Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Es grüßt die Telekom

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.06.2014, 16:23   #1
vorex
 
Es grüßt die Telekom - Standard

Es grüßt die Telekom



Hallo, und schon mal vorab recht herzlichen Dank für Eure Hilfe!

Ja, es ist passiert, blöd nur weil vermeidbar gewesen - anyway!


Hab auch Post von der Telekom bekommen, hier im Wortlaut:
Sehr geehrte Kundin, sehr geehrter Kunde,

als Anlage ist die Rechnung 13658476 als PDF-Datei beigefügt:
2014_06rechnung_13658476_sign.zip.

Der Gesamtbetrag für den Monat Juni 2014 beläuft sich auf: 385,16 Euro.


Mit freundlichen Grüßen
Ihre Telekom


Was ist passiert:
zip-File heruntergeladen und geöffnet.


Hab nachdem ich bemerkt hab, dass die ganze Sache faul ist, schon mal malwarebites, den AdwCleaner und Frst laufen lassen.

Hier die Log-Files:

mawarebites:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.06.2014
Suchlauf-Zeit: 15:04:33
Logdatei: logdatei.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.11.04
Rootkit Datenbank: v2014.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 309665
Verstrichene Zeit: 4 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 11
PUP.Optional.SaveSense.A, HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71e129ff-6c2a-4984-818c-7e2c998b8d99}, Löschen bei Neustart, [e44c5a1d6318c96d72c3a49908fad62a], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}, Löschen bei Neustart, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXPLORER BARS\{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{CCC7B14F-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3050F3EE-98B5-11CF-BB82-00AA00BDCE0B}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{CCC7B150-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3050F3EE-98B5-11CF-BB82-00AA00BDCE0B}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{CCC7B150-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{CCC7B14F-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SiteFinder, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 

Registrierungswerte: 2
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}, Site Finder Toolbar, In Quarantäne, [08284730512a1f17c8aba80649b9d030]
PUP.Optional.SiteFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 1
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 

Dateien: 11
Backdoor.Bot, C:\Users\Admin\AppData\Local\Temp\2014_06rechnung_0020273640_sign.zip, In Quarantäne, [db55205792e9ad896654f79132cfc040], 
Backdoor.Bot, C:\Users\Admin\AppData\Local\Temp\Rar$EXa0.297\2014_06rechnung_0020273640_sign_telekom_deutschland_gmbh.exe, In Quarantäne, [fe32c0b74d2e54e2dddd0f79d22fdf21], 
Backdoor.Bot, C:\Users\Admin\Downloads\2014_06rechnung_0020273640_sign.zip, In Quarantäne, [0c247ef9443755e1caf0c8c010f1d52b], 
PUP.Optional.OpenCandy, C:\Users\Admin\Downloads\DTLite4481-0347.exe, In Quarantäne, [50e062157704290d7932b5e1a55f56aa], 
Hacktool.Agent, C:\Users\Admin\Downloads\Windows_Loader_v2.2.1.exe, In Quarantäne, [c16fe691e6956acc0686eb61f50c37c9], 
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\ToolbarData.ini, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\btn.ico, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\hotbtn.ico, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\SiteFinder.dll, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\SiteFinder_new.dll, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 
PUP.Optional.SiteFinder.A, C:\Program Files (x86)\SiteFinder\sitefinder_uninstaller.exe, In Quarantäne, [08284730512a1f17c8aba80649b9d030], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Frst Log1:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2014 01
Ran by Admin (administrator) on ADMIN-PC on 11-06-2014 16:46:22
Running from C:\Users\Admin\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\system\CMGxMon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(CMedia) C:\Program Files\ASUS Xonar DX Audio\Customapp\AsusAudioCenter.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files\ASUS Xonar DX Audio\Customapp\MXmon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\PDF24\pdf24.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.bin
() C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7174728 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.cpl,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\system\CmGxMon.exe [20480 2007-12-19] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1063200 2013-10-18] (NVIDIA Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [PowerDVD13Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe"
HKU\S-1-5-21-815420295-2359678768-3645160346-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-815420295-2359678768-3645160346-1000\...\Run: [Spotify] => C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7695272 2013-12-27] (SlySoft, Inc.)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000\...\Run: [cvxcap32.exe] => C:\Users\Admin\AppData\Roaming\Microsoft\cvxcap32.exe [131072 2009-07-14] (Fcngsylx Yythho Cgcs)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [7695272 2013-12-27] (SlySoft, Inc.)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-815420295-2359678768-3645160346-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cvxcap32.exe] => C:\Users\Admin\AppData\Roaming\Microsoft\cvxcap32.exe [131072 2009-07-14] (Fcngsylx Yythho Cgcs)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD0DF11198AADCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
URLSearchHook: HKLM-x32 - Default Value = {CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6g2oxviq.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireGestures - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6g2oxviq.default\Extensions\firegestures@xuldev.org.xpi [2013-09-10]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6g2oxviq.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6g2oxviq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-09-10]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj [2013-09-10]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-06-10] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [180200 2013-02-13] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-04-18] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-09-05] (Nalpeiron Ltd.) [File not signed]
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288768 2011-03-09] (WDC) [File not signed]
R2 WDFME; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [1066896 2011-03-09] ()
R2 WDSC; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [491920 2011-03-09] ()

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138152 2013-11-26] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138152 2013-11-26] (SlySoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1197568 2008-01-18] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-14] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-02-13] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-02-13] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-02-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-06-11] ()
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-11 16:46 - 2014-06-11 16:46 - 00020981 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-06-11 16:46 - 2014-06-11 16:46 - 00000000 ____D () C:\FRST
2014-06-11 16:45 - 2014-06-11 16:46 - 02081792 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-06-11 16:01 - 2014-06-11 16:07 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-06-11 16:01 - 2014-06-11 16:01 - 02365840 _____ () C:\Users\Admin\Downloads\SecurityTaskManager_Setup.exe
2014-06-11 16:01 - 2014-06-11 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2014-06-11 16:01 - 2014-06-11 16:01 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-06-11 15:56 - 2014-06-11 15:56 - 00540072 _____ (Neuber Software) C:\Users\Admin\Downloads\SvchostAnalyzer.exe
2014-06-11 15:02 - 2014-06-11 15:27 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 15:02 - 2014-06-11 15:02 - 00001138 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-11 15:02 - 2014-06-11 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-11 15:01 - 2014-06-11 15:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-11 15:01 - 2014-06-11 15:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-11 15:01 - 2014-06-11 15:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 15:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-11 15:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-11 15:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-11 14:53 - 2014-06-11 14:59 - 00000000 ____D () C:\AdwCleaner
2014-06-11 14:53 - 2014-06-11 14:53 - 01333465 _____ () C:\Users\Admin\Downloads\adwcleaner_3.212.exe
2014-06-11 14:53 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-11 14:22 - 2014-06-11 14:54 - 00006229 ____H () C:\Users\Admin\AppData\Roaming\U16355-74F7.html
2014-06-11 10:31 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 10:31 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 10:31 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 10:31 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 10:31 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 10:31 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 10:31 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 10:31 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 10:31 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 10:31 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 10:31 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 10:31 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 10:31 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 10:31 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 10:31 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 10:31 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 10:31 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 10:31 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 10:31 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 10:31 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 10:31 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 10:31 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 10:31 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 10:31 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 10:31 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 10:31 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 10:31 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 10:31 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 10:31 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 10:31 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 10:31 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 10:31 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 10:31 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 10:31 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 10:31 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 10:31 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 10:31 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 10:31 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 10:31 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 10:31 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 10:31 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 10:31 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 10:31 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 10:31 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 10:31 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 10:31 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 10:31 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 10:31 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 10:31 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 10:31 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 10:31 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 10:31 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 10:31 - 2014-05-08 11:32 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 10:31 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 10:31 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 10:31 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 10:31 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 10:31 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 10:31 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 10:31 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 10:31 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 10:31 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 10:31 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 10:31 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 10:31 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 10:30 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 10:30 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 16:36 - 2014-06-06 16:36 - 00115743 _____ () C:\Users\Admin\Desktop\Wien - Neusiedl am See.gpx
2014-06-06 15:53 - 2014-06-06 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-05-19 20:29 - 2014-05-19 20:34 - 00042168 _____ () C:\Users\Admin\Downloads\Bauhaus Lt BT Light.zip
2014-05-19 20:29 - 2014-05-19 20:30 - 00042026 _____ () C:\Users\Admin\Downloads\Bauhaus Md BT Medium.zip
2014-05-16 15:36 - 2014-06-11 15:26 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-05-15 17:29 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 17:29 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 17:29 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 17:29 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 17:29 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 17:29 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 17:29 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 17:29 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 17:29 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 17:29 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 17:29 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 17:29 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 17:29 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 17:29 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 17:29 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 17:29 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 17:29 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 17:29 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 17:29 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 17:29 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 17:29 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 17:29 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 17:29 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 17:29 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 17:29 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 17:29 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

==================== One Month Modified Files and Folders =======

2014-06-11 16:46 - 2014-06-11 16:46 - 00020981 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-06-11 16:46 - 2014-06-11 16:46 - 00000000 ____D () C:\FRST
2014-06-11 16:46 - 2014-06-11 16:45 - 02081792 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-06-11 16:46 - 2013-09-09 20:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\Temp
2014-06-11 16:26 - 2013-09-09 22:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-11 16:21 - 2013-11-26 21:51 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-11 16:17 - 2013-11-13 15:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-06-11 16:07 - 2014-06-11 16:01 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-06-11 16:01 - 2014-06-11 16:01 - 02365840 _____ () C:\Users\Admin\Downloads\SecurityTaskManager_Setup.exe
2014-06-11 16:01 - 2014-06-11 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2014-06-11 16:01 - 2014-06-11 16:01 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
2014-06-11 15:56 - 2014-06-11 15:56 - 00540072 _____ (Neuber Software) C:\Users\Admin\Downloads\SvchostAnalyzer.exe
2014-06-11 15:40 - 2013-09-12 12:16 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-06-11 15:32 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-06-11 15:32 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-06-11 15:32 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-11 15:32 - 2009-07-14 06:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-11 15:32 - 2009-07-14 06:45 - 00026768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-11 15:30 - 2013-09-09 20:08 - 01415975 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 15:27 - 2014-06-11 15:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-11 15:27 - 2014-01-12 21:14 - 00000000 ___RD () C:\Users\Admin\Dropbox
2014-06-11 15:27 - 2014-01-12 21:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DropboxMaster
2014-06-11 15:27 - 2014-01-12 21:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2014-06-11 15:27 - 2014-01-02 14:23 - 00000040 ___SH () C:\ProgramData\.zreglib
2014-06-11 15:27 - 2013-11-26 21:51 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-11 15:26 - 2014-05-16 15:36 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-06-11 15:26 - 2013-09-09 20:25 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-06-11 15:26 - 2013-09-09 20:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-11 15:26 - 2010-11-21 05:47 - 00376016 _____ () C:\Windows\PFRO.log
2014-06-11 15:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-11 15:26 - 2009-07-14 06:51 - 00129246 _____ () C:\Windows\setupact.log
2014-06-11 15:23 - 2013-10-12 21:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 15:22 - 2013-10-12 21:20 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 15:21 - 2014-05-06 22:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 15:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-06-11 15:02 - 2014-06-11 15:02 - 00001138 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-11 15:02 - 2014-06-11 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-11 15:02 - 2014-06-11 15:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-11 15:01 - 2014-06-11 15:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-11 15:01 - 2014-06-11 15:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-11 14:59 - 2014-06-11 14:53 - 00000000 ____D () C:\AdwCleaner
2014-06-11 14:54 - 2014-06-11 14:22 - 00006229 ____H () C:\Users\Admin\AppData\Roaming\U16355-74F7.html
2014-06-11 14:53 - 2014-06-11 14:53 - 01333465 _____ () C:\Users\Admin\Downloads\adwcleaner_3.212.exe
2014-06-11 14:39 - 2013-09-09 21:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2014-06-11 10:38 - 2013-11-13 15:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-06-10 13:25 - 2013-09-09 21:48 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-10 13:25 - 2013-09-09 21:48 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-08 11:13 - 2014-06-11 10:30 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 10:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-06 16:36 - 2014-06-06 16:36 - 00115743 _____ () C:\Users\Admin\Desktop\Wien - Neusiedl am See.gpx
2014-06-06 15:53 - 2014-06-06 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-06-06 15:53 - 2013-09-10 11:46 - 00000000 ____D () C:\Users\Admin\AppData\Local\GARMIN_Corp
2014-06-06 15:53 - 2013-09-09 20:50 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-06-02 08:24 - 2013-11-26 21:51 - 00000000 ____D () C:\Nik Collection
2014-06-02 08:24 - 2013-09-10 09:07 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-06-02 08:23 - 2013-11-26 21:50 - 00000000 ____D () C:\ProgramData\Google
2014-06-02 08:08 - 2014-01-12 21:14 - 00001015 _____ () C:\Users\Admin\Desktop\Dropbox.lnk
2014-06-02 08:08 - 2014-01-12 21:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-02 08:08 - 2013-09-09 20:09 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-30 12:21 - 2014-06-11 10:31 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 10:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 10:31 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 10:31 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 10:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 10:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 10:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 10:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 10:31 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 10:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 10:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 10:31 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 10:31 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 10:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 10:31 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 10:31 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 10:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 10:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 10:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 10:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 10:31 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 10:31 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 10:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 10:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 10:31 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 10:31 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 10:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 10:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 10:31 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 10:31 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 10:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 10:31 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 10:31 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 10:31 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 10:31 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 10:31 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 10:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 10:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 10:31 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 10:31 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 10:31 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 10:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 10:31 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 10:31 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 10:31 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 10:31 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 10:31 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 10:31 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 10:31 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 10:31 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 10:31 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-21 18:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-20 12:11 - 2009-07-14 06:45 - 04934440 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-19 20:51 - 2013-09-09 20:32 - 00071336 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-19 20:34 - 2014-05-19 20:29 - 00042168 _____ () C:\Users\Admin\Downloads\Bauhaus Lt BT Light.zip
2014-05-19 20:30 - 2014-05-19 20:29 - 00042026 _____ () C:\Users\Admin\Downloads\Bauhaus Md BT Medium.zip
2014-05-19 18:01 - 2013-09-13 08:40 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-16 16:55 - 2013-09-09 20:45 - 00000432 _____ () C:\Windows\BRWMARK.INI
2014-05-16 15:37 - 2013-09-09 20:09 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 15:36 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 17:26 - 2013-09-09 22:02 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-15 17:26 - 2013-09-09 22:02 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-15 17:26 - 2013-09-09 22:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-12 13:43 - 2013-09-16 10:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-05-12 13:43 - 2013-09-12 12:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dvdcss
2014-05-12 07:26 - 2014-06-11 15:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-11 15:01 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-11 15:01 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\CNC4LauncherUpdate.exe
C:\Users\Admin\AppData\Local\Temp\COMAP.EXE
C:\Users\Admin\AppData\Local\Temp\devcon64.exe
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8bwg7q.dll
C:\Users\Admin\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Admin\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Admin\AppData\Local\Temp\nvStInst.exe
C:\Users\Admin\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Admin\AppData\Local\Temp\vlc-2.0.8-win64.exe
C:\Users\Admin\AppData\Local\Temp\ytOVjyUpZvgoJriyDzbI.DLL


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-09 11:32

==================== End Of Log ============================
         
Frst Log2:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-06-2014 01
Ran by Admin at 2014-06-11 16:46:37
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.9.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Xonar DX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{82696435-8572-4D8B-A230-D1AA567D0F0F}) (Version: 1.0.0.0 - Electronic Arts)
Corel WinDVD Pro 11 (HKLM-x32\...\_{EF13E6B7-86D2-4E2C-82FB-375654407D4F}) (Version: 11.6.1.4 - Corel Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DVDFab 9.1.2.3 (17/01/2014) Beta (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
Free YouTube to MP3 Converter version 3.12.12.827 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.12.827 - DVDVideoSoft Ltd.)
Garmin BaseCamp (HKLM-x32\...\{00BC5C92-9F00-41B2-AE04-4C6B5DF0981F}) (Version: 4.3.2 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
ICA (x32 Version: 11.6.1.4 - Corel Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Smart Connect Technology 4.0 x64 (HKLM\...\{B0CA78DB-745A-4857-A73F-9ACD95E62BD0}) (Version: 4.0.41.2072 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.798.1 - Intel Corporation) Hidden
IPM (x32 Version: 11.5 - Corel Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.0.4 - Google)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2049 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 320.49 (Version: 320.49 - NVIDIA Corporation) Hidden
NVIDIA Update 9.3.16 (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 9.3.16 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF2Word Converter Version 1.0.9 (Build 174, 7-PDF) (HKLM-x32\...\PDF2Word Converter (7-PDF)_is1) (Version: PDF2Word Converter - Version 1.0.9 (Build 174) - 7-PDF, Germany - Thorsten Hodes)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PTLens (HKLM\...\{BF6693BE-C3CB-4142-8E05-30D70E62BD19}) (Version: 3.0.690 - ePaperPress)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
SABnzbd 0.7.16 (HKLM-x32\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Setup (x32 Version: 11.6.1.4 - Corel Inc.) Hidden
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Soldat 1.6.6 (HKLM-x32\...\Soldat_is1) (Version: 1.6.6 - Michal Marcinkowski)
SportTracks 3.1 (HKLM-x32\...\{99895EF0-B290-4B21-B1FE-FB00E1B5D195}) (Version: 3.1.4846 - Zone Five Software)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.3.21029 - Blizzard Entertainment)
StarFriend (HKLM-x32\...\StarFriend 1.3.1) (Version: 1.3.1 - StarFriend.net)
StarFriend (x32 Version: 1.3.1 - StarFriend.net) Hidden
Unreal (HKLM-x32\...\{8FDBE1E8-2922-4750-9E4B-6B28CA67DBBB}) (Version:  - )
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WD SmartWare (HKLM\...\{07179D37-D5FE-4373-90D9-A25B992EFB3E}) (Version: 1.4.5.5 - Western Digital)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinDVD (x32 Version: 11.6.1.4 - Corel Inc.) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-10 09:27 - 00001339 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1				activate.adobe.com
127.0.0.1				practivate.adobe.com
127.0.0.1				ereg.adobe.com
127.0.0.1				activate.wip3.adobe.com
127.0.0.1				wip3.adobe.com
127.0.0.1				3dns-3.adobe.com
127.0.0.1				3dns-2.adobe.com
127.0.0.1				adobe-dns.adobe.com
127.0.0.1				adobe-dns-2.adobe.com
127.0.0.1				adobe-dns-3.adobe.com
127.0.0.1				ereg.wip3.adobe.com
127.0.0.1				activate-sea.adobe.com
127.0.0.1				wwis-dubc1-vip60.adobe.com
127.0.0.1				activate-sjc0.adobe.com
127.0.0.1				adobe.activate.com


==================== Scheduled Tasks (whitelisted) =============

Task: {00A4ECC1-68E8-40F2-843D-E4E8D13E904B} - \SaveSense No Task File <==== ATTENTION
Task: {4EBD0AF5-C3A4-4A34-902F-19234712D0F9} - \SaveSenseLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {6F5CDBFF-2B30-4D3C-B407-A750FB57CAD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {908BE647-1CA7-42F1-9591-D4732826752F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {9EF1E938-7115-4DD9-978D-88DD25642D5A} - \SaveSenseLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {CF8FF5D1-F458-492E-8797-99F82ECACF5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-26] (Google Inc.)
Task: {DA7FB6AB-C6BF-40CF-80CE-142E92EA2F61} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DEBE9854-8CD1-442C-BFC7-C115BDB37790} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-13 10:35 - 2013-02-13 10:35 - 00180200 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-02-13 10:35 - 2013-02-13 10:35 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2011-03-09 12:41 - 2011-03-09 12:41 - 01066896 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
2011-03-09 12:41 - 2011-03-09 12:41 - 00491920 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
2013-09-09 20:19 - 2013-06-21 12:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-09 20:32 - 2007-12-19 04:41 - 00020480 _____ () C:\Windows\system\CMGxMon.exe
2013-09-09 20:32 - 2008-01-09 08:18 - 00090112 _____ () C:\Program Files\ASUS Xonar DX Audio\Customapp\MXMon.exe
2013-11-13 15:28 - 2014-05-16 15:37 - 00598072 _____ () C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-05 10:24 - 2010-03-05 10:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll
2013-09-09 20:32 - 2007-12-17 13:05 - 00323584 _____ () C:\Program Files\ASUS Xonar DX Audio\CustomApp\cmdevice.dll
2013-11-13 15:28 - 2014-05-16 15:37 - 36966968 _____ () C:\Users\Admin\AppData\Roaming\Spotify\Data\libcef.dll
2014-06-11 15:27 - 2014-06-11 15:27 - 00043008 _____ () c:\users\admin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8bwg7q.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libcef.dll
2013-12-18 20:43 - 2013-12-18 20:43 - 00019968 _____ () C:\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\OpenOffice.org 3\program\libxml2.dll
2013-11-13 15:28 - 2014-05-16 15:37 - 00886840 _____ () C:\Users\Admin\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-11-13 15:28 - 2014-05-16 15:37 - 00108600 _____ () C:\Users\Admin\AppData\Roaming\Spotify\Data\libegl.dll
2013-09-09 20:15 - 2013-03-12 22:20 - 01199576 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-05-10 09:21 - 2014-05-10 09:21 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/11/2014 03:40:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RunDll32.exe_WerConCpl.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc9e0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fef1d420
ID des fehlerhaften Prozesses: 0x13bc
Startzeit der fehlerhaften Anwendung: 0xRunDll32.exe_WerConCpl.dll0
Pfad der fehlerhaften Anwendung: RunDll32.exe_WerConCpl.dll1
Pfad des fehlerhaften Moduls: RunDll32.exe_WerConCpl.dll2
Berichtskennung: RunDll32.exe_WerConCpl.dll3

Error: (06/11/2014 03:32:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2049, Zeitstempel: 0x51c42115
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fef117c0
ID des fehlerhaften Prozesses: 0x1274
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (06/11/2014 03:27:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2014 03:27:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDDMStatus.exe, Version: 3.1.0.15, Zeitstempel: 0x4d77d124
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fef117c0
ID des fehlerhaften Prozesses: 0x1190
Startzeit der fehlerhaften Anwendung: 0xWDDMStatus.exe0
Pfad der fehlerhaften Anwendung: WDDMStatus.exe1
Pfad des fehlerhaften Moduls: WDDMStatus.exe2
Berichtskennung: WDDMStatus.exe3

Error: (06/11/2014 03:20:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2049, Zeitstempel: 0x51c42115
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fd6217c0
ID des fehlerhaften Prozesses: 0x64c
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (06/11/2014 02:59:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2049, Zeitstempel: 0x51c42115
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fd6217c0
ID des fehlerhaften Prozesses: 0x1548
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (06/11/2014 02:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2014 02:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDDMStatus.exe, Version: 3.1.0.15, Zeitstempel: 0x4d77d124
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fd6217c0
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0xWDDMStatus.exe0
Pfad der fehlerhaften Anwendung: WDDMStatus.exe1
Pfad des fehlerhaften Moduls: WDDMStatus.exe2
Berichtskennung: WDDMStatus.exe3

Error: (06/11/2014 02:53:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.2049, Zeitstempel: 0x51c42115
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000fda117c0
ID des fehlerhaften Prozesses: 0x12c8
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (06/11/2014 02:41:25 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "GetVolumeNameForVolumeMountPointW( \\?\Volume{2f412dbd-197a-11e3-9f58-859610527b6b}\, ...)". hr = 0x80070037, Die angegebene Netzwerkressource bzw. das angegebene Gerät ist nicht mehr verfügbar.
.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider


System errors:
=============
Error: (05/03/2014 08:45:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Update" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (04/15/2014 06:39:06 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "NONAME" den Befehl "chkdsk" aus.

Error: (03/01/2014 03:59:58 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (06/11/2014 03:40:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RunDll32.exe_WerConCpl.dll6.1.7600.163854a5bc9e0unknown0.0.0.000000000c000000500000000fef1d42013bc01cf857aaf5fdc43C:\Windows\system32\RunDll32.exeunknownf60dbdbd-f16d-11e3-a235-d43d7ec0021a

Error: (06/11/2014 03:32:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.204951c42115unknown0.0.0.000000000c000000500000000fef117c0127401cf8578df01f775C:\Program Files\NVIDIA Corporation\Display\nvtray.exeunknownd5c57041-f16c-11e3-a235-d43d7ec0021a

Error: (06/11/2014 03:27:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2014 03:27:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WDDMStatus.exe3.1.0.154d77d124unknown0.0.0.000000000c000000500000000fef117c0119001cf8578deb9a33bC:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exeunknown1e0e235a-f16c-11e3-a235-d43d7ec0021a

Error: (06/11/2014 03:20:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.204951c42115unknown0.0.0.000000000c000000500000000fd6217c064c01cf85754b04d636C:\Program Files\NVIDIA Corporation\Display\nvtray.exeunknown1dad1588-f16b-11e3-b337-d43d7ec0021a

Error: (06/11/2014 02:59:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.204951c42115unknown0.0.0.000000000c000000500000000fd6217c0154801cf8574af35891bC:\Program Files\NVIDIA Corporation\Display\nvtray.exeunknown3829f143-f168-11e3-b337-d43d7ec0021a

Error: (06/11/2014 02:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/11/2014 02:57:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WDDMStatus.exe3.1.0.154d77d124unknown0.0.0.000000000c000000500000000fd6217c0115c01cf8574ae4c5f19C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exeunknowned13633b-f167-11e3-b337-d43d7ec0021a

Error: (06/11/2014 02:53:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.204951c42115unknown0.0.0.000000000c000000500000000fda117c012c801cf854f89dfddecC:\Program Files\NVIDIA Corporation\Display\nvtray.exeunknown62cc6c77-f167-11e3-ac22-d43d7ec0021a

Error: (06/11/2014 02:41:25 PM) (Source: VSS) (EventID: 12289) (User: )
Description: GetVolumeNameForVolumeMountPointW( \\?\Volume{2f412dbd-197a-11e3-9f58-859610527b6b}\, ...)0x80070037, Die angegebene Netzwerkressource bzw. das angegebene Gerät ist nicht mehr verfügbar.


Vorgang:
   Ein Vergleichsbereichvolume wird automatisch ausgewählt
   EndPrepareSnapshots wird verarbeitet

Kontext:
   Ausführungskontext: System Provider


CodeIntegrity Errors:
===================================
  Date: 2014-01-17 23:04:02.048
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-15 22:13:23.740
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-14 14:41:22.127
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-13 23:43:22.914
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-12 15:42:21.915
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-11 16:43:34.816
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-09 21:50:27.502
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-05 22:25:12.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-03 20:57:22.527
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-03 12:22:21.243
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 16312.59 MB
Available physical RAM: 13242.13 MB
Total Pagefile: 32623.35 MB
Available Pagefile: 29374.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:10.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 15DABD7B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Und nun die große Frage, ist mein System sauber oder sind noch weitere Maßnahmen notwendig?

Nochmals vielen Dank!

Alt 11.06.2014, 18:26   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Es grüßt die Telekom - Standard

Es grüßt die Telekom



Hi und

Zitat:
Und nun die große Frage, ist mein System sauber oder sind noch weitere Maßnahmen notwendig?

Ja du schmeißt erstmal all deine gecrackte Software runter:

Code:
ATTFilter
127.0.0.1				activate.adobe.com
127.0.0.1				practivate.adobe.com
127.0.0.1				ereg.adobe.com
127.0.0.1				activate.wip3.adobe.com
127.0.0.1				wip3.adobe.com
127.0.0.1				3dns-3.adobe.com
127.0.0.1				3dns-2.adobe.com
127.0.0.1				adobe-dns.adobe.com
127.0.0.1				adobe-dns-2.adobe.com
127.0.0.1				adobe-dns-3.adobe.com
127.0.0.1				ereg.wip3.adobe.com
127.0.0.1				activate-sea.adobe.com
127.0.0.1				wwis-dubc1-vip60.adobe.com
127.0.0.1				activate-sjc0.adobe.com
127.0.0.1				adobe.activate.com
         
Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Antwort

Themen zu Es grüßt die Telekom
anlage, association, avira, backdoor.bot, browser, desktop, dvdvideosoft ltd., flash player, frage, hacktool.agent, internet, internet explorer, kunde, mp3, pup.optional.opencandy, pup.optional.savesense.a, pup.optional.sitefinder.a, realtek, registry, rundll, scan, security, services.exe, software, spotify web helper, svchost.exe, usb, werconcpl.dll, windows



Ähnliche Themen: Es grüßt die Telekom


  1. Und täglich grüßt die D-Link-Lücke
    Nachrichten - 29.04.2015 (0)
  2. Telekom-Trojaner
    Log-Analyse und Auswertung - 06.12.2014 (5)
  3. Telekom Rechnung
    Plagegeister aller Art und deren Bekämpfung - 28.11.2014 (5)
  4. Telekom-Browser für Telekom-Fans
    Nachrichten - 05.11.2014 (0)
  5. Telekom Deutschland GmbH Spam: Ihre Telekom Mobilfunk RechnungOnline für Geschäftskunden
    Diskussionsforum - 17.01.2014 (15)
  6. post von der Telekom
    Plagegeister aller Art und deren Bekämpfung - 17.12.2013 (4)
  7. brief von der Telekom bekommen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2013 (1)
  8. Brief von Telekom Hackerangriff
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (9)
  9. Brief von Telekom
    Log-Analyse und Auswertung - 31.05.2013 (41)
  10. Und täglich grüßt die Router-Lücke
    Nachrichten - 22.04.2013 (0)
  11. Warnung von der Telekom
    Log-Analyse und Auswertung - 27.03.2013 (29)
  12. Sicherheitswarnung Telekom 2
    Log-Analyse und Auswertung - 22.02.2013 (24)
  13. (2x) Telekom PDF Trojaner
    Mülltonne - 30.05.2012 (1)
  14. Es grüßt die Bundespolizei
    Plagegeister aller Art und deren Bekämpfung - 02.09.2011 (43)
  15. Täglich grüßt das Murmeltier!“
    Alles rund um Windows - 24.08.2009 (5)
  16. ...Telekom...
    Überwachung, Datenschutz und Spam - 23.11.2004 (21)
  17. Telekom !!!!
    Plagegeister aller Art und deren Bekämpfung - 19.11.2004 (3)

Zum Thema Es grüßt die Telekom - Hallo, und schon mal vorab recht herzlichen Dank für Eure Hilfe! Ja, es ist passiert, blöd nur weil vermeidbar gewesen - anyway! Hab auch Post von der Telekom bekommen, hier - Es grüßt die Telekom...
Archiv
Du betrachtest: Es grüßt die Telekom auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.