktop\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw (1).oxps
2014-02-07 19:02 - 2014-02-07 19:02 - 00431196 _____ () C:\Users\Katja\Documents\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw (1).oxps
2014-02-07 18:53 - 2014-02-07 18:53 - 00366244 ____T () C:\Users\Katja\Desktop\Ebay Kauf.oxps
2014-02-07 16:23 - 2014-02-07 16:23 - 00431185 _____ () C:\Users\Katja\Desktop\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw.oxps
2014-02-07 16:22 - 2014-02-07 16:22 - 00431185 _____ () C:\Users\Katja\Documents\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw.oxps
2014-02-07 16:19 - 2014-02-07 16:19 - 00494971 _____ () C:\Users\Katja\Documents\15 Euro für Sie  Katja Funke!.oxps
2014-02-07 16:19 - 2014-02-07 16:19 - 00494971 _____ () C:\Users\Katja\Desktop\15 Euro für Sie  Katja Funke!.oxps
2014-02-07 16:16 - 2014-02-07 16:16 - 00316626 _____ () C:\Users\Katja\Documents\Ihre Bestellung bei Alternate.oxps
2014-02-07 16:16 - 2014-02-07 16:16 - 00316626 _____ () C:\Users\Katja\Desktop\Ihre Bestellung bei Alternate.oxps
2014-02-07 14:36 - 2014-02-07 14:42 - 59521871 _____ () C:\Users\Katja\Downloads\User Manual_Acer_01.01.03_W8x86_A.zip
2014-02-07 13:46 - 2014-02-07 13:46 - 00000145 _____ () C:\Users\Katja\Desktop\emsi.zip
2014-02-07 13:45 - 2014-02-07 13:45 - 00000570 _____ () C:\Users\Katja\Desktop\MBRMastr_2014.02.07_13.45.54.txt
2014-02-07 13:45 - 2014-02-07 13:45 - 00000512 _____ () C:\Users\Katja\Desktop\emsi.mbr
2014-02-07 13:43 - 2014-02-07 13:43 - 00788728 _____ (Emsisoft GmbH) C:\Users\Katja\Downloads\mbrmastr.exe
2014-02-07 13:14 - 2014-02-07 13:14 - 00391784 _____ () C:\WINDOWS\Minidump\020714-26062-01.dmp
2014-02-07 11:40 - 2014-02-07 11:40 - 00238953 _____ () C:\Users\Katja\Desktop\TeamSpybot-20140207-114040.cab
2014-02-07 11:33 - 2014-02-07 11:38 - 00023829 _____ () C:\Users\Katja\Desktop\Trojaner-Board.odt
2014-02-07 11:16 - 2014-02-07 11:16 - 00194815 _____ () C:\Users\Katja\Desktop\TeamSpybot-20140207-111635.cab
2014-02-07 10:14 - 2014-02-07 10:14 - 00010970 _____ () C:\Users\Katja\Desktop\gmer3.txt
2014-02-07 10:06 - 2014-02-07 10:06 - 00338952 _____ () C:\WINDOWS\Minidump\020714-31281-01.dmp
2014-02-07 09:59 - 2014-02-07 09:59 - 00011528 _____ () C:\Users\Katja\Desktop\Gmer2.txt
2014-02-07 09:49 - 2014-02-07 13:14 - 670199130 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-07 09:49 - 2014-02-07 13:14 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-07 09:49 - 2014-02-07 09:49 - 00284528 _____ () C:\WINDOWS\Minidump\020714-32562-01.dmp
2014-02-07 09:44 - 2014-02-07 09:44 - 00377309 _____ () C:\Users\Katja\Desktop\GmerFehlermeldung2.odt
2014-02-07 09:37 - 2014-02-07 09:37 - 00039720 _____ () C:\Users\Katja\Desktop\FRST2.txt
2014-02-07 09:33 - 2014-02-07 09:33 - 00000000 ____D () C:\Users\Katja\Downloads\FRST-OlderVersion
2014-02-07 09:32 - 2014-02-07 09:32 - 00000472 _____ () C:\WINDOWS\SysWOW64\defogger_disable.log
2014-02-07 08:29 - 2014-02-05 18:59 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140207-082908.backup
2014-02-05 18:59 - 2014-01-25 10:45 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140205-185954.backup
2014-02-02 07:42 - 2014-02-02 07:51 - 00000000 ____D () C:\Users\Katja\AppData\Local\Adobe
2014-01-26 20:34 - 2014-01-26 20:34 - 00002384 _____ () C:\Users\Public\Desktop\Spiel Royal Envoy - Campaign for the Crown Sammleredition.lnk
2014-01-26 20:32 - 2014-01-26 20:34 - 00000000 ____D () C:\Program Files (x86)\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:32 - 2014-01-26 20:32 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:02 - 2014-01-26 20:02 - 00236648 _____ (Big Fish Games) C:\Users\Katja\Downloads\bigfishgames_p203360593_s2_l2.exe
2014-01-26 17:47 - 2014-01-26 18:16 - 307143568 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigsKroneSE.exe
2014-01-26 14:47 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\BC Soft Games
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\ProgramData\BC Soft Games
2014-01-25 14:21 - 2014-01-25 14:21 - 00000000 ____D () C:\ProgramData\ScreenSeven
2014-01-25 14:15 - 2014-01-25 14:18 - 27147304 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\MoorhuhnJDF.exe
2014-01-25 10:45 - 2014-01-19 10:20 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140125-104530.backup
2014-01-23 17:14 - 2014-01-23 17:15 - 00546095 ____T () C:\Users\Katja\Desktop\Was wir mit dem Bösen machen sollen.oxps
2014-01-23 13:33 - 2014-01-23 13:33 - 00000000 ____D () C:\ProgramData\Melesta
2014-01-23 13:22 - 2014-01-23 13:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-01-21 20:22 - 2014-01-21 20:22 - 00012869 _____ () C:\Users\Katja\Desktop\gmer.txt
2014-01-21 20:21 - 2014-01-21 20:21 - 00533567 _____ () C:\Users\Katja\Desktop\gmer fehlermeldung.odt
2014-01-21 20:01 - 2014-01-21 20:01 - 00039226 _____ () C:\Users\Katja\Desktop\FRST.txt
2014-01-21 12:17 - 2014-01-21 12:17 - 00026209 _____ () C:\Users\Katja\Desktop\Addition.txt
2014-01-21 12:14 - 2014-01-21 12:15 - 00370672 _____ () C:\Users\Katja\Downloads\gmer_2.1.19324.zip
2014-01-21 12:12 - 2014-01-21 12:16 - 00026209 _____ () C:\Users\Katja\Downloads\Addition.txt
2014-01-21 12:08 - 2014-02-08 17:13 - 00023000 _____ () C:\Users\Katja\Downloads\FRST.txt
2014-01-21 12:08 - 2014-02-08 17:13 - 00000000 ____D () C:\FRST
2014-01-21 12:07 - 2014-02-07 09:33 - 02079744 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2014-01-21 12:05 - 2014-01-21 12:05 - 00000472 _____ () C:\Users\Katja\Downloads\defogger_disable.log
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 _____ () C:\Users\Katja\defogger_reenable
2014-01-21 12:03 - 2014-01-21 12:03 - 00050477 _____ () C:\Users\Katja\Downloads\Defogger.exe
2014-01-21 11:29 - 2014-01-21 11:29 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017 (1).exe
2014-01-21 11:15 - 2014-02-08 16:23 - 00000000 ____D () C:\AdwCleaner
2014-01-21 11:15 - 2014-01-21 11:15 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017.exe
2014-01-20 15:05 - 2014-01-20 15:12 - 84628320 _____ () C:\Users\Katja\Downloads\derek_prince_die_letzte_grosse_erschuetterung_DV9007GE_1.flv
2014-01-19 11:19 - 2014-01-19 11:19 - 00000000 ____D () C:\Users\Katja\Documents\ProcAlyzer Dumps
2014-01-19 10:20 - 2013-08-22 14:25 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140119-102057.backup
2014-01-19 09:23 - 2014-01-19 09:23 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-19 09:22 - 2014-02-07 09:26 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-01-19 09:22 - 2014-01-19 09:22 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-19 09:22 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-01-19 09:21 - 2014-01-19 15:04 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-19 09:19 - 2014-01-19 09:20 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Katja\Downloads\nw_27341_spybotexe.exe
2014-01-16 15:58 - 2014-01-16 16:02 - 00000000 ____D () C:\a2f621b105c6fcd8f273d7
2014-01-16 10:45 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-16 10:45 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-16 10:45 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-16 10:45 - 2013-11-27 11:34 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-01-16 10:45 - 2013-11-27 10:54 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-16 10:45 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-16 10:45 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-16 10:45 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-16 10:45 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-16 10:45 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-16 10:45 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-10 19:16 - 2014-01-10 19:16 - 00002079 _____ () C:\Users\Public\Desktop\McAfee Online-Backup-Service konfigurieren.lnk

==================== One Month Modified Files and Folders =======

2014-02-08 17:13 - 2014-01-21 12:08 - 00023000 _____ () C:\Users\Katja\Downloads\FRST.txt
2014-02-08 17:13 - 2014-01-21 12:08 - 00000000 ____D () C:\FRST
2014-02-08 17:09 - 2014-02-08 17:09 - 00000961 _____ () C:\Users\Katja\Desktop\JRT.txt
2014-02-08 17:02 - 2013-11-27 14:44 - 01343546 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-08 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-08 16:52 - 2013-04-21 09:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2693933126-1470808564-1985995006-1001
2014-02-08 16:51 - 2014-02-08 16:51 - 01037530 _____ (Thisisu) C:\Users\Katja\Downloads\JRT (1).exe
2014-02-08 16:49 - 2013-05-18 11:21 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-08 16:48 - 2013-11-28 11:38 - 00000000 __RDO () C:\Users\Katja\SkyDrive
2014-02-08 16:47 - 2013-02-13 13:55 - 00000000 __RSD () C:\Users\Katja\Documents\McAfee-Tresore
2014-02-08 16:46 - 2013-05-18 11:19 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-08 16:45 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-08 16:45 - 2013-08-22 14:25 - 02359296 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-08 16:33 - 2014-02-08 16:33 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-08 16:28 - 2014-02-08 16:28 - 00001340 _____ () C:\Users\Katja\Desktop\AdwCleaner[S1].txt
2014-02-08 16:25 - 2014-02-08 16:25 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-02-08 16:23 - 2014-01-21 11:15 - 00000000 ____D () C:\AdwCleaner
2014-02-08 15:55 - 2013-09-29 20:04 - 00015604 _____ () C:\WINDOWS\PFRO.log
2014-02-08 15:45 - 2013-05-18 11:19 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-08 15:45 - 2013-04-21 14:52 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-08 13:57 - 2014-02-08 13:57 - 01440846 _____ () C:\Users\Katja\Downloads\mbam-chameleon-1.62.1.1000.zip
2014-02-08 12:15 - 2014-02-08 12:15 - 01037530 _____ (Thisisu) C:\Users\Katja\Downloads\JRT.exe
2014-02-08 12:14 - 2014-02-08 12:14 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-08 12:14 - 2014-02-08 12:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-08 12:13 - 2014-02-08 12:13 - 01166132 _____ () C:\Users\Katja\Downloads\adwcleaner.exe
2014-02-08 12:13 - 2014-02-08 12:12 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Katja\Downloads\mbam-setup-1.75.0.1300.exe
2014-02-08 12:09 - 2014-02-08 12:09 - 00044189 _____ () C:\Users\Katja\Desktop\FRSTfrisch.txt
2014-02-08 11:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-08 11:08 - 2012-11-13 01:51 - 00000000 ____D () C:\Users\Katja\AppData\Local\Packages
2014-02-08 10:25 - 2013-05-02 15:57 - 00000000 ____D () C:\Users\Katja\AppData\Local\CrashDumps
2014-02-07 19:03 - 2014-02-07 19:03 - 00431196 _____ () C:\Users\Katja\Desktop\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw (1).oxps
2014-02-07 19:02 - 2014-02-07 19:02 - 00431196 _____ () C:\Users\Katja\Documents\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw (1).oxps
2014-02-07 18:53 - 2014-02-07 18:53 - 00366244 ____T () C:\Users\Katja\Desktop\Ebay Kauf.oxps
2014-02-07 18:53 - 2013-11-28 09:03 - 00509952 ___SH () C:\Users\Katja\Desktop\Thumbs.db
2014-02-07 16:23 - 2014-02-07 16:23 - 00431185 _____ () C:\Users\Katja\Desktop\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw.oxps
2014-02-07 16:22 - 2014-02-07 16:22 - 00431185 _____ () C:\Users\Katja\Documents\Bestätigung Ihres Kaufs  Acer Iconia Capacitive Stylus Pen schw.oxps
2014-02-07 16:19 - 2014-02-07 16:19 - 00494971 _____ () C:\Users\Katja\Documents\15 Euro für Sie  Katja Funke!.oxps
2014-02-07 16:19 - 2014-02-07 16:19 - 00494971 _____ () C:\Users\Katja\Desktop\15 Euro für Sie  Katja Funke!.oxps
2014-02-07 16:16 - 2014-02-07 16:16 - 00316626 _____ () C:\Users\Katja\Documents\Ihre Bestellung bei Alternate.oxps
2014-02-07 16:16 - 2014-02-07 16:16 - 00316626 _____ () C:\Users\Katja\Desktop\Ihre Bestellung bei Alternate.oxps
2014-02-07 15:30 - 2013-03-06 10:29 - 00000000 ____D () C:\Users\Katja\Documents\Dokumente
2014-02-07 14:42 - 2014-02-07 14:36 - 59521871 _____ () C:\Users\Katja\Downloads\User Manual_Acer_01.01.03_W8x86_A.zip
2014-02-07 13:46 - 2014-02-07 13:46 - 00000145 _____ () C:\Users\Katja\Desktop\emsi.zip
2014-02-07 13:45 - 2014-02-07 13:45 - 00000570 _____ () C:\Users\Katja\Desktop\MBRMastr_2014.02.07_13.45.54.txt
2014-02-07 13:45 - 2014-02-07 13:45 - 00000512 _____ () C:\Users\Katja\Desktop\emsi.mbr
2014-02-07 13:43 - 2014-02-07 13:43 - 00788728 _____ (Emsisoft GmbH) C:\Users\Katja\Downloads\mbrmastr.exe
2014-02-07 13:18 - 2013-11-27 14:15 - 00000000 ____D () C:\Users\Katja
2014-02-07 13:15 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-07 13:14 - 2014-02-07 13:14 - 00391784 _____ () C:\WINDOWS\Minidump\020714-26062-01.dmp
2014-02-07 13:14 - 2014-02-07 09:49 - 670199130 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-07 13:14 - 2014-02-07 09:49 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-07 11:40 - 2014-02-07 11:40 - 00238953 _____ () C:\Users\Katja\Desktop\TeamSpybot-20140207-114040.cab
2014-02-07 11:38 - 2014-02-07 11:33 - 00023829 _____ () C:\Users\Katja\Desktop\Trojaner-Board.odt
2014-02-07 11:16 - 2014-02-07 11:16 - 00194815 _____ () C:\Users\Katja\Desktop\TeamSpybot-20140207-111635.cab
2014-02-07 10:14 - 2014-02-07 10:14 - 00010970 _____ () C:\Users\Katja\Desktop\gmer3.txt
2014-02-07 10:06 - 2014-02-07 10:06 - 00338952 _____ () C:\WINDOWS\Minidump\020714-31281-01.dmp
2014-02-07 09:59 - 2014-02-07 09:59 - 00011528 _____ () C:\Users\Katja\Desktop\Gmer2.txt
2014-02-07 09:49 - 2014-02-07 09:49 - 00284528 _____ () C:\WINDOWS\Minidump\020714-32562-01.dmp
2014-02-07 09:44 - 2014-02-07 09:44 - 00377309 _____ () C:\Users\Katja\Desktop\GmerFehlermeldung2.odt
2014-02-07 09:37 - 2014-02-07 09:37 - 00039720 _____ () C:\Users\Katja\Desktop\FRST2.txt
2014-02-07 09:33 - 2014-02-07 09:33 - 00000000 ____D () C:\Users\Katja\Downloads\FRST-OlderVersion
2014-02-07 09:33 - 2014-01-21 12:07 - 02079744 _____ (Farbar) C:\Users\Katja\Downloads\FRST64.exe
2014-02-07 09:32 - 2014-02-07 09:32 - 00000472 _____ () C:\WINDOWS\SysWOW64\defogger_disable.log
2014-02-07 09:26 - 2014-01-19 09:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-02-06 07:37 - 2013-06-20 12:46 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-05 18:59 - 2014-02-07 08:29 - 00450709 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140207-082908.backup
2014-02-05 09:45 - 2013-04-21 14:52 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-02 07:51 - 2014-02-02 07:42 - 00000000 ____D () C:\Users\Katja\AppData\Local\Adobe
2014-01-31 14:41 - 2012-08-09 14:01 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 09:55 - 2013-08-18 08:16 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-01-27 08:30 - 2014-01-01 12:00 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-01-26 20:38 - 2013-11-20 17:07 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Playrix Entertainment
2014-01-26 20:34 - 2014-01-26 20:34 - 00002384 _____ () C:\Users\Public\Desktop\Spiel Royal Envoy - Campaign for the Crown Sammleredition.lnk
2014-01-26 20:34 - 2014-01-26 20:32 - 00000000 ____D () C:\Program Files (x86)\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:32 - 2014-01-26 20:32 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Royal Envoy - Campaign for the Crown Sammleredition
2014-01-26 20:02 - 2014-01-26 20:02 - 00236648 _____ (Big Fish Games) C:\Users\Katja\Downloads\bigfishgames_p203360593_s2_l2.exe
2014-01-26 19:47 - 2013-08-27 16:19 - 00002520 ____N () C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2014-01-26 18:36 - 2014-01-01 11:57 - 00001155 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2014-01-26 18:16 - 2014-01-26 17:47 - 307143568 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\DerGesandteDesKoenigsKroneSE.exe
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\Users\Katja\AppData\Roaming\BC Soft Games
2014-01-25 18:01 - 2014-01-25 18:01 - 00000000 ____D () C:\ProgramData\BC Soft Games
2014-01-25 14:21 - 2014-01-25 14:21 - 00000000 ____D () C:\ProgramData\ScreenSeven
2014-01-25 14:18 - 2014-01-25 14:15 - 27147304 _____ (INTENIUM GmbH) C:\Users\Katja\Downloads\MoorhuhnJDF.exe
2014-01-25 10:45 - 2014-02-05 18:59 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140205-185954.backup
2014-01-23 17:15 - 2014-01-23 17:14 - 00546095 ____T () C:\Users\Katja\Desktop\Was wir mit dem Bösen machen sollen.oxps
2014-01-23 13:33 - 2014-01-23 13:33 - 00000000 ____D () C:\ProgramData\Melesta
2014-01-23 13:22 - 2014-01-23 13:22 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-01-23 13:21 - 2012-08-09 13:54 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-01-21 20:22 - 2014-01-21 20:22 - 00012869 _____ () C:\Users\Katja\Desktop\gmer.txt
2014-01-21 20:21 - 2014-01-21 20:21 - 00533567 _____ () C:\Users\Katja\Desktop\gmer fehlermeldung.odt
2014-01-21 20:01 - 2014-01-21 20:01 - 00039226 _____ () C:\Users\Katja\Desktop\FRST.txt
2014-01-21 12:17 - 2014-01-21 12:17 - 00026209 _____ () C:\Users\Katja\Desktop\Addition.txt
2014-01-21 12:16 - 2014-01-21 12:12 - 00026209 _____ () C:\Users\Katja\Downloads\Addition.txt
2014-01-21 12:15 - 2014-01-21 12:14 - 00370672 _____ () C:\Users\Katja\Downloads\gmer_2.1.19324.zip
2014-01-21 12:05 - 2014-01-21 12:05 - 00000472 _____ () C:\Users\Katja\Downloads\defogger_disable.log
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 _____ () C:\Users\Katja\defogger_reenable
2014-01-21 12:03 - 2014-01-21 12:03 - 00050477 _____ () C:\Users\Katja\Downloads\Defogger.exe
2014-01-21 11:29 - 2014-01-21 11:29 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017 (1).exe
2014-01-21 11:26 - 2013-12-05 09:15 - 00000000 ____D () C:\Users\Katja\Desktop\Alte Firefox-Daten
2014-01-21 11:15 - 2014-01-21 11:15 - 01236282 _____ () C:\Users\Katja\Downloads\adwcleaner_3.017.exe
2014-01-20 15:12 - 2014-01-20 15:05 - 84628320 _____ () C:\Users\Katja\Downloads\derek_prince_die_letzte_grosse_erschuetterung_DV9007GE_1.flv
2014-01-19 15:04 - 2014-01-19 09:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-19 11:19 - 2014-01-19 11:19 - 00000000 ____D () C:\Users\Katja\Documents\ProcAlyzer Dumps
2014-01-19 10:20 - 2014-01-25 10:45 - 00450639 ____R () C:\WINDOWS\system32\Drivers\etc\hosts.20140125-104530.backup
2014-01-19 09:23 - 2014-01-19 09:23 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-01-19 09:22 - 2014-01-19 09:22 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-01-19 09:20 - 2014-01-19 09:19 - 40658208 _____ (Safer-Networking Ltd. ) C:\Users\Katja\Downloads\nw_27341_spybotexe.exe
2014-01-16 21:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-01-16 16:02 - 2014-01-16 15:58 - 00000000 ____D () C:\a2f621b105c6fcd8f273d7
2014-01-16 16:02 - 2013-07-20 17:35 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-16 15:58 - 2013-04-21 11:25 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-10 19:20 - 2013-07-02 14:01 - 00001308 _____ () C:\Users\Katja\Desktop\MediaHuman YouTube to MP3 Converter.lnk
2014-01-10 19:16 - 2014-01-10 19:16 - 00002079 _____ () C:\Users\Public\Desktop\McAfee Online-Backup-Service konfigurieren.lnk

Some content of TEMP:
====================
C:\Users\Katja\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 08:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Jetzt schonmal Danke für Deine Hilfe!
KUF


Alt 09.02.2014, 09:46   #6
schrauber
/// the machine
/// TB-Ausbilder
 

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Standard

McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da

Antwort

Themen zu McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da
administrator, adobe flash player, adware.linkular, launch, mobogenie, mobogenie entfernen, ntdll.dll, pup.optional.airinstaller, pup.optional.bundleinstaller.a, pup.optional.cooltech, pup.optional.ignition.a, pup.optional.installcore.a, pup.optional.koyote.a, pup.optional.nextlive.a, pup.optional.opencandy, pup.optional.softonic, pup.optional.softonic.a, safer networking, services.exe, siteadvisor, svchost.exe, trojaner unfindbar unlöschbar, wildtangent games, win32k.sys, winlogon.exe



Ähnliche Themen: McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da


  1. Problem mit CHKDSK? Programme können nicht mehr geöffnet werden und auch word-Dateien lassen sich nicht öffnen
    Log-Analyse und Auswertung - 07.10.2015 (7)
  2. avast und mcaffee arbeiten nicht mehr und die Tastatur funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 03.11.2014 (1)
  3. Spybot kann nicht alle meine Probleme beheben
    Plagegeister aller Art und deren Bekämpfung - 15.05.2014 (15)
  4. Spybot findet Bedrohungen, die nicht entfernt werden können
    Plagegeister aller Art und deren Bekämpfung - 01.01.2014 (14)
  5. BKA-Trojaner weißer Bildschirm, aber abgesicherter Modus funktioniert auch nicht mehr, Rescue-CDs können nichts finden
    Plagegeister aller Art und deren Bekämpfung - 05.08.2013 (30)
  6. Was tun mit W3i.IQ5.fraud? Spybot kann dieses Problem nicht lösen, Antivira findet es erst gar nicht!
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (2)
  7. McAffee Firewall und MS Defender lassen sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 31.08.2012 (11)
  8. Problem mit avira zeigt versteckte befallen objekte an aber kann sie nicht finden!
    Log-Analyse und Auswertung - 22.04.2012 (5)
  9. Spybot kann Probleme nicht beheben
    Plagegeister aller Art und deren Bekämpfung - 07.01.2011 (47)
  10. Viren problem, lässt sich nicht durch avira finden
    Plagegeister aller Art und deren Bekämpfung - 31.08.2010 (3)
  11. McAffee erkennt und löscht wuam.exe und TFTP1484 und nun geht der Internet Explorer nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 13.07.2010 (3)
  12. Internet Explorer und Firefox können Seiten nicht finden
    Log-Analyse und Auswertung - 06.05.2010 (22)
  13. avira plötzlich nicht mehr aktiv und lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 24.12.2009 (13)
  14. Antivir hilft nicht mehr. 7 Virenfunde, die nicht gelöscht werden können
    Log-Analyse und Auswertung - 07.12.2008 (1)
  15. Problem: E-Mail / Formulare können nicht abgeschickt werden
    Alles rund um Windows - 17.10.2008 (3)
  16. Problem mit hlclean32.exe - nicht zu finden
    Plagegeister aller Art und deren Bekämpfung - 16.09.2005 (3)
  17. Fehleralarm von SpyBot oder AdAware kann es nicht finden?
    Antiviren-, Firewall- und andere Schutzprogramme - 09.02.2003 (9)

Zum Thema McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da - Hallo zusammen, ich wollte "No Panic- Gute Geiseln sind selten", den ich schon einmal ohne Probleme in englisch auf You Tube angesehen hatte, auf deutsch sehen. Nach längerer Suche, fand - McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da...
Archiv
Du betrachtest: McAffee und Spybot finden ein Problem und können es nicht beheben, dann ist das Problem plötzlich nicht mehr da auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.