Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Bildschirm nach bootvorgang stark flackernd - Virus ?

Bildschirm nach bootvorgang stark flackernd - Virus ?


Plagegeister aller Art und deren Bekämpfung: Bildschirm nach bootvorgang stark flackernd - Virus ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 3 1 2 3
Alt 20.04.2014, 19:44   #1
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-04-2014 01
Ran by hristos at 2014-04-20 20:29:44
Running from C:\Users\hristos\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.3 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.0.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.3.183.10 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{97C005D5-317A-9DEB-8558-29A73B22FC17}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2010.0315.1050.17562 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2010.0315.1050.17562 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2010.0315.1050.17562 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Czech (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Danish (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Dutch (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help English (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Finnish (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help French (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help German (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Greek (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Hungarian (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Italian (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Japanese (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Korean (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Polish (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Portuguese (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Russian (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Spanish (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Swedish (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Thai (Version: 2010.0315.1049.17562 - ATI) Hidden
CCC Help Turkish (Version: 2010.0315.1049.17562 - ATI) Hidden
ccc-core-static (Version: 2010.0315.1050.17562 - Ihr Firmenname) Hidden
ccc-utility (Version: 2010.0315.1050.17562 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Curse (HKLM\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.5 - DivX, LLC)
erLT (Version: 1.20.0137 - Logitech, Inc.) Hidden
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Java(TM) 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LG USB Modem Drivers (HKLM\...\{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}) (Version: 4.9.4 - LG Electronics)
Logitech Gaming Software 8.50 (HKLM\...\Logitech Gaming Software) (Version: 8.50.281 - Logitech Inc.)
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Demo (HKLM\...\{1A1BEE58-8EA1-772E-10DF-97C19C5F1031}) (Version: 7.00.2739 - Nero AG)
Nero BurnRights (HKLM\...\Nero BurnRights!UninstallKey) (Version:  - )
NET Render Client 11.514 (HKLM\...\MAXONF02E79F8) (Version: 11.514 - MAXON Computer GmbH)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 20.0.1387.91 (HKLM\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Oxygen Forensic Suite 2011 (HKLM\...\{453AD884-9DD6-4FC0-8BD7-C5F1CA75FF36}_is1) (Version: 3.5.0 - Oxygen Software)
Polipo 1.0.4.1 (HKLM\...\Polipo) (Version:  - )
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.52.1 - PS3 Media Server)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
ROCCAT Power-Grid Version 0.459 (HKLM\...\{953CF6E6-4EC8-4E55-A263-720CEBD591FE}_is1) (Version: 0.459 - ROCCAT GmbH)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Strife (HKLM\...\strife) (Version: 0.0.1 - S2 Games)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Tor 0.2.2.33 (HKLM\...\Tor) (Version:  - )
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.13 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}) (Version: 1.6.07.32 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.07.32 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM\...\{607BE7BF-7C28-4ADB-A4A0-385962B901C3}) (Version: 8.0.28 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.05-A - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.06 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.0.6 - TOSHIBA Corporation) Hidden
TOSHIBA ReelTime (HKLM\...\InstallShield_{B894522E-C079-4DC8-A305-30BA6E2F4459}) (Version: 1.6.06.32 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.32 - TOSHIBA Corporation) Hidden
TOSHIBA Supervisor Password (HKLM\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Vidalia 0.2.14 (HKLM\...\Vidalia) (Version:  - )
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Restore Points  =========================

12-04-2014 23:45:37 Windows Update
17-04-2014 01:28:23 Windows Update
20-04-2014 18:06:56 Removed Google Earth.
20-04-2014 18:11:10 Removed Nero 7 Demo

==================== Hosts content: ==========================

2011-10-30 00:34 - 2014-04-07 20:34 - 00002384 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 
127.0.0.1 activate-sjc0.adobe.com 
0.0.0.0       localhost 
127.0.0.1 activate.adobe.com 
127.0.0.1 practivate.adobe.com 
127.0.0.1 ereg.adobe.com 
127.0.0.1 activate.wip3.adobe.com 
127.0.0.1 wip3.adobe.com 
127.0.0.1 3dns-3.adobe.com 
127.0.0.1 3dns-2.adobe.com 
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1 adobe-dns-2.adobe.com 
127.0.0.1 adobe-dns-3.adobe.com 
127.0.0.1 ereg.wip3.adobe.com 
127.0.0.1 activate-sea.adobe.com 
127.0.0.1 wwis-dubc1-vip60.adobe.com 

There are 31 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {293F1EAB-1F1F-48FE-894F-23666F5E951B} - System32\Tasks\Run LSI => C:\Program Files\LSI\LolSummonerInfo.exe
Task: {46569F58-F211-4AAD-A906-3E246D5CC5E8} - System32\Tasks\AdobeAAMUpdater-1.0-hristos-PC-hristos => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {56E97193-A9ED-40CD-8643-78857192DBA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {6B6EFC8C-AA2B-4C6A-9B82-CC7EB955807E} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {76A3A888-2F85-4633-91B3-1299FE75A15F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-15] (Google Inc.)
Task: {AA89F246-8FDC-46D0-B2F7-335099CB4BE0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core => C:\Users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13] (Google Inc.)
Task: {B0505E6D-0D0F-48FF-936F-CECFD064E3AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA => C:\Users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13] (Google Inc.)
Task: {C802E65C-FA16-4029-AB2C-1C8B6E7E8D54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-15] (Google Inc.)
Task: {E6D6CD35-B55D-47C2-AAE9-4B869E6E31C2} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2010-02-22] (TOSHIBA CORPORATION)
Task: {F2C55A19-7910-4913-A554-C097F83DE7C2} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2013-08-11] ()
Task: {FB4E4747-9334-431F-A07B-ECA927C57767} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core => C:\Users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FE44BD18-EF73-498B-80FF-DD5D1773F17A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA => C:\Users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job => C:\Users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job => C:\Users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job => C:\Users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job => C:\Users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-19 13:05 - 2012-11-10 15:03 - 00075136 _____ () C:\Windows\system32\PnkBstrA.exe
2011-11-22 10:59 - 2011-11-22 10:59 - 00018432 _____ () C:\Users\hristos\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
2011-08-16 19:09 - 2011-05-28 22:04 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2012-10-26 21:51 - 2011-10-29 15:40 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2012-10-26 18:01 - 2014-03-29 18:26 - 05329400 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe
2013-09-04 16:41 - 2014-03-29 18:26 - 00264696 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\RiotLauncher.dll
2014-03-18 18:28 - 2014-03-18 18:28 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe
2014-03-15 15:39 - 2014-03-15 15:39 - 00148480 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-15 15:39 - 2014-03-15 15:39 - 00864768 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-15 15:39 - 2014-03-15 15:39 - 00677376 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2011-08-24 11:26 - 2014-03-15 15:39 - 00092104 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2011-08-24 11:26 - 2014-03-15 15:39 - 00105416 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-03-15 15:39 - 2014-03-15 15:39 - 00025600 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-15 15:39 - 2014-03-15 15:39 - 00242688 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2011-08-24 11:26 - 2014-03-15 15:39 - 00117704 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2011-08-24 11:26 - 2014-03-15 15:39 - 00477128 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-11-07 18:42 - 2014-03-15 15:39 - 00483784 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-15 15:39 - 2014-03-15 15:39 - 00123904 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:196FC0A6
AlternateDataStreams: C:\ProgramData\TEMP:7D6EC5BE

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPointII.lnk => C:\Windows\pss\SetPointII.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^hristos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk => C:\Windows\pss\Curse.lnk.Startup
MSCONFIG\startupfolder: C:^Users^hristos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: iCloudServices => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LSI => C:\Program Files\LSI\LolSummonerInfo.exe
MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: Spotify => "C:\Users\hristos\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\hristos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2014 05:51:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/20/2014 05:51:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/20/2014 05:51:52 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/17/2014 03:22:05 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/17/2014 03:22:05 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/17/2014 03:22:05 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/17/2014 03:00:14 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x8007043c).

Error: (04/17/2014 03:00:12 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x8007043c).

Error: (04/16/2014 10:41:04 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Starten des Softwareschutzdiensts.  0x80070002
6.1.7601.17514

Error: (04/16/2014 10:35:19 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


System errors:
=============
Error: (04/20/2014 05:45:45 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎20.‎04.‎2014 um 17:43:20 unerwartet heruntergefahren.

Error: (04/16/2014 10:41:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde mit folgendem Fehler beendet: 
%%2

Error: (04/16/2014 10:41:04 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.169.2593.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.5.0216.00

	Quellpfad: 4.5.0216.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (04/16/2014 10:34:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde mit folgendem Fehler beendet: 
%%2

Error: (04/16/2014 10:34:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde mit folgendem Fehler beendet: 
%%2

Error: (04/16/2014 10:34:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde mit folgendem Fehler beendet: 
%%2

Error: (04/16/2014 10:34:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Software Protection" wurde mit folgendem Fehler beendet: 
%%2

Error: (04/16/2014 10:32:57 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057

Error: (04/16/2014 10:32:57 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0xc00d36b0

Error: (04/16/2014 10:32:57 PM) (Source: WMPNetworkSvc) (User: )
Description: 0x80070057


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 3578.9 MB
Available physical RAM: 1673.95 MB
Total Pagefile: 7156.09 MB
Available Pagefile: 5182.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1924.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:174.19 GB) (Free:32 GB) NTFS
Drive d: () (Fixed) (Total:58.59 GB) (Free:26.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 88C5C523)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=174 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=59 GB) - (Type=07 NTFS)

==================== End Of Log ======================
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-04-2014 01
Ran by hristos (administrator) on HRISTOS-PC on 20-04-2014 20:28:24
Running from C:\Users\hristos\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\PnkBstrA.exe
() C:\Users\hristos\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.205\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.80\deploy\LolClient.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [update] => "C
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [Spotify Web Helper] => C:\Users\hristos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [Google Update] => C:\Users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-13] (Google Inc.)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [DriverTurbo] => C:\Program Files\DriverTurbo\DriverTurbo.exe
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\MountPoints2: {75c6ea83-221a-11e2-b901-00266c5598ed} - F:\LGAutoRun.exe
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\MountPoints2: {a6d63da2-e530-11e0-9486-00266c5598ed} - F:\AutoRun.exe
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\MountPoints2: {a6d63db1-e530-11e0-9486-00266c5598ed} - F:\AutoRun.exe
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\MountPoints2: {a6d63dbe-e530-11e0-9486-00266c5598ed} - F:\AutoRun.exe
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\MountPoints2: {bc6ebb9b-e9a5-11e0-960a-00266c5598ed} - F:\AutoRun.exe
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\MountPoints2: {bc6ebba9-e9a5-11e0-960a-00266c5598ed} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb201?a=6R8O908Ymp&i=26
SearchScopes: HKLM - DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKLM - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8O908Ymp&i=26
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6R8O908Ymp&i=26
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: StumbleUpon - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\hristos\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/armhelper.ocx
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hristos\AppData\Roaming\Mozilla\Firefox\Profiles\yufn37b9.default
FF user.js: detected! => C:\Users\hristos\AppData\Roaming\Mozilla\Firefox\Profiles\yufn37b9.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @gamersfirst.com/LiveLauncher - C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\hristos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\hristos\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\hristos\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-12]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\hristos\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\hristos\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\hristos\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.0.147) - C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7) - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\hristos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Extension: (Stylish) - C:\Users\hristos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-06-10]
CHR Extension: (Google Wallet) - C:\Users\hristos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (iOS, iPad, iPhone & iPod Grey Texture) - C:\Users\hristos\AppData\Local\Google\Chrome\User Data\Default\Extensions\odgbpcbfijafedicgoagncajafompaok [2013-09-26]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-09-26]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2012-12-13]
CHR HKLM\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files\Perion\ChromeInfoBar\ChromeInfoBar.crx [2012-12-13]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [pgifblbjgdjhcelbanblbhkhmbnnmhfg] - C:\Users\hristos\AppData\LocalLow\StumbleUpon\CHROME\StumbleUpon.crx [2011-11-22]
CHR StartMenuInternet: Google Chrome - C:\Users\hristos\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2010-01-28] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-11-10] ()
R2 StumbleUponUpdater; C:\Users\hristos\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2010-02-05] (TOSHIBA Corporation)

==================== Drivers (Whitelisted) ====================

R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-15] (ATI Technologies Inc.)
S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2012-09-14] (Eugene V. Muzychenko)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [39960 2013-05-30] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
R4 CnxtHdAudService; system32\drivers\CHDRT32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 XDva386; \??\C:\Windows\system32\XDva386.sys [X]
S3 XDva389; \??\C:\Windows\system32\XDva389.sys [X]
S3 XDva390; \??\C:\Windows\system32\XDva390.sys [X]
S3 XDva391; \??\C:\Windows\system32\XDva391.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-20 20:28 - 2014-04-20 20:28 - 00016913 _____ () C:\Users\hristos\Desktop\FRST.txt
2014-04-20 20:28 - 2014-04-20 20:28 - 00000000 ____D () C:\Users\hristos\Desktop\FRST-OlderVersion
2014-04-20 18:15 - 2014-04-20 18:15 - 00000000 ____D () C:\Users\hristos\AppData\Local\BoLUpdater
2014-04-17 15:14 - 2014-04-17 15:14 - 00035700 _____ () C:\Users\hristos\Downloads\Addition.txt
2014-04-17 15:13 - 2014-04-20 20:28 - 00000000 ____D () C:\FRST
2014-04-17 15:13 - 2014-04-17 15:14 - 00035488 _____ () C:\Users\hristos\Downloads\FRST.txt
2014-04-17 15:12 - 2014-04-20 20:28 - 01043968 _____ (Farbar) C:\Users\hristos\Desktop\FRST.exe
2014-04-17 03:16 - 2014-04-17 03:16 - 00000000 _____ () C:\Windows\NDSTray.INI
2014-04-17 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 03:00 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 03:00 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 03:00 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 03:00 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-14 18:27 - 2014-04-20 17:45 - 00001346 _____ () C:\Windows\PFRO.log
2014-04-14 18:27 - 2014-04-20 17:45 - 00000672 _____ () C:\Windows\setupact.log
2014-04-14 18:27 - 2014-04-14 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 00:06 - 2014-04-14 00:15 - 00000000 ____D () C:\Users\hristos\Desktop\naked
2014-04-12 10:12 - 2014-04-12 10:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-11 16:51 - 2014-04-11 20:56 - 00000070 _____ () C:\Users\hristos\Desktop\stolen acc.txt
2014-04-11 09:11 - 2014-03-31 22:22 - 00000000 ____D () C:\Users\hristos\Desktop\Skrillex - Recess (2014)
2014-04-09 23:08 - 2014-04-09 23:08 - 00231952 _____ () C:\Users\hristos\Downloads\DriverTurboSetup.exe
2014-04-09 22:48 - 2014-04-17 20:31 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\DriverTurbo
2014-04-09 21:34 - 2014-04-09 21:43 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517115314.zip
2014-04-09 21:11 - 2014-04-09 21:25 - 00173651 _____ () C:\Users\hristos\Downloads\sound-20100517111051 (1).zip.opdownload
2014-04-09 20:48 - 2014-04-14 20:59 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 20:48 - 2014-04-09 20:48 - 00001020 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 20:47 - 2014-04-09 20:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 20:47 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-09 20:47 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 20:47 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-09 20:45 - 2014-04-20 20:05 - 00000000 ____D () C:\Program Files\CONEXANT
2014-04-09 20:44 - 2014-04-09 20:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hristos\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-09 20:31 - 2014-04-09 20:43 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517111051.zip
2014-04-09 00:11 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 00:11 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 00:11 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 00:11 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 00:11 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 00:11 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 20:12 - 2014-04-07 20:12 - 00000000 ____D () C:\Users\hristos\Desktop\BoL Studio(Full Deal)
2014-04-07 20:12 - 2014-04-07 19:28 - 27055956 _____ () C:\Users\hristos\Desktop\BoL Studio(Full Deal).rar
2014-04-07 20:10 - 2014-04-20 19:05 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\BoL
2014-04-07 20:08 - 2014-04-07 20:09 - 06528512 _____ () C:\Users\hristos\Downloads\BoL.dll
2014-04-07 20:07 - 2014-04-07 20:08 - 01888256 _____ () C:\Users\hristos\Downloads\BoL Studio.exe
2014-04-07 19:26 - 2014-04-07 19:28 - 27055956 _____ () C:\Users\hristos\Downloads\BoL Studio(Full Deal).rar
2014-04-07 19:24 - 2014-04-07 19:24 - 06120184 _____ (TeamViewer GmbH) C:\Users\hristos\Downloads\TeamViewer_Setup_de.exe
2014-04-07 19:01 - 2014-04-07 20:09 - 00000000 ____D () C:\Users\hristos\Desktop\bol
2014-04-07 19:00 - 2014-04-07 19:01 - 10339653 _____ () C:\Users\hristos\Downloads\BoL Studio.rar
2014-04-02 20:18 - 2014-04-02 20:18 - 00000000 ____D () C:\Users\hristos\AppData\Local\{67FB84F9-A5F9-4DE4-9858-03BB4B5DC3B5}
2014-03-27 19:00 - 2014-03-27 19:01 - 00206928 _____ () C:\Users\hristos\Documents\cc_20140327_180054.reg

==================== One Month Modified Files and Folders =======

2014-04-20 20:28 - 2014-04-20 20:28 - 00016913 _____ () C:\Users\hristos\Desktop\FRST.txt
2014-04-20 20:28 - 2014-04-20 20:28 - 00000000 ____D () C:\Users\hristos\Desktop\FRST-OlderVersion
2014-04-20 20:28 - 2014-04-17 15:13 - 00000000 ____D () C:\FRST
2014-04-20 20:28 - 2014-04-17 15:12 - 01043968 _____ (Farbar) C:\Users\hristos\Desktop\FRST.exe
2014-04-20 20:22 - 2011-08-13 12:04 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job
2014-04-20 20:10 - 2011-10-21 20:45 - 00000000 ____D () C:\Program Files\adf-soft´s Screenshot
2014-04-20 20:09 - 2011-10-15 22:26 - 00000000 ____D () C:\Program Files\Google
2014-04-20 20:06 - 2011-09-04 10:25 - 00000000 ____D () C:\Program Files\MAXON
2014-04-20 20:05 - 2014-04-09 20:45 - 00000000 ____D () C:\Program Files\CONEXANT
2014-04-20 20:05 - 2011-09-04 10:23 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\MAXON
2014-04-20 20:04 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-20 20:03 - 2011-10-15 22:26 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-20 20:02 - 2011-08-13 15:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-20 20:02 - 2011-08-13 15:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-20 20:01 - 2011-08-13 15:49 - 00000000 ____D () C:\Program Files\Adobe
2014-04-20 19:57 - 2011-09-30 20:37 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\TS3Client
2014-04-20 19:05 - 2014-04-07 20:10 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\BoL
2014-04-20 18:15 - 2014-04-20 18:15 - 00000000 ____D () C:\Users\hristos\AppData\Local\BoLUpdater
2014-04-20 18:11 - 2011-10-19 21:01 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job
2014-04-20 17:53 - 2009-07-14 06:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 17:53 - 2009-07-14 06:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 17:51 - 2011-08-13 02:37 - 00006252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 17:49 - 2011-08-13 02:29 - 01560295 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 17:46 - 2011-10-15 22:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-20 17:45 - 2014-04-14 18:27 - 00001346 _____ () C:\Windows\PFRO.log
2014-04-20 17:45 - 2014-04-14 18:27 - 00000672 _____ () C:\Windows\setupact.log
2014-04-20 17:45 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 16:22 - 2011-08-13 12:04 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job
2014-04-20 00:11 - 2011-10-19 21:01 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job
2014-04-17 20:31 - 2014-04-09 22:48 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\DriverTurbo
2014-04-17 15:14 - 2014-04-17 15:14 - 00035700 _____ () C:\Users\hristos\Downloads\Addition.txt
2014-04-17 15:14 - 2014-04-17 15:13 - 00035488 _____ () C:\Users\hristos\Downloads\FRST.txt
2014-04-17 03:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-17 03:16 - 2014-04-17 03:16 - 00000000 _____ () C:\Windows\NDSTray.INI
2014-04-17 03:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-16 04:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-14 20:59 - 2014-04-09 20:48 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 18:59 - 2011-12-15 08:25 - 00116480 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 18:27 - 2014-04-14 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 00:40 - 2014-03-09 16:11 - 00000000 ____D () C:\Program Files\Steam
2014-04-14 00:15 - 2014-04-14 00:06 - 00000000 ____D () C:\Users\hristos\Desktop\naked
2014-04-13 23:57 - 2013-04-26 20:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-12 23:59 - 2012-05-08 18:07 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\Spotify
2014-04-12 11:49 - 2012-05-08 18:11 - 00000000 ____D () C:\Users\hristos\AppData\Local\Spotify
2014-04-12 10:13 - 2014-04-12 10:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-11 20:56 - 2014-04-11 16:51 - 00000070 _____ () C:\Users\hristos\Desktop\stolen acc.txt
2014-04-09 23:08 - 2014-04-09 23:08 - 00231952 _____ () C:\Users\hristos\Downloads\DriverTurboSetup.exe
2014-04-09 21:43 - 2014-04-09 21:34 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517115314.zip
2014-04-09 21:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-09 21:25 - 2014-04-09 21:11 - 00173651 _____ () C:\Users\hristos\Downloads\sound-20100517111051 (1).zip.opdownload
2014-04-09 20:48 - 2014-04-09 20:48 - 00001020 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 20:47 - 2014-04-09 20:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 20:47 - 2012-03-03 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 20:46 - 2014-04-09 20:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hristos\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-09 20:43 - 2014-04-09 20:31 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517111051.zip
2014-04-09 18:06 - 2012-01-06 02:45 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\Skype
2014-04-09 14:08 - 2013-07-30 16:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 14:05 - 2013-08-15 07:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 14:00 - 2012-03-08 18:03 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00000000 ____D () C:\Users\hristos\Desktop\BoL Studio(Full Deal)
2014-04-07 20:09 - 2014-04-07 20:08 - 06528512 _____ () C:\Users\hristos\Downloads\BoL.dll
2014-04-07 20:09 - 2014-04-07 19:01 - 00000000 ____D () C:\Users\hristos\Desktop\bol
2014-04-07 20:08 - 2014-04-07 20:07 - 01888256 _____ () C:\Users\hristos\Downloads\BoL Studio.exe
2014-04-07 19:28 - 2014-04-07 20:12 - 27055956 _____ () C:\Users\hristos\Desktop\BoL Studio(Full Deal).rar
2014-04-07 19:28 - 2014-04-07 19:26 - 27055956 _____ () C:\Users\hristos\Downloads\BoL Studio(Full Deal).rar
2014-04-07 19:24 - 2014-04-07 19:24 - 06120184 _____ (TeamViewer GmbH) C:\Users\hristos\Downloads\TeamViewer_Setup_de.exe
2014-04-07 19:01 - 2014-04-07 19:00 - 10339653 _____ () C:\Users\hristos\Downloads\BoL Studio.rar
2014-04-05 22:45 - 2014-03-12 15:53 - 00000000 ____D () C:\Program Files\Opera
2014-04-03 09:51 - 2014-04-09 20:47 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-09 20:47 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-09 20:47 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 03:01 - 2011-08-13 02:44 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-03 03:01 - 2011-08-13 02:42 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-02 20:18 - 2014-04-02 20:18 - 00000000 ____D () C:\Users\hristos\AppData\Local\{67FB84F9-A5F9-4DE4-9858-03BB4B5DC3B5}
2014-04-02 20:18 - 2011-10-20 21:47 - 00000000 ____D () C:\Users\hristos\AppData\Local\Windows Live
2014-03-31 22:22 - 2014-04-11 09:11 - 00000000 ____D () C:\Users\hristos\Desktop\Skrillex - Recess (2014)
2014-03-27 19:01 - 2014-03-27 19:00 - 00206928 _____ () C:\Users\hristos\Documents\cc_20140327_180054.reg
2014-03-27 19:00 - 2012-12-13 22:13 - 00116480 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-03-21 22:36 - 2013-10-07 16:27 - 00016400 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys

Files to move or delete:
====================
C:\Users\hristos\Setup.bat


Some content of TEMP:
====================
C:\Users\hristos\AppData\Local\Temp\KUIU.EXE


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 00:51

==================== End Of Log ============================
--- --- ---




meines wissens alles entfernt <3

Alt 21.04.2014, 20:13   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________
Alt 21.04.2014, 21:20   #3
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Code:
ATTFilter
ComboFix 14-04-20.01 - hristos 21.04.2014  21:52:27.1.2 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.3579.1218 [GMT 2:00]
ausgeführt von:: c:\users\hristos\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\XingHaoLyrics
c:\users\hristos\AppData\Roaming\hristoslog.dat
c:\users\hristos\AppData\Roaming\hristosv1.20.10.vbs
c:\users\hristos\AppData\Roaming\Love
c:\users\hristos\AppData\Roaming\Love\mari0\mappacks\smb\1-1.txt
c:\users\hristos\AppData\Roaming\Love\mari0\options.txt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-21 bis 2014-04-21  ))))))))))))))))))))))))))))))
.
.
2014-04-21 20:09 . 2014-04-21 20:09	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-04-21 20:09 . 2014-04-21 20:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-21 15:57 . 2014-04-16 09:25	8050496	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0F6C8789-DB5E-4DDD-81E9-AEB3CCF47229}\mpengine.dll
2014-04-20 18:41 . 2014-04-20 18:41	--------	d-----w-	c:\users\hristos\AppData\Roaming\friendbomber.me
2014-04-20 18:41 . 2014-04-20 18:41	--------	d-----w-	c:\program files\Friend Bomber
2014-04-20 18:41 . 2014-04-20 18:41	--------	d-----w-	c:\programdata\friendbomber.me
2014-04-20 16:15 . 2014-04-20 16:15	--------	d-----w-	c:\users\hristos\AppData\Local\BoLUpdater
2014-04-20 01:27 . 2014-04-16 09:25	8050496	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-04-19 23:40 . 2014-02-21 11:37	765968	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{89D1CB2B-0FF3-4C93-A939-C7A7FD32F9A5}\gapaengine.dll
2014-04-17 13:13 . 2014-04-20 18:30	--------	d-----w-	C:\FRST
2014-04-09 20:48 . 2014-04-17 18:31	--------	d-----w-	c:\users\hristos\AppData\Roaming\DriverTurbo
2014-04-09 18:48 . 2014-04-14 18:59	107736	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-09 18:47 . 2014-04-03 07:51	51416	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-09 18:47 . 2014-04-03 07:51	73432	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-09 18:47 . 2014-04-03 07:50	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-04-09 18:47 . 2014-04-09 18:47	--------	d-----w-	c:\program files\ Malwarebytes Anti-Malware 
2014-04-09 18:45 . 2014-04-20 18:05	--------	d-----w-	c:\program files\CONEXANT
2014-04-08 22:11 . 2014-02-04 02:07	149440	----a-w-	c:\windows\system32\drivers\storport.sys
2014-04-08 22:11 . 2014-02-04 02:07	234432	----a-w-	c:\windows\system32\drivers\msiscsi.sys
2014-04-08 22:11 . 2014-02-04 02:07	27072	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2014-04-08 22:11 . 2014-02-04 02:00	2048	----a-w-	c:\windows\system32\iologmsg.dll
2014-04-08 22:11 . 2014-01-24 02:18	1212352	----a-w-	c:\windows\system32\drivers\ntfs.sys
2014-04-07 18:10 . 2014-04-21 11:52	--------	d-----w-	c:\users\hristos\AppData\Roaming\BoL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-21 20:36 . 2013-10-07 14:27	16400	----a-w-	c:\windows\system32\drivers\LNonPnP.sys
2014-03-11 07:52 . 2011-04-27 13:25	104264	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2014-02-21 11:37 . 2011-10-11 11:15	765968	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-07 01:07 . 2014-03-12 12:29	2349056	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:04 . 2014-03-12 12:29	1230336	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 12:31	509440	----a-w-	c:\windows\system32\qedit.dll
2014-01-29 02:06 . 2014-03-12 12:25	381440	----a-w-	c:\windows\system32\wer.dll
2014-01-28 02:07 . 2014-03-12 12:29	185344	----a-w-	c:\windows\system32\wwansvc.dll
2014-01-24 23:19 . 2014-01-24 23:19	231960	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2012-01-24 12:50 . 2012-02-05 15:27	265120	----a-w-	c:\program files\Common Files\WireHelpSvc.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}]
2011-11-22 08:59	269824	----a-w-	c:\users\hristos\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\hristos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-04-12 1171000]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2013-11-20 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\LOLRecorder.lnk
backup=c:\windows\pss\LOLRecorder.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPointII.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
backup=c:\windows\pss\SetPointII.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^hristos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Curse.lnk]
path=c:\users\hristos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
backup=c:\windows\pss\Curse.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^hristos^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk]
path=c:\users\hristos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
backup=c:\windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-11-21 16:57	959904	----a-w-	c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44	500208	------w-	c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-02-12 19:57	43848	----a-w-	c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08	1259376	----a-w-	c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-11 22:06	138096	---hatw-	c:\users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-08-13 10:04	136176	----atw-	c:\users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 16:36	30040	----a-w-	c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iCloudServices]
2013-11-20 14:43	59720	----a-w-	c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-02-21 02:54	152392	----a-w-	c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2009-06-17 08:55	55824	----a-w-	c:\windows\KHALMNPR.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Launch LCore]
2013-08-01 19:53	6210840	----a-w-	c:\program files\Logitech Gaming Software\LCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50	155648	----a-w-	c:\windows\System32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-02-10 16:46	20922016	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
2014-04-12 09:38	6087224	----a-w-	c:\users\hristos\AppData\Roaming\Spotify\spotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-04-12 09:37	1171000	----a-w-	c:\users\hristos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2010-03-15 08:42	98304	----a-w-	c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 09:07	252296	----a-w-	c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosNC]
2010-03-19 12:08	467816	----a-w-	c:\program files\TOSHIBA\BulletinBoard\TosNcCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosReelTimeMonitor]
2010-03-03 10:17	30040	----a-w-	c:\program files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
2010-02-05 15:41	611672	----a-w-	c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TWebCamera]
2010-02-23 23:54	2454840	----a-w-	c:\program files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R2 StumbleUponUpdater;StumbleUpon Updater;c:\users\hristos\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [2011-11-22 18432]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2012-09-14 50728]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-24 14856]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2013-07-25 18944]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-02-01 182304]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-05 111960]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files\IObit\Game Booster 3\Driver\WinRing0.sys [2010-11-01 14416]
R3 XDva386;XDva386;c:\windows\system32\XDva386.sys [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-15 172032]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2010-01-28 185712]
S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 TeamViewer9;TeamViewer 9;c:\program files\TeamViewer\Version9\TeamViewer_Service.exe [2014-02-17 4915040]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-03-04 67624]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 39960]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2009-06-22 24064]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job
- c:\users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 22:06]
.
2014-04-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job
- c:\users\hristos\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 22:06]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-15 20:26]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-15 20:26]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job
- c:\users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 10:04]
.
2014-04-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job
- c:\users\hristos\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-13 10:04]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://mystart.incredibar.com/mb201?a=6R8O908Ymp&i=26
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
FF - ProfilePath - c:\users\hristos\AppData\Roaming\Mozilla\Firefox\Profiles\yufn37b9.default\
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-AdobeBridge - (no file)
HKCU-Run-DriverTurbo - c:\program files\DriverTurbo\DriverTurbo.exe
MSConfigStartUp-AdobeCS5ServiceManager - c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
MSConfigStartUp-LSI - c:\program files\LSI\LolSummonerInfo.exe
MSConfigStartUp-SmartFaceVWatcher - c:\program files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSConfigStartUp-SwitchBoard - c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-21  22:13:32
ComboFix-quarantined-files.txt  2014-04-21 20:13
.
Vor Suchlauf: 11 Verzeichnis(se), 32.407.416.832 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 33.972.854.784 Bytes frei
.
- - End Of File - - 1D5B4F3FD233AB3DEDFD5AFD83DF32D2
A36C5E4F47E84449FF07ED3517B43A31


hatte schon panik weil der scan mein internet gekappt hat o,o
__________________
Alt 22.04.2014, 13:51   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.04.2014, 13:53   #5
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Wenn ich meinen pc Neustarte flackert er wieder ...


Alt 28.04.2014, 20:06   #6
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 28/04/2014 um 20:47:17
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : hristos - HRISTOS-PC
# Gestartet von : C:\Users\hristos\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : StumbleUponUpdater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\Perion
Ordner Gelöscht : C:\Program Files\software4u
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\SweetIM
Datei Gelöscht : C:\Program Files\Mozilla Firefox\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\StumbleUpon.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_camstudio_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_camstudio_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_portabletor_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_portabletor_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StumbleUpon
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricsplus
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\StumbleUpon
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\IB Updater
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (de)

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [5825 octets] - [28/04/2014 20:44:33]
AdwCleaner[S0].txt - [5699 octets] - [28/04/2014 20:47:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5759 octets] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by hristos on 28.04.2014 at 20:54:45,42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-109183035-3835306969-3137161351-1000\Software\ib updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dmwu_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPls_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPls_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\Users\hristos\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\hristos\AppData\Roaming\software4u"
Successfully deleted: [Folder] "C:\Users\hristos\appdata\locallow\boost_interprocess"
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{0E666F1C-E472-4EA0-AD05-1B35E09D7EBF}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{0E9BAF09-AE8E-4FBD-8FD8-FE16D769E2E9}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{11AF38A4-D8A0-4C99-AD55-DDA58BFEAB05}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{1351D0C8-7776-41F8-8128-842B78091CBA}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{1BC0BDC5-DF37-4AE0-9372-F6676130023E}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{1F84BE2B-C6C9-4EF6-9516-B736EE313437}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{28EC923A-D06F-4E1A-8EA5-2CBF9FB23FA1}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{2A737C90-ECF6-4211-8108-7D885D4EDD51}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{2A772437-0137-4B94-9C2D-FF67EB22B262}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{2B19B407-B4BC-4516-89F0-03AC57EB9DAD}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{2FD17106-60F2-4F17-B699-F4F10ABDF3E3}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{30C11501-20A1-4B02-84A0-65D22E831E5B}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{31D6D3FB-2489-4528-9253-B0B2F9D9D355}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{324E0231-CC72-4F6D-86AF-82DBE7285DB3}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{3A849A40-AFE4-4B3E-B4AB-74E5E1747A7B}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{4D0B0CAC-14AD-4F4F-B128-EFAF67C25229}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{4EAD9365-8778-4C07-988A-00B1B3ED387B}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{58F66564-448D-4503-8FA6-ED787B38AC83}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{5E0137CB-2BDA-4840-8473-C4D48B1624D0}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{6395C1FA-6BE6-42B5-8FE1-F5B1168D13A3}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{67FB84F9-A5F9-4DE4-9858-03BB4B5DC3B5}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{7408315D-8C28-40EC-B00A-D092774B5190}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{770CD089-7E68-4F48-BF91-D9B9F4E3CE9B}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{8084BD63-11C0-43F2-A76F-35EC0A9F629B}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{83A3AD86-7418-420B-A39E-BBF17ED9521E}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{87CB4A73-F812-462A-84C7-DCCE517256CC}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{8C5C4D59-9BFB-4DFB-A763-D15ABBDFF5E4}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{9082BBAA-2E0A-44BF-9FF9-3FE413BE756B}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{9241B05D-F5B7-4788-884A-E3EDBABDB8E2}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{96469965-7758-4883-8576-5101C01B03A2}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{9C8D1BED-31EA-41AE-92E1-037EF1E1C8AA}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{B671C801-4681-45C2-AD1F-3E90D9710C11}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{BE59669A-DF92-4D04-A3E9-C631FF70FA35}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{BF04C606-A5A9-4020-800C-5B2C29A9CA54}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{C45D9D7A-C17A-4414-B971-F838723329B4}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{C7FC281B-A98D-4ABA-B06D-034C49700DB5}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{CC7885B4-5F1C-408F-893D-0CA93A30247A}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{D1B5CEDC-9E0B-4780-A39E-B93DD0EE0CA6}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{DD8FB64B-4DBB-42DF-A32B-26E02B69EF4A}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{DF1DBF66-F91F-4683-92D4-2515D10D607A}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{E6FA642A-B346-4B16-A507-192BB293A035}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{ED0A60D8-6747-49C4-9CBE-C817ACC10CC5}
Successfully deleted: [Empty Folder] C:\Users\hristos\appdata\local\{F802B32A-C7D9-4809-8381-4392CC234573}



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\hristos\AppData\Roaming\mozilla\firefox\profiles\yufn37b9.default\user.js
Emptied folder: C:\Users\hristos\AppData\Roaming\mozilla\firefox\profiles\yufn37b9.default\minidumps [17 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.04.2014 at 20:57:35,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2014
Ran by hristos (administrator) on HRISTOS-PC on 28-04-2014 21:04:23
Running from C:\Users\hristos\Desktop\FRST-OlderVersion
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\system32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Spotify Ltd) C:\Users\hristos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
() C:\Program Files\Opera\20.0.1387.91\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files\Opera\20.0.1387.91\opera.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [Spotify Web Helper] => C:\Users\hristos\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-109183035-3835306969-3137161351-1000\...\Run: [MKLOL] => C:\Program Files\MKJogo\MKLOL\MK.exe [1277128 2014-04-23] (MK)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/stg_drm.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Plants%20vs.%20Zombies/Images/armhelper.ocx
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\hristos\AppData\Roaming\Mozilla\Firefox\Profiles\yufn37b9.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @gamersfirst.com/LiveLauncher - C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\hristos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\hristos\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\hristos\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-01-12]

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\hristos\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\hristos\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\hristos\AppData\Local\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.0.147) - C:\Program Files\Java\jre7\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 7) - C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\hristos\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Extension: (Stylish) - C:\Users\hristos\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-06-10]
CHR Extension: (Google Wallet) - C:\Users\hristos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (iOS, iPad, iPhone & iPod Grey Texture) - C:\Users\hristos\AppData\Local\Google\Chrome\User Data\Default\Extensions\odgbpcbfijafedicgoagncajafompaok [2013-09-26]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\hristos\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2010-01-28] (TOSHIBA CORPORATION)
R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [75136 2012-11-10] ()
S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2010-02-05] (TOSHIBA Corporation)

==================== Drivers (Whitelisted) ====================

R3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [5340160 2010-03-15] (ATI Technologies Inc.)
S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [50728 2012-09-14] (Eugene V. Muzychenko)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-24] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [39960 2013-05-30] (Logitech Inc.)
S3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-24] (Logitech Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28560 2009-06-17] (Logitech, Inc.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-28] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [13056 2008-11-19] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [19968 2008-11-19] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [24832 2008-11-19] (LG Electronics Inc.)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 catchme; \??\C:\Users\hristos\AppData\Local\Temp\catchme.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 XDva386; \??\C:\Windows\system32\XDva386.sys [X]
S3 XDva389; \??\C:\Windows\system32\XDva389.sys [X]
S3 XDva390; \??\C:\Windows\system32\XDva390.sys [X]
S3 XDva391; \??\C:\Windows\system32\XDva391.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-28 20:57 - 2014-04-28 20:57 - 00006448 _____ () C:\Users\hristos\Desktop\JRT.txt
2014-04-28 20:54 - 2014-04-28 20:55 - 00000000 ____D () C:\Users\hristos\Desktop\rescue software
2014-04-28 20:54 - 2014-04-28 20:54 - 01016261 _____ (Thisisu) C:\Users\hristos\Desktop\JRT.exe
2014-04-28 20:54 - 2014-04-28 20:54 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 20:53 - 2014-04-28 20:54 - 01016261 _____ (Thisisu) C:\Users\hristos\Downloads\JRT.exe
2014-04-28 20:45 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-28 20:44 - 2014-04-28 20:47 - 00000000 ____D () C:\AdwCleaner
2014-04-28 20:43 - 2014-04-28 20:43 - 01310283 _____ () C:\Users\hristos\Downloads\adwcleaner.exe
2014-04-25 01:46 - 2014-04-25 01:46 - 00000000 ____D () C:\Users\hristos\Desktop\Tor Browser
2014-04-25 01:44 - 2014-04-25 01:44 - 22913908 _____ () C:\Users\hristos\Desktop\torbrowser-install-3.5.4_en-US.exe
2014-04-23 18:16 - 2014-04-23 18:16 - 00000048 _____ () C:\Windows\JQHApp.dat
2014-04-23 18:16 - 2014-04-23 18:16 - 00000000 ____D () C:\Users\hristos\Documents\MK-LOL
2014-04-23 18:09 - 2014-04-23 18:09 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-04-23 18:08 - 2014-04-23 18:08 - 00000000 ____D () C:\Program Files\MKJogo
2014-04-23 17:59 - 2014-04-23 18:00 - 07789256 _____ () C:\Users\hristos\Downloads\MK_LOL_1.0.0.39 (1).exe
2014-04-23 17:58 - 2014-04-23 17:59 - 07789256 _____ () C:\Users\hristos\Downloads\MK_LOL_1.0.0.39.exe
2014-04-22 21:18 - 2014-04-22 21:18 - 00706959 _____ () C:\Users\hristos\Downloads\4443.zip
2014-04-22 06:51 - 2014-02-03 23:01 - 00000000 ____D () C:\Users\hristos\Desktop\rads
2014-04-22 06:48 - 2014-04-22 06:48 - 01525501 _____ () C:\Users\hristos\Downloads\2823.zip
2014-04-21 22:13 - 2014-04-21 22:13 - 00017596 _____ () C:\ComboFix.txt
2014-04-21 21:48 - 2014-04-21 22:13 - 00000000 ____D () C:\Qoobox
2014-04-21 21:48 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-21 21:48 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-21 21:48 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-21 21:48 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-21 21:48 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-21 21:48 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-21 21:48 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-21 21:48 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-21 21:47 - 2014-04-21 22:12 - 00000000 ____D () C:\Windows\erdnt
2014-04-21 15:25 - 2014-04-21 15:25 - 00215775 _____ () C:\Users\hristos\Downloads\32923.zip
2014-04-21 15:25 - 2014-04-21 15:25 - 00215775 _____ () C:\Users\hristos\Downloads\32923 (1).zip
2014-04-21 15:23 - 2014-04-21 15:23 - 00032258 _____ () C:\Users\hristos\Downloads\21043 (1).zip
2014-04-21 15:22 - 2014-04-21 15:22 - 00032258 _____ () C:\Users\hristos\Downloads\21043.zip
2014-04-21 15:21 - 2014-04-21 15:21 - 00094864 _____ () C:\Users\hristos\Downloads\3364.zip
2014-04-21 15:13 - 2014-04-21 15:14 - 07916654 _____ () C:\Users\hristos\Downloads\SIU 4.34-Lite.zip
2014-04-20 20:41 - 2014-04-20 20:41 - 11944901 _____ () C:\Users\hristos\Downloads\setup.exe
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\friendbomber.me
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Friend Bomber
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\ProgramData\friendbomber.me
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\Program Files\Friend Bomber
2014-04-20 20:28 - 2014-04-28 21:04 - 00000000 ____D () C:\Users\hristos\Desktop\FRST-OlderVersion
2014-04-20 18:15 - 2014-04-20 18:15 - 00000000 ____D () C:\Users\hristos\AppData\Local\BoLUpdater
2014-04-17 15:14 - 2014-04-17 15:14 - 00035700 _____ () C:\Users\hristos\Downloads\Addition.txt
2014-04-17 15:13 - 2014-04-28 21:04 - 00000000 ____D () C:\FRST
2014-04-17 15:13 - 2014-04-17 15:14 - 00035488 _____ () C:\Users\hristos\Downloads\FRST.txt
2014-04-17 03:16 - 2014-04-17 03:16 - 00000000 _____ () C:\Windows\NDSTray.INI
2014-04-17 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 03:00 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 03:00 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 03:00 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 03:00 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-14 18:27 - 2014-04-28 20:49 - 00002567 _____ () C:\Windows\setupact.log
2014-04-14 18:27 - 2014-04-28 20:48 - 00003338 _____ () C:\Windows\PFRO.log
2014-04-14 18:27 - 2014-04-14 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 00:06 - 2014-04-14 00:15 - 00000000 ____D () C:\Users\hristos\Desktop\naked
2014-04-12 10:12 - 2014-04-28 20:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-11 09:11 - 2014-03-31 22:22 - 00000000 ____D () C:\Users\hristos\Desktop\Skrillex - Recess (2014)
2014-04-09 23:08 - 2014-04-09 23:08 - 00231952 _____ () C:\Users\hristos\Downloads\DriverTurboSetup.exe
2014-04-09 22:48 - 2014-04-17 20:31 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\DriverTurbo
2014-04-09 21:34 - 2014-04-09 21:43 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517115314.zip
2014-04-09 21:11 - 2014-04-09 21:25 - 00173651 _____ () C:\Users\hristos\Downloads\sound-20100517111051 (1).zip.opdownload
2014-04-09 20:48 - 2014-04-28 19:47 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 20:48 - 2014-04-09 20:48 - 00001020 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 20:48 - 2014-04-09 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-09 20:47 - 2014-04-09 20:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 20:47 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-09 20:47 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-09 20:47 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-09 20:45 - 2014-04-20 20:05 - 00000000 ____D () C:\Program Files\CONEXANT
2014-04-09 20:44 - 2014-04-09 20:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hristos\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-09 20:31 - 2014-04-09 20:43 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517111051.zip
2014-04-09 00:11 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 00:11 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 00:11 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 00:11 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 00:11 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 00:11 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 20:12 - 2014-04-07 20:12 - 00000000 ____D () C:\Users\hristos\Desktop\BoL Studio(Full Deal)
2014-04-07 20:12 - 2014-04-07 19:28 - 27055956 _____ () C:\Users\hristos\Desktop\BoL Studio(Full Deal).rar
2014-04-07 20:10 - 2014-04-27 00:59 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\BoL
2014-04-07 20:08 - 2014-04-07 20:09 - 06528512 _____ () C:\Users\hristos\Downloads\BoL.dll
2014-04-07 20:07 - 2014-04-07 20:08 - 01888256 _____ () C:\Users\hristos\Downloads\BoL Studio.exe
2014-04-07 19:26 - 2014-04-07 19:28 - 27055956 _____ () C:\Users\hristos\Downloads\BoL Studio(Full Deal).rar
2014-04-07 19:24 - 2014-04-07 19:24 - 06120184 _____ (TeamViewer GmbH) C:\Users\hristos\Downloads\TeamViewer_Setup_de.exe
2014-04-07 19:01 - 2014-04-07 20:09 - 00000000 ____D () C:\Users\hristos\Desktop\bol
2014-04-07 19:00 - 2014-04-07 19:01 - 10339653 _____ () C:\Users\hristos\Downloads\BoL Studio.rar

==================== One Month Modified Files and Folders =======

2014-04-28 21:04 - 2014-04-20 20:28 - 00000000 ____D () C:\Users\hristos\Desktop\FRST-OlderVersion
2014-04-28 21:04 - 2014-04-17 15:13 - 00000000 ____D () C:\FRST
2014-04-28 21:03 - 2011-10-15 22:26 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 20:57 - 2014-04-28 20:57 - 00006448 _____ () C:\Users\hristos\Desktop\JRT.txt
2014-04-28 20:56 - 2009-07-14 06:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-28 20:56 - 2009-07-14 06:34 - 00017136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-28 20:55 - 2014-04-28 20:54 - 00000000 ____D () C:\Users\hristos\Desktop\rescue software
2014-04-28 20:54 - 2014-04-28 20:54 - 01016261 _____ (Thisisu) C:\Users\hristos\Desktop\JRT.exe
2014-04-28 20:54 - 2014-04-28 20:54 - 00000000 ____D () C:\Windows\ERUNT
2014-04-28 20:54 - 2014-04-28 20:53 - 01016261 _____ (Thisisu) C:\Users\hristos\Downloads\JRT.exe
2014-04-28 20:53 - 2011-08-13 02:29 - 01114457 _____ () C:\Windows\WindowsUpdate.log
2014-04-28 20:51 - 2011-10-15 22:26 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 20:49 - 2014-04-14 18:27 - 00002567 _____ () C:\Windows\setupact.log
2014-04-28 20:49 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 20:48 - 2014-04-14 18:27 - 00003338 _____ () C:\Windows\PFRO.log
2014-04-28 20:47 - 2014-04-28 20:44 - 00000000 ____D () C:\AdwCleaner
2014-04-28 20:47 - 2014-04-12 10:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-28 20:43 - 2014-04-28 20:43 - 01310283 _____ () C:\Users\hristos\Downloads\adwcleaner.exe
2014-04-28 20:43 - 2011-09-30 20:37 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\TS3Client
2014-04-28 20:22 - 2011-08-13 12:04 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job
2014-04-28 19:47 - 2014-04-09 20:48 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-28 18:40 - 2012-05-08 18:07 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\Spotify
2014-04-28 18:11 - 2011-10-19 21:01 - 00001146 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000UA.job
2014-04-28 16:22 - 2011-08-13 12:04 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job
2014-04-28 00:11 - 2011-10-19 21:01 - 00001124 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-109183035-3835306969-3137161351-1000Core.job
2014-04-27 13:30 - 2012-12-13 22:13 - 00116480 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-04-27 03:11 - 2011-08-13 02:37 - 00006252 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 00:59 - 2014-04-07 20:10 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\BoL
2014-04-26 17:24 - 2014-03-09 16:11 - 00000000 ____D () C:\Program Files\Steam
2014-04-26 16:44 - 2011-11-12 21:06 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-04-25 01:46 - 2014-04-25 01:46 - 00000000 ____D () C:\Users\hristos\Desktop\Tor Browser
2014-04-25 01:44 - 2014-04-25 01:44 - 22913908 _____ () C:\Users\hristos\Desktop\torbrowser-install-3.5.4_en-US.exe
2014-04-23 18:16 - 2014-04-23 18:16 - 00000048 _____ () C:\Windows\JQHApp.dat
2014-04-23 18:16 - 2014-04-23 18:16 - 00000000 ____D () C:\Users\hristos\Documents\MK-LOL
2014-04-23 18:09 - 2014-04-23 18:09 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2014-04-23 18:08 - 2014-04-23 18:08 - 00000000 ____D () C:\Program Files\MKJogo
2014-04-23 18:00 - 2014-04-23 17:59 - 07789256 _____ () C:\Users\hristos\Downloads\MK_LOL_1.0.0.39 (1).exe
2014-04-23 17:59 - 2014-04-23 17:58 - 07789256 _____ () C:\Users\hristos\Downloads\MK_LOL_1.0.0.39.exe
2014-04-23 01:52 - 2012-05-08 18:11 - 00000000 ____D () C:\Users\hristos\AppData\Local\Spotify
2014-04-22 21:19 - 2012-03-31 17:38 - 00000000 ___HD () C:\Users\hristos\AppData\Local\.minecraft
2014-04-22 21:18 - 2014-04-22 21:18 - 00706959 _____ () C:\Users\hristos\Downloads\4443.zip
2014-04-22 21:07 - 2013-10-11 19:26 - 00000000 ____D () C:\Users\hristos\Desktop\SIU
2014-04-22 06:48 - 2014-04-22 06:48 - 01525501 _____ () C:\Users\hristos\Downloads\2823.zip
2014-04-21 22:13 - 2014-04-21 22:13 - 00017596 _____ () C:\ComboFix.txt
2014-04-21 22:13 - 2014-04-21 21:48 - 00000000 ____D () C:\Qoobox
2014-04-21 22:13 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-04-21 22:13 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-04-21 22:12 - 2014-04-21 21:47 - 00000000 ____D () C:\Windows\erdnt
2014-04-21 22:10 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-04-21 15:25 - 2014-04-21 15:25 - 00215775 _____ () C:\Users\hristos\Downloads\32923.zip
2014-04-21 15:25 - 2014-04-21 15:25 - 00215775 _____ () C:\Users\hristos\Downloads\32923 (1).zip
2014-04-21 15:23 - 2014-04-21 15:23 - 00032258 _____ () C:\Users\hristos\Downloads\21043 (1).zip
2014-04-21 15:22 - 2014-04-21 15:22 - 00032258 _____ () C:\Users\hristos\Downloads\21043.zip
2014-04-21 15:21 - 2014-04-21 15:21 - 00094864 _____ () C:\Users\hristos\Downloads\3364.zip
2014-04-21 15:14 - 2014-04-21 15:13 - 07916654 _____ () C:\Users\hristos\Downloads\SIU 4.34-Lite.zip
2014-04-20 21:24 - 2012-01-06 02:45 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\Skype
2014-04-20 20:43 - 2012-02-17 00:31 - 00000000 ____D () C:\ProgramData\firebird
2014-04-20 20:41 - 2014-04-20 20:41 - 11944901 _____ () C:\Users\hristos\Downloads\setup.exe
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\friendbomber.me
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Friend Bomber
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\ProgramData\friendbomber.me
2014-04-20 20:41 - 2014-04-20 20:41 - 00000000 ____D () C:\Program Files\Friend Bomber
2014-04-20 20:10 - 2011-10-21 20:45 - 00000000 ____D () C:\Program Files\adf-soft´s Screenshot
2014-04-20 20:09 - 2011-10-15 22:26 - 00000000 ____D () C:\Program Files\Google
2014-04-20 20:06 - 2011-09-04 10:25 - 00000000 ____D () C:\Program Files\MAXON
2014-04-20 20:05 - 2014-04-09 20:45 - 00000000 ____D () C:\Program Files\CONEXANT
2014-04-20 20:05 - 2011-09-04 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2014-04-20 20:05 - 2011-09-04 10:23 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\MAXON
2014-04-20 20:04 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-20 20:02 - 2011-08-13 15:49 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-04-20 20:02 - 2011-08-13 15:48 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-20 20:01 - 2011-08-13 15:49 - 00000000 ____D () C:\Program Files\Adobe
2014-04-20 18:15 - 2014-04-20 18:15 - 00000000 ____D () C:\Users\hristos\AppData\Local\BoLUpdater
2014-04-17 20:31 - 2014-04-09 22:48 - 00000000 ____D () C:\Users\hristos\AppData\Roaming\DriverTurbo
2014-04-17 15:14 - 2014-04-17 15:14 - 00035700 _____ () C:\Users\hristos\Downloads\Addition.txt
2014-04-17 15:14 - 2014-04-17 15:13 - 00035488 _____ () C:\Users\hristos\Downloads\FRST.txt
2014-04-17 03:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-04-17 03:16 - 2014-04-17 03:16 - 00000000 _____ () C:\Windows\NDSTray.INI
2014-04-17 03:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-04-16 04:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-14 18:59 - 2011-12-15 08:25 - 00116480 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-14 18:27 - 2014-04-14 18:27 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-14 00:15 - 2014-04-14 00:06 - 00000000 ____D () C:\Users\hristos\Desktop\naked
2014-04-13 23:57 - 2013-04-26 20:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-09 23:08 - 2014-04-09 23:08 - 00231952 _____ () C:\Users\hristos\Downloads\DriverTurboSetup.exe
2014-04-09 21:43 - 2014-04-09 21:34 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517115314.zip
2014-04-09 21:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-09 21:25 - 2014-04-09 21:11 - 00173651 _____ () C:\Users\hristos\Downloads\sound-20100517111051 (1).zip.opdownload
2014-04-09 20:48 - 2014-04-09 20:48 - 00001020 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-09 20:48 - 2014-04-09 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-09 20:47 - 2014-04-09 20:47 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-09 20:47 - 2012-03-03 11:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 20:46 - 2014-04-09 20:44 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\hristos\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-09 20:43 - 2014-04-09 20:31 - 38692329 _____ () C:\Users\hristos\Downloads\sound-20100517111051.zip
2014-04-09 14:08 - 2013-07-30 16:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 14:05 - 2013-08-15 07:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 14:00 - 2012-03-08 18:03 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 20:12 - 2014-04-07 20:12 - 00000000 ____D () C:\Users\hristos\Desktop\BoL Studio(Full Deal)
2014-04-07 20:09 - 2014-04-07 20:08 - 06528512 _____ () C:\Users\hristos\Downloads\BoL.dll
2014-04-07 20:09 - 2014-04-07 19:01 - 00000000 ____D () C:\Users\hristos\Desktop\bol
2014-04-07 20:08 - 2014-04-07 20:07 - 01888256 _____ () C:\Users\hristos\Downloads\BoL Studio.exe
2014-04-07 19:28 - 2014-04-07 20:12 - 27055956 _____ () C:\Users\hristos\Desktop\BoL Studio(Full Deal).rar
2014-04-07 19:28 - 2014-04-07 19:26 - 27055956 _____ () C:\Users\hristos\Downloads\BoL Studio(Full Deal).rar
2014-04-07 19:24 - 2014-04-07 19:24 - 06120184 _____ (TeamViewer GmbH) C:\Users\hristos\Downloads\TeamViewer_Setup_de.exe
2014-04-07 19:01 - 2014-04-07 19:00 - 10339653 _____ () C:\Users\hristos\Downloads\BoL Studio.rar
2014-04-05 22:45 - 2014-03-12 15:53 - 00000000 ____D () C:\Program Files\Opera
2014-04-03 09:51 - 2014-04-09 20:47 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-09 20:47 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-09 20:47 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 03:01 - 2012-05-02 05:53 - 00002077 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-04-03 03:01 - 2011-08-13 02:44 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-04-03 03:01 - 2011-08-13 02:42 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-02 20:18 - 2011-10-20 21:47 - 00000000 ____D () C:\Users\hristos\AppData\Local\Windows Live
2014-04-01 20:07 - 2011-08-13 15:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-03-31 22:22 - 2014-04-11 09:11 - 00000000 ____D () C:\Users\hristos\Desktop\Skrillex - Recess (2014)

Files to move or delete:
====================
C:\Users\hristos\Setup.bat


Some content of TEMP:
====================
C:\Users\hristos\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 00:51

==================== End Of Log ============================
--- --- ---



malwarebyte hat nichts gefunden

Alt 29.04.2014, 17:23   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.04.2014, 22:40   #8
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


also bis jetzt ist der unterschied das ich meinen pc hochfahren kann !
und naja wenn ich etwas in youtube schaue kommen keine pop ups von pornseiten , frag nicht wie das zu stande kommt ,wollte mal der nostalgie wegen digimon schauen , hat böse geendet

Alt 01.05.2014, 00:09   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Wir haben ja auch einiges entfernt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.05.2014, 13:10   #10
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?





das öffnet sich immer wenn ich von meinem pc weggehe , als ich zurückkam war wieder ein starkes flackern da , als ich meine maus eine zeit lang hin und her bewegte verschwand das flackern wieder ...?

Alt 02.05.2014, 07:35   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Versuchen wir mal was, auch wenn ich denke dass da die Hardware ebenso ein Problem hat:

http://www.trojaner-board.de/126216-...epair-aio.html
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.05.2014, 11:20   #12
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Jetzt wenn ich ihn Starten will passiert nicht, höre den Lüfter, Bildschirm zeigt nichts,leuchten auf der Tastatur leuchten nicht

Alt 11.05.2014, 06:32   #13
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Seit wann genau? Was hast Du gemacht?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.05.2014, 09:16   #14
Arctic Blate
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Gestern, hab meinen Akku rausgemacht weil ich das Gefühl hatte das der ne Auszeit braucht & das halt per Netzteil betrieben, bin dann gegen das Kabel gekommen und aus war er ..

Alt 12.05.2014, 10:06   #15
schrauber
/// the machine
/// TB-Ausbilder
 
Bildschirm nach bootvorgang stark flackernd - Virus ? - Standard

Bildschirm nach bootvorgang stark flackernd - Virus ?


Das is ungeil. Im schlimmsten Fall is alles zerballert. Akku rein, Kabel rein, Startknopf 10 sec gedrückt halten, loslassen, starten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort
Seite 2 von 3 1 2 3

Themen zu Bildschirm nach bootvorgang stark flackernd - Virus ?
32bit, bekannte, bereinigt, bildschirm, bootvorgang, compu, computer, gestern, links, malware / spyware, nichts, premium, rechner, rechts, stark, symbol, treffen, trojaner, virus, virus ?, vorgang, win, win 7, zieht


« WIN 7 64bit, schwedischer Ableger vom BKA Trojaner. U-Kash Aufforderung | Windows 7: Win32:BProtect-D »


Ähnliche Themen: Bildschirm nach bootvorgang stark flackernd - Virus ?


  1. Windows 7 64bit Pc stark verlangsamt (beim Start Bildschirm lange schwarz) und Adblock funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 11.03.2015 (13)
  2. Windows 8.1 - farmaster.net nach bootvorgang durch CMD
    Log-Analyse und Auswertung - 21.09.2014 (4)
  3. Avast und Malwarebytes Anti-Malware werdenvon gruppenrichtlinie geblockt + aussergewöhnliche meldung nach dem bootvorgang.
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (11)
  4. Windows 7 - Bootvorgang wird abgebrochen nach kurzem Bluescreen ; Systemreparatur nicht erfolgreich
    Log-Analyse und Auswertung - 19.04.2014 (9)
  5. Virus, weisser Bildschirm nach Start (Win7 32 Bit)
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (13)
  6. GVU-Virus bei Windows 7, weißer Bildschirm nach dem Neustarten
    Log-Analyse und Auswertung - 08.07.2013 (9)
  7. Weißer Bildschirm nach Bootvorgang ins Win 7
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (41)
  8. Virus(Trojaner)-weißer Bildschirm nach Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 14.10.2012 (11)
  9. POP-Up beim Windows Bootvorgang nach Ukash Entfernung
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  10. Windows 7 - Bildschirm schaltet bei Bootvorgang in Standby
    Alles rund um Windows - 21.05.2012 (2)
  11. Suche nach angepasstem Script nach Gema-Virus und weißen Bildschirm mit ...
    Plagegeister aller Art und deren Bekämpfung - 25.03.2012 (1)
  12. Blackscreen nach Win7-Bootvorgang
    Alles rund um Windows - 17.11.2011 (11)
  13. TR/Shutdown Neustart nach Bootvorgang
    Plagegeister aller Art und deren Bekämpfung - 17.12.2010 (9)
  14. per Win XP Virus bekommen, der stark einschränkt. Kaspersky rescue disc benutzt, aber Virus noch da
    Plagegeister aller Art und deren Bekämpfung - 01.11.2010 (30)
  15. Festplatte arbeitet stark nach onlinegehen
    Plagegeister aller Art und deren Bekämpfung - 30.11.2009 (8)
  16. Bootvorgang nach 20 sec tot
    Plagegeister aller Art und deren Bekämpfung - 18.10.2009 (2)
  17. Windows Server 2003 hat Virus->mit Netzwerkkabel->neustart beim bootvorgang
    Alles rund um Windows - 09.11.2005 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bildschirm nach bootvorgang stark flackernd - Virus ? - Code: Alles auswählen Aufklappen ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-04-2014 01 Ran by hristos at 2014-04-20 20:29:44 Running from C:\Users\hristos\Desktop Boot Mode: Normal ========================================================== - Bildschirm nach bootvorgang stark flackernd - Virus ?...
Archiv
Du betrachtest: Bildschirm nach bootvorgang stark flackernd - Virus ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22