| |
| |||||||
Log-Analyse und Auswertung: Sicherheitscenter lässt sich nicht mehr aktivierenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
05.07.2014, 23:55
| #1 |
| |  Sicherheitscenter lässt sich nicht mehr aktivieren Hallo, ich habe das selbe Problem, wie hier http://www.trojaner-board.de/137193-...ktivieren.html beschrieben. Sicherheitscenter/MSE/Windows Defender werden immer deaktiviert, nachdem man sie eingeschaltet hat. Ich habe versucht, der Anleitung zu folgen. malwarebytes und adwcleaner haben auch etwas gefunden und entfernt. Nur ich komme nicht so recht weiter, das Sicherheitscenter lässt sich nachwievor nicht aktivieren. Für weitere Unterstützung wäre ich sehr dankbar. Vorab schon mal die Log-Dateien von adwcleaner und ComboFix Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 06/07/2014 um 00:07:55
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Eva - EVA-PC
# Gestartet von : C:\Users\Eva\Downloads\adwcleaner_3.214.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\user.js
Datei Gefunden : C:\Windows\System32\Tasks\FreeDriverScout
Ordner Gefunden : C:\Program Files\SoftwareUpdater
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Eva\AppData\Local\SoftwareUpdater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gefunden : HKCU\Software\simplytech
Schlüssel Gefunden : [x64] HKCU\Software\simplytech
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1143 octets] - [06/07/2014 00:07:55]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1203 octets] ##########
Code:
ATTFilter ComboFix 14-07-03.01 - Eva 05.07.2014 21:32:17.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4007.2186 [GMT 2:00]
ausgeführt von:: c:\users\Eva\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-06-05 bis 2014-07-05 ))))))))))))))))))))))))))))))
.
.
2014-07-05 19:38 . 2014-07-05 19:38 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-07-05 19:38 . 2014-07-05 19:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-05 18:49 . 2014-07-05 18:56 -------- d-----w- c:\windows\system32\catroot2
2014-07-05 18:39 . 2014-07-05 18:39 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2014-07-05 18:27 . 2014-07-05 18:27 -------- d-----w- C:\RegBackup
2014-07-05 18:07 . 2014-07-05 18:07 1031560 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{03DAA381-C109-4F9A-BD66-1F399E59E058}\gapaengine.dll
2014-07-05 18:07 . 2014-06-05 01:54 10779000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AFD6CB93-9F49-4DE9-8015-A3A18220C74A}\mpengine.dll
2014-07-05 17:58 . 2014-07-05 17:58 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-07-05 17:58 . 2014-07-05 17:58 -------- d-----w- c:\program files\Microsoft Security Client
2014-07-05 17:58 . 2014-07-05 19:00 -------- d-----w- c:\users\TEMP
2014-07-05 16:32 . 2014-07-05 16:32 -------- d-----w- c:\program files\CCleaner
2014-07-05 16:24 . 2014-07-05 16:24 -------- d-----w- C:\Brother
2014-07-05 16:24 . 2012-07-05 11:32 84480 ----a-w- c:\windows\system32\BrNetSti.dll
2014-07-05 16:24 . 2012-03-19 04:09 316928 ----a-w- c:\windows\system32\NSSRH64.dll
2014-07-05 16:24 . 2010-09-23 08:14 58880 ----a-w- c:\windows\system32\BrWiaNCp.dll
2014-07-05 16:24 . 2010-09-23 08:13 51712 ----a-w- c:\windows\system32\Brnsplg.dll
2014-07-05 16:24 . 2005-04-22 04:36 143360 ----a-w- c:\windows\system32\BrSNMP64.dll
2014-07-05 16:24 . 2014-07-05 16:24 -------- d-----w- c:\program files (x86)\Brother
2014-07-05 16:24 . 2012-09-10 14:31 245760 ------w- c:\windows\SysWow64\NSSearch.dll
2014-07-05 16:24 . 2012-07-09 15:19 5120 ------w- c:\windows\SysWow64\BrDctF2S.dll
2014-07-05 16:24 . 2010-03-15 17:45 73728 ------w- c:\windows\SysWow64\BrDctF2.dll
2014-07-05 16:24 . 2007-12-13 20:16 5632 ------w- c:\windows\SysWow64\BrDctF2L.dll
2014-07-05 16:22 . 2014-07-05 16:22 -------- d-----w- c:\users\Eva\AppData\Roaming\InstallShield
2014-07-05 15:38 . 2014-07-05 16:04 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-05 15:38 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-05 15:38 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-05 15:38 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-05 15:37 . 2014-07-05 15:38 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2014-07-05 15:37 . 2014-07-05 15:37 -------- d-----w- c:\programdata\Malwarebytes
2014-07-05 15:36 . 2014-07-05 15:36 -------- d-----w- c:\users\Eva\AppData\Local\Programs
2014-07-05 14:28 . 2014-07-05 14:28 -------- d-----w- c:\program files\Unlocker
2014-07-05 14:05 . 2014-07-05 14:05 -------- d-----w- c:\programdata\Downloaded Installations
2014-07-05 14:04 . 2014-07-05 15:55 -------- d-----w- C:\Medion
2014-07-01 13:23 . 2014-08-05 11:36 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2014-06-12 16:16 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-12 16:16 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-14 11:37 . 2011-11-03 20:34 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 16:42 . 2013-03-12 18:45 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-14 16:42 . 2013-03-12 18:45 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-12 02:22 . 2014-05-15 14:16 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-15 14:16 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-15 14:16 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 14:16 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 14:16 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 14:16 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 14:16 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 14:16 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 14:16 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
R3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
R3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - ASWVMM
*Deregistered* - aswMBR
*Deregistered* - aswVmm
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 16:42]
.
2014-07-05 c:\windows\Tasks\Bfiomrd.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 2328944]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2014-05-13 14:12; {c22c1a80-3af2-449c-a94e-e15e7686e0ed}; c:\users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\extensions\{c22c1a80-3af2-449c-a94e-e15e7686e0ed}
FF - user.js: extensions.blocklist.enabled - false
FF - user.js: app.update.auto - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-Dolby Advanced Audio v2 - c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe
SafeBoot-35614569.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Zeit der Fertigstellung: 2014-07-05 21:41:32
ComboFix-quarantined-files.txt 2014-07-05 19:41
.
Vor Suchlauf: 8 Verzeichnis(se), 392.595.918.848 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 392.555.618.304 Bytes frei
.
- - End Of File - - ADA701A4F22B39003F5B1A63A1400AE8
8A1C59E4DFEF87510470928550466632
Geändert von DonCanalie (06.07.2014 um 00:09 Uhr) |
|
06.07.2014, 05:42
| #2 |
| /// the machine /// TB-Ausbilder    | Sicherheitscenter lässt sich nicht mehr aktivieren hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.07.2014, 20:00
| #3 |
| | Sicherheitscenter lässt sich nicht mehr aktivieren Hallo schrauber,
__________________danke für deine Antwort. Hier sind die Log-Dateien: FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Eva (administrator) on EVA-PC on 07-07-2014 20:56:22
Running from C:\Users\Eva\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2812656 2014-01-24] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-752608554-1930640549-4207371591-1000\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {FDFD9A5A-10A4-4A7E-BC15-48FB6A0200F6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-13]
==================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-08-05 08:45 - 2014-08-05 13:28 - 00009465 _____ () C:\Users\Eva\Documents\Reflexion der 14.odt
2014-07-07 20:56 - 2014-07-07 20:56 - 00010611 _____ () C:\Users\Eva\Desktop\FRST.txt
2014-07-07 20:55 - 2014-07-07 20:56 - 00000000 ____D () C:\FRST
2014-07-07 20:54 - 2014-07-07 20:54 - 02084352 _____ (Farbar) C:\Users\Eva\Desktop\FRST64.exe
2014-07-06 17:56 - 2014-07-06 17:56 - 00000020 ___SH () C:\Users\TEMP.Eva-PC\ntuser.ini
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Vorlagen
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Startmenü
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Netzwerkumgebung
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Lokale Einstellungen
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Eigene Dateien
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Druckumgebung
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Musik
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Bilder
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Verlauf
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Anwendungsdaten
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Anwendungsdaten
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 ____D () C:\Users\TEMP.Eva-PC
2014-07-06 17:56 - 2011-11-07 18:44 - 00000000 ____D () C:\Users\TEMP.Eva-PC\AppData\Roaming\Macromedia
2014-07-06 17:56 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-06 17:56 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-06 00:07 - 2014-07-06 00:28 - 00000000 ____D () C:\AdwCleaner
2014-07-06 00:07 - 2014-07-06 00:07 - 01346519 _____ () C:\Users\Eva\Downloads\adwcleaner_3.214.exe
2014-07-05 23:38 - 2014-07-05 23:38 - 00000000 ____D () C:\Users\Eva\Downloads\Seven
2014-07-05 23:36 - 2014-07-05 23:37 - 00014086 _____ () C:\Users\Eva\Downloads\Seven.zip
2014-07-05 21:46 - 2014-07-05 21:46 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 21:46 - 2014-07-05 21:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-05 21:45 - 2014-07-05 21:45 - 06263496 _____ (TeamViewer GmbH) C:\Users\Eva\Downloads\TeamViewer_Setup_de.exe
2014-07-05 21:41 - 2014-07-05 21:41 - 00016623 _____ () C:\ComboFix.txt
2014-07-05 21:30 - 2014-07-05 21:41 - 00000000 ____D () C:\Qoobox
2014-07-05 21:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-05 21:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-05 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-05 21:29 - 2014-07-05 21:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 21:27 - 2014-07-05 21:27 - 05213907 ____R (Swearware) C:\Users\Eva\Downloads\ComboFix.exe
2014-07-05 21:20 - 2014-07-05 21:20 - 00002834 _____ () C:\Users\Eva\Downloads\FSS.txt
2014-07-05 21:16 - 2014-07-05 21:16 - 00415744 _____ (Farbar) C:\Users\Eva\Downloads\FSS.exe
2014-07-05 21:15 - 2014-07-05 21:15 - 05185536 _____ (AVAST Software) C:\Users\Eva\Downloads\aswMBR.exe
2014-07-05 20:27 - 2014-07-05 20:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-EVA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-05 20:27 - 2014-07-05 20:27 - 00000000 ____D () C:\RegBackup
2014-07-05 20:25 - 2014-07-05 20:25 - 00000000 ____D () C:\Users\Eva\Downloads\Tweaking.com - Windows Repair
2014-07-05 20:24 - 2014-07-05 20:24 - 03388580 _____ () C:\Users\Eva\Downloads\tweaking.com_windows_repair_aio.zip
2014-07-05 20:20 - 2014-07-05 20:20 - 01059840 _____ () C:\Users\Eva\Downloads\MicrosoftFixit50981.msi
2014-07-05 19:58 - 2014-07-05 21:41 - 00000000 ____D () C:\Users\TEMP
2014-07-05 19:58 - 2014-07-05 19:58 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-05 19:55 - 2014-07-07 19:31 - 00001357 _____ () C:\Windows\setupact.log
2014-07-05 19:55 - 2014-07-05 19:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 19:54 - 2014-07-06 00:28 - 00004382 _____ () C:\Windows\PFRO.log
2014-07-05 19:49 - 2014-07-05 19:49 - 00011732 _____ () C:\Users\Eva\Downloads\w7-bfe.zip
2014-07-05 19:41 - 2014-07-05 19:42 - 13849784 _____ (Microsoft Corporation) C:\Users\Eva\Downloads\mseinstall.exe
2014-07-05 19:34 - 2014-07-05 19:34 - 00001150 _____ () C:\Users\Eva\Downloads\w7-wscsvc.zip
2014-07-05 19:21 - 2014-07-05 19:24 - 47783495 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\ske6221_e722x_cx_wxpw7.exe
2014-07-05 19:18 - 2014-07-05 19:18 - 00000000 ____D () C:\Users\Eva\AppData\Local\{358A6C16-F31D-4DE1-A320-8A4050A6D38A}
2014-07-05 18:38 - 2014-07-05 18:38 - 00001056 _____ () C:\Windows\Synaptics.log
2014-07-05 18:36 - 2014-07-05 18:36 - 00273240 _____ () C:\Users\Eva\Documents\cc_20140705_183607.reg
2014-07-05 18:32 - 2014-07-05 18:32 - 03736040 _____ (Piriform Ltd) C:\Users\Eva\Downloads\ccsetup415_slim.exe
2014-07-05 18:32 - 2014-07-05 18:32 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-05 18:25 - 2014-07-05 18:25 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk
2014-07-05 18:25 - 2014-07-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Brother
2014-07-05 18:24 - 2012-09-10 16:31 - 00245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2014-07-05 18:24 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2014-07-05 18:24 - 2012-07-05 13:32 - 00084480 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2014-07-05 18:24 - 2012-03-19 06:09 - 00316928 _____ (brother) C:\Windows\system32\NSSRH64.dll
2014-07-05 18:24 - 2010-09-23 10:14 - 00058880 _____ (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2014-07-05 18:24 - 2010-09-23 10:13 - 00051712 _____ (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2014-07-05 18:24 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2014-07-05 18:24 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2014-07-05 18:24 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-07-05 18:22 - 2014-07-05 18:22 - 00380416 _____ () C:\Users\Eva\Downloads\ensq62f6.exe
2014-07-05 18:22 - 2014-07-05 18:22 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\InstallShield
2014-07-05 18:18 - 2014-07-05 18:19 - 00000000 ____D () C:\Users\Eva\Downloads\install
2014-07-05 18:14 - 2014-07-05 18:17 - 140480296 _____ (A.I.SOFT,INC.) C:\Users\Eva\Downloads\MFC-J5910DW-inst-C1-eu1.EXE
2014-07-05 17:53 - 2014-07-05 17:54 - 24679491 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\tpdp6634w7_32_64.exe
2014-07-05 17:38 - 2014-07-05 21:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 17:38 - 2014-07-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 17:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 17:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 17:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 17:37 - 2014-07-05 17:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 17:37 - 2014-07-05 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 17:35 - 2014-07-05 17:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Eva\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\2C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C04
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0816
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0804
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0424
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041F
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0419
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0416
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0415
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0414
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0413
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0412
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0411
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0410
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040C
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0409
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0408
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0407
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0406
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0405
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0404
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0401
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-05 16:05 - 2014-07-05 16:05 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-07-05 16:04 - 2014-07-05 17:55 - 00000000 ____D () C:\Medion
2014-07-05 16:03 - 2014-07-05 16:04 - 09144982 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\usb3e6221_e722xw7.exe
2014-07-04 22:45 - 2014-07-04 22:46 - 00021504 _____ () C:\Users\Eva\Downloads\Erste betreuungsstunde(2).wps
2014-07-04 19:50 - 2014-07-04 19:50 - 00000000 ____D () C:\Users\Eva\AppData\Local\{0967F88F-0426-453A-B259-BAB4A2B4E203}
2014-07-01 15:23 - 2014-08-05 13:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-12 18:20 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 18:20 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 18:20 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 18:20 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 18:20 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 18:20 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 18:20 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 18:20 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 18:20 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 18:20 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 18:20 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 18:20 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 18:20 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 18:20 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 18:20 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 18:20 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 18:20 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 18:20 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 18:20 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 18:20 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 18:20 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 18:20 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 18:20 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 18:20 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 18:20 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 18:20 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 18:20 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 18:20 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 18:20 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 18:20 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 18:20 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 18:20 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 18:20 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 18:20 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 18:20 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 18:20 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 18:20 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 18:20 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 18:20 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 18:20 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 18:20 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 18:20 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 18:20 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 18:20 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 18:20 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 18:20 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 18:20 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 18:20 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 18:20 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 18:20 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 18:20 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 18:20 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 18:20 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 18:20 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 18:20 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 18:20 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 18:20 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 18:20 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 18:20 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 18:20 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 18:20 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 18:20 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 18:20 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 18:20 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 18:20 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 18:20 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 18:16 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 18:16 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== One Month Modified Files and Folders =======
2014-08-05 15:48 - 2014-05-09 20:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-05 14:46 - 2012-07-23 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-05 14:46 - 2012-07-23 18:34 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\SoftGrid Client
2014-08-05 13:36 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-07 20:56 - 2014-07-07 20:56 - 00010611 _____ () C:\Users\Eva\Desktop\FRST.txt
2014-07-07 20:56 - 2014-07-07 20:55 - 00000000 ____D () C:\FRST
2014-07-07 20:54 - 2014-07-07 20:54 - 02084352 _____ (Farbar) C:\Users\Eva\Desktop\FRST64.exe
2014-07-07 20:41 - 2013-03-12 20:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 20:25 - 2012-07-23 21:06 - 02032074 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 19:46 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-07 19:46 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-07 19:32 - 2011-11-04 03:51 - 00686272 _____ () C:\Windows\system32\perfh007.dat
2014-07-07 19:32 - 2011-11-04 03:51 - 00145814 _____ () C:\Windows\system32\perfc007.dat
2014-07-07 19:32 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-07 19:31 - 2014-07-05 19:55 - 00001357 _____ () C:\Windows\setupact.log
2014-07-06 20:16 - 2012-07-23 13:27 - 00069768 _____ () C:\Users\Eva\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-06 17:56 - 2014-07-06 17:56 - 00000020 ___SH () C:\Users\TEMP.Eva-PC\ntuser.ini
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Vorlagen
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Startmenü
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Netzwerkumgebung
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Lokale Einstellungen
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Eigene Dateien
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Druckumgebung
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Musik
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Bilder
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Verlauf
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Anwendungsdaten
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Anwendungsdaten
2014-07-06 17:56 - 2014-07-06 17:56 - 00000000 ____D () C:\Users\TEMP.Eva-PC
2014-07-06 17:53 - 2013-12-05 21:22 - 00000300 _____ () C:\Windows\Tasks\Bfiomrd.job
2014-07-06 17:53 - 2011-11-10 21:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-06 17:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 00:28 - 2014-07-06 00:07 - 00000000 ____D () C:\AdwCleaner
2014-07-06 00:28 - 2014-07-05 19:54 - 00004382 _____ () C:\Windows\PFRO.log
2014-07-06 00:21 - 2009-07-14 06:45 - 00292904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-06 00:07 - 2014-07-06 00:07 - 01346519 _____ () C:\Users\Eva\Downloads\adwcleaner_3.214.exe
2014-07-05 23:38 - 2014-07-05 23:38 - 00000000 ____D () C:\Users\Eva\Downloads\Seven
2014-07-05 23:37 - 2014-07-05 23:36 - 00014086 _____ () C:\Users\Eva\Downloads\Seven.zip
2014-07-05 21:49 - 2014-07-05 17:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 21:46 - 2014-07-05 21:46 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 21:46 - 2014-07-05 21:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-05 21:45 - 2014-07-05 21:45 - 06263496 _____ (TeamViewer GmbH) C:\Users\Eva\Downloads\TeamViewer_Setup_de.exe
2014-07-05 21:41 - 2014-07-05 21:41 - 00016623 _____ () C:\ComboFix.txt
2014-07-05 21:41 - 2014-07-05 21:30 - 00000000 ____D () C:\Qoobox
2014-07-05 21:41 - 2014-07-05 19:58 - 00000000 ____D () C:\Users\TEMP
2014-07-05 21:41 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-05 21:40 - 2014-07-05 21:29 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 21:38 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-05 21:27 - 2014-07-05 21:27 - 05213907 ____R (Swearware) C:\Users\Eva\Downloads\ComboFix.exe
2014-07-05 21:20 - 2014-07-05 21:20 - 00002834 _____ () C:\Users\Eva\Downloads\FSS.txt
2014-07-05 21:16 - 2014-07-05 21:16 - 00415744 _____ (Farbar) C:\Users\Eva\Downloads\FSS.exe
2014-07-05 21:15 - 2014-07-05 21:15 - 05185536 _____ (AVAST Software) C:\Users\Eva\Downloads\aswMBR.exe
2014-07-05 20:46 - 2009-07-14 04:34 - 00000439 _____ () C:\Windows\win.ini
2014-07-05 20:27 - 2014-07-05 20:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-EVA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-05 20:27 - 2014-07-05 20:27 - 00000000 ____D () C:\RegBackup
2014-07-05 20:25 - 2014-07-05 20:25 - 00000000 ____D () C:\Users\Eva\Downloads\Tweaking.com - Windows Repair
2014-07-05 20:24 - 2014-07-05 20:24 - 03388580 _____ () C:\Users\Eva\Downloads\tweaking.com_windows_repair_aio.zip
2014-07-05 20:20 - 2014-07-05 20:20 - 01059840 _____ () C:\Users\Eva\Downloads\MicrosoftFixit50981.msi
2014-07-05 19:58 - 2014-07-05 19:58 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-05 19:58 - 2012-07-23 18:39 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-05 19:55 - 2014-07-05 19:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 19:50 - 2012-05-26 18:48 - 00185002 _____ () C:\Users\Eva\Downloads\bfe.reg
2014-07-05 19:49 - 2014-07-05 19:49 - 00011732 _____ () C:\Users\Eva\Downloads\w7-bfe.zip
2014-07-05 19:44 - 2010-09-08 22:52 - 00005256 _____ () C:\Users\Eva\Downloads\wscsvc.reg
2014-07-05 19:42 - 2014-07-05 19:41 - 13849784 _____ (Microsoft Corporation) C:\Users\Eva\Downloads\mseinstall.exe
2014-07-05 19:34 - 2014-07-05 19:34 - 00001150 _____ () C:\Users\Eva\Downloads\w7-wscsvc.zip
2014-07-05 19:24 - 2014-07-05 19:21 - 47783495 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\ske6221_e722x_cx_wxpw7.exe
2014-07-05 19:19 - 2011-11-07 17:56 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-05 19:18 - 2014-07-05 19:18 - 00000000 ____D () C:\Users\Eva\AppData\Local\{358A6C16-F31D-4DE1-A320-8A4050A6D38A}
2014-07-05 18:38 - 2014-07-05 18:38 - 00001056 _____ () C:\Windows\Synaptics.log
2014-07-05 18:36 - 2014-07-05 18:36 - 00273240 _____ () C:\Users\Eva\Documents\cc_20140705_183607.reg
2014-07-05 18:35 - 2012-10-09 16:55 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 18:35 - 2011-11-04 04:27 - 00000000 ____D () C:\Windows\Panther
2014-07-05 18:32 - 2014-07-05 18:32 - 03736040 _____ (Piriform Ltd) C:\Users\Eva\Downloads\ccsetup415_slim.exe
2014-07-05 18:32 - 2014-07-05 18:32 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-05 18:25 - 2014-07-05 18:25 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk
2014-07-05 18:25 - 2014-07-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-05 18:25 - 2014-02-04 20:43 - 00005898 _____ () C:\Windows\BRPARAM.INI
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Brother
2014-07-05 18:24 - 2011-11-10 20:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-05 18:22 - 2014-07-05 18:22 - 00380416 _____ () C:\Users\Eva\Downloads\ensq62f6.exe
2014-07-05 18:22 - 2014-07-05 18:22 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\InstallShield
2014-07-05 18:19 - 2014-07-05 18:18 - 00000000 ____D () C:\Users\Eva\Downloads\install
2014-07-05 18:19 - 2014-02-04 20:43 - 00000000 ____D () C:\ProgramData\Brother
2014-07-05 18:17 - 2014-07-05 18:14 - 140480296 _____ (A.I.SOFT,INC.) C:\Users\Eva\Downloads\MFC-J5910DW-inst-C1-eu1.EXE
2014-07-05 18:15 - 2012-07-23 18:32 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\vlc
2014-07-05 17:55 - 2014-07-05 16:04 - 00000000 ____D () C:\Medion
2014-07-05 17:54 - 2014-07-05 17:53 - 24679491 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\tpdp6634w7_32_64.exe
2014-07-05 17:38 - 2014-07-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 17:38 - 2014-07-05 17:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 17:37 - 2014-07-05 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 17:36 - 2014-07-05 17:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Eva\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\2C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C04
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0816
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0804
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0424
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041F
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0419
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0416
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0415
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0414
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0413
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0412
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0411
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0410
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040C
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0409
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0408
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0407
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0406
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0405
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0404
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0401
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-05 16:05 - 2014-07-05 16:05 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-07-05 16:04 - 2014-07-05 16:03 - 09144982 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\usb3e6221_e722xw7.exe
2014-07-04 22:46 - 2014-07-04 22:45 - 00021504 _____ () C:\Users\Eva\Downloads\Erste betreuungsstunde(2).wps
2014-07-04 19:50 - 2014-07-04 19:50 - 00000000 ____D () C:\Users\Eva\AppData\Local\{0967F88F-0426-453A-B259-BAB4A2B4E203}
2014-07-04 19:50 - 2014-05-17 20:32 - 00000000 ____D () C:\Users\Eva\AppData\Local\Windows Live
2014-06-25 14:58 - 2013-03-12 20:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-14 13:37 - 2011-11-03 22:34 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 13:33 - 2014-04-30 01:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 11:13 - 2014-06-12 18:16 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 18:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Some content of TEMP:
====================
C:\Users\Eva\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-05-06 22:12
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Eva at 2014-07-07 20:57:48
Running from C:\Users\Eva\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.8.1217.36096 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.8.1217.36096 - Alcor Micro Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
Brother MFL-Pro Suite MFC-J5910DW (HKLM-x32\...\{830F55B6-4398-4B72-A0D8-66397B902C0E}) (Version: 1.1.1.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.2.0.0587 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{295AEB79-B53A-4F1B-860F-7800BB7E3681}) (Version: 14.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}) (Version: 2.2.14.0 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.0 (HKLM\...\{2BF35D84-6377-4F70-9F39-97CF67E67FFF}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.15.2 (Version: 1.15.2 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0045 - Pegatron Corporation)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.25.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.25.0 - Renesas Electronics Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.17 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
05-07-2014 18:14:57 test
05-07-2014 18:21:27 Installed Microsoft Fix it Solution - 9620A8CD-54C7-41B6-BBD7-649051EA57E6
05-07-2014 18:27:49 Tweaking.com - Windows Repair
06-07-2014 17:00:23 Windows-Sicherung
07-07-2014 17:48:23 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-07-05 21:06 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {2776A27A-3084-4E4A-BCD5-0A449B093A07} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2DFB2138-C1A4-4A0E-81DD-E9C3FA2DD828} - System32\Tasks\Bfiomrd => Rundll32.exe "C:\Windows\SysWOW64\securityx.dll",cnvs
Task: {305A4D8C-E868-43B2-884A-9A7A99716F18} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {3B63DC3E-3504-45B5-843B-D8FB33AFB22C} - \FreeDriverScout No Task File <==== ATTENTION
Task: {646B6129-030F-4CA3-AEDC-3E6295999B25} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {678EBEF0-56B9-40D3-8428-5EF46F7A2B6F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {B181220A-8AC3-4EBA-AAEE-07B412445146} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Bfiomrd.job => C:\Windows\SysWOW64\securityx.dll
==================== Loaded Modules (whitelisted) =============
2011-11-10 21:16 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-11-10 22:15 - 2009-12-19 01:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-09-16 03:46 - 2011-09-16 03:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-11-10 22:15 - 2011-10-14 00:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-11-10 22:15 - 2011-10-14 21:06 - 00818688 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2011-11-10 22:15 - 2010-01-13 03:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2011-11-10 22:15 - 2010-01-13 03:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2014-07-05 18:24 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2011-11-10 22:15 - 2010-12-18 00:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2011-11-10 22:15 - 2010-12-28 00:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2011-11-10 22:15 - 2011-04-13 00:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2011-11-10 01:32 - 2011-09-26 00:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-16 03:46 - 2011-09-16 03:46 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-11-10 22:15 - 2011-10-24 23:59 - 03420160 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2011-11-10 22:15 - 2009-12-19 01:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2011-11-10 22:15 - 2009-12-19 01:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-02-15 09:19 - 2014-02-15 09:19 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\367540c92c2004ff2c6695778fed5dd6\IsdiInterop.ni.dll
2011-11-10 20:17 - 2011-05-20 20:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: sftlist => 2
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/07/2014 07:48:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {0de4bda8-318f-418f-b0e4-9b546aa17c8c}
Error: (07/06/2014 07:07:15 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"
Error: (07/06/2014 07:07:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:07:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:07:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:00:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:00:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 05:56:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Eva-PC)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (07/06/2014 05:56:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Eva-PC)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (07/06/2014 05:54:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel: 0x4dd433e9
Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel: 0x4dd433e9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001a9be
ID des fehlerhaften Prozesses: 0xc84
Startzeit der fehlerhaften Anwendung: 0xobexsrv.exe0
Pfad der fehlerhaften Anwendung: obexsrv.exe1
Pfad des fehlerhaften Moduls: obexsrv.exe2
Berichtskennung: obexsrv.exe3
System errors:
=============
Error: (07/07/2014 08:24:46 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CASPARI-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D4ECBD93-2721-4AC3-95B0-64293A4227C1}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/06/2014 07:24:42 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CASPARI-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{D4ECBD93-2721-4AC3-95B0-64293A4227C1}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (07/06/2014 05:54:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/06/2014 05:54:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/06/2014 05:54:36 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.
Error: (07/06/2014 05:54:03 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Client Virtualization Handler" ist von folgendem Dienst abhängig: sftlist. Dieser Dienst ist eventuell nicht installiert.
Error: (07/06/2014 00:29:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/06/2014 00:29:20 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Client Virtualization Handler" ist von folgendem Dienst abhängig: sftlist. Dieser Dienst ist eventuell nicht installiert.
Error: (07/06/2014 00:22:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/06/2014 00:22:12 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Client Virtualization Handler" ist von folgendem Dienst abhängig: sftlist. Dieser Dienst ist eventuell nicht installiert.
Microsoft Office Sessions:
=========================
Error: (07/07/2014 07:48:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {0de4bda8-318f-418f-b0e4-9b546aa17c8c}
Error: (07/06/2014 07:07:15 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)
Error: (07/06/2014 07:07:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:07:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:07:05 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:00:24 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 07:00:13 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-752608554-1930640549-4207371591-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {24348ec5-5d41-47cc-b2de-c5907c8303c3}
Error: (07/06/2014 05:56:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Eva-PC)
Description:
Error: (07/06/2014 05:56:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Eva-PC)
Description:
Error: (07/06/2014 05:54:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: obexsrv.exe1.2.0.714dd433e9obexsrv.exe1.2.0.714dd433e9c00000050001a9bec8401cf99328661d4eaC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exed8b82da5-0525-11e4-9f8b-4c809318bfbd
CodeIntegrity Errors:
===================================
Date: 2014-05-13 12:49:29.870
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:49:26.207
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:49:25.052
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:45:45.911
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:45:42.238
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:45:41.303
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:42:36.348
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:42:32.506
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:42:31.654
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 12:39:54.377
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\CX64AP64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 4007.05 MB
Available physical RAM: 2646.6 MB
Total Pagefile: 8012.29 MB
Available Pagefile: 6388.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:404.66 GB) (Free:363.76 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:2.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 5125F0F7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=405 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Geändert von DonCanalie (07.07.2014 um 20:08 Uhr) |
|
08.07.2014, 18:17
| #4 |
| /// the machine /// TB-Ausbilder | Sicherheitscenter lässt sich nicht mehr aktivieren Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2014, 22:45
| #5 |
| | Sicherheitscenter lässt sich nicht mehr aktivieren mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 09.07.2014 Scan Time: 22:36:25 Logfile: mbam.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.09.10 Rootkit Database: v2014.07.07.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Eva Scan Type: Threat Scan Result: Completed Objects Scanned: 367419 Time Elapsed: 16 min, 13 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.215 - Bericht erstellt am 09/07/2014 um 23:13:23
# Aktualisiert 09/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Eva - EVA-PC
# Gestartet von : C:\Users\Eva\Desktop\adwcleaner_3.215.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1287 octets] - [06/07/2014 00:07:55]
AdwCleaner[R1].txt - [925 octets] - [06/07/2014 00:25:59]
AdwCleaner[R2].txt - [1041 octets] - [09/07/2014 22:56:55]
AdwCleaner[R3].txt - [1162 octets] - [09/07/2014 23:12:46]
AdwCleaner[S0].txt - [1295 octets] - [06/07/2014 00:20:05]
AdwCleaner[S1].txt - [985 octets] - [06/07/2014 00:28:05]
AdwCleaner[S2].txt - [1103 octets] - [09/07/2014 23:07:46]
AdwCleaner[S3].txt - [1084 octets] - [09/07/2014 23:13:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1144 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Eva on 09.07.2014 at 23:20:31,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{0405E38C-FFCD-4004-AF47-6F7BE8D977D1}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{0967F88F-0426-453A-B259-BAB4A2B4E203}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{27869114-47FF-415D-BF72-6023EE2A835A}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{358A6C16-F31D-4DE1-A320-8A4050A6D38A}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{384C71BB-66D2-4E2D-8E97-98B5FE0937EB}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{4A8C77B2-CEBB-4D98-BBCD-A5DF8CE2C7CC}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{51F9AC98-0C98-49F2-8563-D250969EE71D}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{5A73CA52-8727-47D8-BD7F-98B4C27DE412}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{5DB792D8-5C92-41CB-9F65-900053D41A57}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{65940184-7308-41BC-B4BA-412A95F46E02}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{6AD9DEE8-05F9-45F8-A705-C83DCB250216}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{7BF0376C-0D73-429E-8F5F-DCA29BE294F0}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{9ED6BD07-F1D2-4B95-94E2-1BCBA062A4D9}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{A9357478-F9D9-4784-9DE3-ED39595FCA44}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{BF8EE5DD-C5CE-443B-81B7-C9CB88D5AA00}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{DDA26A60-DA79-4D33-8779-DB2B17FA6DAD}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{E8703277-4634-4FB9-93A7-19805F61F930}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{EDCA5E4D-E313-46BF-9B04-083518A8A3B9}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{F3F47DB6-914E-4404-AEF2-E3420E5502C2}
Successfully deleted: [Empty Folder] C:\Users\Eva\appdata\local\{F8306C86-6391-489D-9C76-25973A5CE558}
~~~ FireFox
Emptied folder: C:\Users\Eva\AppData\Roaming\mozilla\firefox\profiles\nv6ouuk2.default\minidumps [272 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.07.2014 at 23:29:48,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Farbar Service Scanner Version: 10-06-2014
Ran by Eva (administrator) on 09-07-2014 at 23:31:25
Running from "C:\Users\Eva\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Eva (administrator) on EVA-PC on 09-07-2014 23:33:37
Running from C:\Users\Eva\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-09-16] (Intel(R) Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [10365952 2011-05-19] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2812656 2014-01-24] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-752608554-1930640549-4207371591-1000\...\RunOnce: [Screensaver] - C:\Windows\Web\Wallpaper\MEDION\start.vbs
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {FDFD9A5A-10A4-4A7E-BC15-48FB6A0200F6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Eva\AppData\Roaming\Mozilla\Firefox\Profiles\nv6ouuk2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-13]
==================== Services (Whitelisted) =================
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [921664 2011-05-19] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1335360 2011-05-19] (Intel Corporation) [File not signed]
S2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [995392 2011-05-19] (Intel Corporation) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S2 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-09-16] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-01-24] (Synaptics Incorporated)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-09 23:31 - 2014-07-09 23:31 - 00002832 _____ () C:\Users\Eva\Desktop\FSS.txt
2014-07-09 23:29 - 2014-07-09 23:29 - 00002836 _____ () C:\Users\Eva\Desktop\JRT.txt
2014-07-09 23:20 - 2014-07-09 23:20 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 23:17 - 2014-07-09 23:17 - 00000020 ___SH () C:\Users\TEMP.Eva-PC\ntuser.ini
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Vorlagen
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Startmenü
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Netzwerkumgebung
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Lokale Einstellungen
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Eigene Dateien
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Druckumgebung
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Musik
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Bilder
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Verlauf
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Anwendungsdaten
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Anwendungsdaten
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 ____D () C:\Users\TEMP.Eva-PC
2014-07-09 23:17 - 2011-11-07 18:44 - 00000000 ____D () C:\Users\TEMP.Eva-PC\AppData\Roaming\Macromedia
2014-07-09 23:17 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-09 23:17 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-09 23:16 - 2014-07-09 23:13 - 00001224 _____ () C:\Users\Eva\Desktop\AdwCleaner[S3].txt
2014-07-09 22:54 - 2014-07-09 22:54 - 00001054 _____ () C:\Users\Eva\Desktop\mbam.txt
2014-07-09 22:39 - 2014-07-09 22:39 - 01348263 _____ () C:\Users\Eva\Desktop\adwcleaner_3.215.exe
2014-07-09 22:35 - 2014-07-09 22:35 - 00415744 _____ (Farbar) C:\Users\Eva\Desktop\FSS.exe
2014-07-09 22:33 - 2014-07-09 22:34 - 01016261 _____ (Thisisu) C:\Users\Eva\Desktop\JRT.exe
2014-07-07 20:56 - 2014-07-09 23:33 - 00010412 _____ () C:\Users\Eva\Desktop\FRST.txt
2014-07-07 20:55 - 2014-07-09 23:33 - 00000000 ____D () C:\FRST
2014-07-07 20:54 - 2014-07-07 20:54 - 02084352 _____ (Farbar) C:\Users\Eva\Desktop\FRST64.exe
2014-07-06 00:07 - 2014-07-09 23:13 - 00000000 ____D () C:\AdwCleaner
2014-07-06 00:07 - 2014-07-06 00:07 - 01346519 _____ () C:\Users\Eva\Downloads\adwcleaner_3.214.exe
2014-07-05 23:38 - 2014-07-05 23:38 - 00000000 ____D () C:\Users\Eva\Downloads\Seven
2014-07-05 23:36 - 2014-07-05 23:37 - 00014086 _____ () C:\Users\Eva\Downloads\Seven.zip
2014-07-05 21:46 - 2014-07-05 21:46 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 21:46 - 2014-07-05 21:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-05 21:45 - 2014-07-05 21:45 - 06263496 _____ (TeamViewer GmbH) C:\Users\Eva\Downloads\TeamViewer_Setup_de.exe
2014-07-05 21:41 - 2014-07-05 21:41 - 00016623 _____ () C:\ComboFix.txt
2014-07-05 21:30 - 2014-07-05 21:41 - 00000000 ____D () C:\Qoobox
2014-07-05 21:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-05 21:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-05 21:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-05 21:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-05 21:29 - 2014-07-05 21:40 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 21:27 - 2014-07-05 21:27 - 05213907 ____R (Swearware) C:\Users\Eva\Downloads\ComboFix.exe
2014-07-05 21:20 - 2014-07-05 21:20 - 00002834 _____ () C:\Users\Eva\Downloads\FSS.txt
2014-07-05 21:16 - 2014-07-05 21:16 - 00415744 _____ (Farbar) C:\Users\Eva\Downloads\FSS.exe
2014-07-05 21:15 - 2014-07-05 21:15 - 05185536 _____ (AVAST Software) C:\Users\Eva\Downloads\aswMBR.exe
2014-07-05 20:27 - 2014-07-05 20:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-EVA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-05 20:27 - 2014-07-05 20:27 - 00000000 ____D () C:\RegBackup
2014-07-05 20:25 - 2014-07-05 20:25 - 00000000 ____D () C:\Users\Eva\Downloads\Tweaking.com - Windows Repair
2014-07-05 20:24 - 2014-07-05 20:24 - 03388580 _____ () C:\Users\Eva\Downloads\tweaking.com_windows_repair_aio.zip
2014-07-05 20:20 - 2014-07-05 20:20 - 01059840 _____ () C:\Users\Eva\Downloads\MicrosoftFixit50981.msi
2014-07-05 19:58 - 2014-07-05 21:41 - 00000000 ____D () C:\Users\TEMP
2014-07-05 19:58 - 2014-07-05 19:58 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-05 19:55 - 2014-07-09 23:14 - 00001525 _____ () C:\Windows\setupact.log
2014-07-05 19:55 - 2014-07-05 19:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 19:54 - 2014-07-09 23:14 - 00004994 _____ () C:\Windows\PFRO.log
2014-07-05 19:49 - 2014-07-05 19:49 - 00011732 _____ () C:\Users\Eva\Downloads\w7-bfe.zip
2014-07-05 19:41 - 2014-07-05 19:42 - 13849784 _____ (Microsoft Corporation) C:\Users\Eva\Downloads\mseinstall.exe
2014-07-05 19:34 - 2014-07-05 19:34 - 00001150 _____ () C:\Users\Eva\Downloads\w7-wscsvc.zip
2014-07-05 19:21 - 2014-07-05 19:24 - 47783495 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\ske6221_e722x_cx_wxpw7.exe
2014-07-05 18:38 - 2014-07-05 18:38 - 00001056 _____ () C:\Windows\Synaptics.log
2014-07-05 18:36 - 2014-07-05 18:36 - 00273240 _____ () C:\Users\Eva\Documents\cc_20140705_183607.reg
2014-07-05 18:32 - 2014-07-05 18:32 - 03736040 _____ (Piriform Ltd) C:\Users\Eva\Downloads\ccsetup415_slim.exe
2014-07-05 18:32 - 2014-07-05 18:32 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-05 18:25 - 2014-07-05 18:25 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk
2014-07-05 18:25 - 2014-07-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Brother
2014-07-05 18:24 - 2012-09-10 16:31 - 00245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2014-07-05 18:24 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2014-07-05 18:24 - 2012-07-05 13:32 - 00084480 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2014-07-05 18:24 - 2012-03-19 06:09 - 00316928 _____ (brother) C:\Windows\system32\NSSRH64.dll
2014-07-05 18:24 - 2010-09-23 10:14 - 00058880 _____ (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2014-07-05 18:24 - 2010-09-23 10:13 - 00051712 _____ (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2014-07-05 18:24 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2014-07-05 18:24 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2014-07-05 18:24 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-07-05 18:22 - 2014-07-05 18:22 - 00380416 _____ () C:\Users\Eva\Downloads\ensq62f6.exe
2014-07-05 18:22 - 2014-07-05 18:22 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\InstallShield
2014-07-05 18:18 - 2014-07-05 18:19 - 00000000 ____D () C:\Users\Eva\Downloads\install
2014-07-05 18:14 - 2014-07-05 18:17 - 140480296 _____ (A.I.SOFT,INC.) C:\Users\Eva\Downloads\MFC-J5910DW-inst-C1-eu1.EXE
2014-07-05 17:53 - 2014-07-05 17:54 - 24679491 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\tpdp6634w7_32_64.exe
2014-07-05 17:38 - 2014-07-09 22:31 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 17:38 - 2014-07-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 17:38 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 17:38 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 17:38 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 17:37 - 2014-07-05 17:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 17:37 - 2014-07-05 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 17:35 - 2014-07-05 17:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Eva\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\2C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C04
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0816
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0804
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0424
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041F
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0419
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0416
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0415
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0414
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0413
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0412
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0411
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0410
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040C
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0409
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0408
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0407
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0406
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0405
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0404
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0401
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-05 16:05 - 2014-07-05 16:05 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-07-05 16:04 - 2014-07-05 17:55 - 00000000 ____D () C:\Medion
2014-07-05 16:03 - 2014-07-05 16:04 - 09144982 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\usb3e6221_e722xw7.exe
2014-07-01 15:23 - 2014-08-05 13:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-12 18:20 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 18:20 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 18:20 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 18:20 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 18:20 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 18:20 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 18:20 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 18:20 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 18:20 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 18:20 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 18:20 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 18:20 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 18:20 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 18:20 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 18:20 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 18:20 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 18:20 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 18:20 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 18:20 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 18:20 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 18:20 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 18:20 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 18:20 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 18:20 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 18:20 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 18:20 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 18:20 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 18:20 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 18:20 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 18:20 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 18:20 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 18:20 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 18:20 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 18:20 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 18:20 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 18:20 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 18:20 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 18:20 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 18:20 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 18:20 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 18:20 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 18:20 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 18:20 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 18:20 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 18:20 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 18:20 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 18:20 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 18:20 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 18:20 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 18:20 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 18:20 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 18:20 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 18:20 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 18:20 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 18:20 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 18:20 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 18:20 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 18:20 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 18:20 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 18:20 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 18:20 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 18:20 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 18:20 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 18:20 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 18:20 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 18:20 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 18:16 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 18:16 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== One Month Modified Files and Folders =======
2014-08-05 15:48 - 2014-05-09 20:23 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-05 14:46 - 2012-07-23 22:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-05 14:46 - 2012-07-23 18:34 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\SoftGrid Client
2014-08-05 13:36 - 2014-07-01 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-08-05 13:28 - 2014-08-05 08:45 - 00009465 _____ () C:\Users\Eva\Documents\Reflexion der 14.odt
2014-07-09 23:34 - 2014-07-07 20:56 - 00010412 _____ () C:\Users\Eva\Desktop\FRST.txt
2014-07-09 23:33 - 2014-07-07 20:55 - 00000000 ____D () C:\FRST
2014-07-09 23:31 - 2014-07-09 23:31 - 00002832 _____ () C:\Users\Eva\Desktop\FSS.txt
2014-07-09 23:29 - 2014-07-09 23:29 - 00002836 _____ () C:\Users\Eva\Desktop\JRT.txt
2014-07-09 23:23 - 2013-12-05 21:22 - 00000300 _____ () C:\Windows\Tasks\Bfiomrd.job
2014-07-09 23:20 - 2014-07-09 23:20 - 00000000 ____D () C:\Windows\ERUNT
2014-07-09 23:20 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-09 23:20 - 2009-07-14 06:45 - 00016944 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-09 23:19 - 2012-07-23 21:06 - 01134544 _____ () C:\Windows\WindowsUpdate.log
2014-07-09 23:19 - 2011-11-04 03:51 - 00686272 _____ () C:\Windows\system32\perfh007.dat
2014-07-09 23:19 - 2011-11-04 03:51 - 00145814 _____ () C:\Windows\system32\perfc007.dat
2014-07-09 23:19 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-09 23:17 - 2014-07-09 23:17 - 00000020 ___SH () C:\Users\TEMP.Eva-PC\ntuser.ini
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Vorlagen
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Startmenü
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Netzwerkumgebung
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Lokale Einstellungen
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Eigene Dateien
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Druckumgebung
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Musik
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Documents\Eigene Bilder
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Verlauf
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\AppData\Local\Anwendungsdaten
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 _SHDL () C:\Users\TEMP.Eva-PC\Anwendungsdaten
2014-07-09 23:17 - 2014-07-09 23:17 - 00000000 ____D () C:\Users\TEMP.Eva-PC
2014-07-09 23:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-09 23:14 - 2014-07-05 19:55 - 00001525 _____ () C:\Windows\setupact.log
2014-07-09 23:14 - 2014-07-05 19:54 - 00004994 _____ () C:\Windows\PFRO.log
2014-07-09 23:14 - 2011-11-10 21:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-09 23:13 - 2014-07-09 23:16 - 00001224 _____ () C:\Users\Eva\Desktop\AdwCleaner[S3].txt
2014-07-09 23:13 - 2014-07-06 00:07 - 00000000 ____D () C:\AdwCleaner
2014-07-09 22:54 - 2014-07-09 22:54 - 00001054 _____ () C:\Users\Eva\Desktop\mbam.txt
2014-07-09 22:41 - 2013-03-12 20:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-09 22:39 - 2014-07-09 22:39 - 01348263 _____ () C:\Users\Eva\Desktop\adwcleaner_3.215.exe
2014-07-09 22:35 - 2014-07-09 22:35 - 00415744 _____ (Farbar) C:\Users\Eva\Desktop\FSS.exe
2014-07-09 22:34 - 2014-07-09 22:33 - 01016261 _____ (Thisisu) C:\Users\Eva\Desktop\JRT.exe
2014-07-09 22:31 - 2014-07-05 17:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 20:54 - 2014-07-07 20:54 - 02084352 _____ (Farbar) C:\Users\Eva\Desktop\FRST64.exe
2014-07-06 20:16 - 2012-07-23 13:27 - 00069768 _____ () C:\Users\Eva\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-06 00:21 - 2009-07-14 06:45 - 00292904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-06 00:07 - 2014-07-06 00:07 - 01346519 _____ () C:\Users\Eva\Downloads\adwcleaner_3.214.exe
2014-07-05 23:38 - 2014-07-05 23:38 - 00000000 ____D () C:\Users\Eva\Downloads\Seven
2014-07-05 23:37 - 2014-07-05 23:36 - 00014086 _____ () C:\Users\Eva\Downloads\Seven.zip
2014-07-05 21:46 - 2014-07-05 21:46 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-05 21:46 - 2014-07-05 21:46 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-07-05 21:45 - 2014-07-05 21:45 - 06263496 _____ (TeamViewer GmbH) C:\Users\Eva\Downloads\TeamViewer_Setup_de.exe
2014-07-05 21:41 - 2014-07-05 21:41 - 00016623 _____ () C:\ComboFix.txt
2014-07-05 21:41 - 2014-07-05 21:30 - 00000000 ____D () C:\Qoobox
2014-07-05 21:41 - 2014-07-05 19:58 - 00000000 ____D () C:\Users\TEMP
2014-07-05 21:41 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-05 21:40 - 2014-07-05 21:29 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 21:38 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-05 21:27 - 2014-07-05 21:27 - 05213907 ____R (Swearware) C:\Users\Eva\Downloads\ComboFix.exe
2014-07-05 21:20 - 2014-07-05 21:20 - 00002834 _____ () C:\Users\Eva\Downloads\FSS.txt
2014-07-05 21:16 - 2014-07-05 21:16 - 00415744 _____ (Farbar) C:\Users\Eva\Downloads\FSS.exe
2014-07-05 21:15 - 2014-07-05 21:15 - 05185536 _____ (AVAST Software) C:\Users\Eva\Downloads\aswMBR.exe
2014-07-05 20:46 - 2009-07-14 04:34 - 00000439 _____ () C:\Windows\win.ini
2014-07-05 20:27 - 2014-07-05 20:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-EVA-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-07-05 20:27 - 2014-07-05 20:27 - 00000000 ____D () C:\RegBackup
2014-07-05 20:25 - 2014-07-05 20:25 - 00000000 ____D () C:\Users\Eva\Downloads\Tweaking.com - Windows Repair
2014-07-05 20:24 - 2014-07-05 20:24 - 03388580 _____ () C:\Users\Eva\Downloads\tweaking.com_windows_repair_aio.zip
2014-07-05 20:20 - 2014-07-05 20:20 - 01059840 _____ () C:\Users\Eva\Downloads\MicrosoftFixit50981.msi
2014-07-05 19:58 - 2014-07-05 19:58 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-07-05 19:58 - 2014-07-05 19:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-07-05 19:58 - 2012-07-23 18:39 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-07-05 19:55 - 2014-07-05 19:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-05 19:50 - 2012-05-26 18:48 - 00185002 _____ () C:\Users\Eva\Downloads\bfe.reg
2014-07-05 19:49 - 2014-07-05 19:49 - 00011732 _____ () C:\Users\Eva\Downloads\w7-bfe.zip
2014-07-05 19:44 - 2010-09-08 22:52 - 00005256 _____ () C:\Users\Eva\Downloads\wscsvc.reg
2014-07-05 19:42 - 2014-07-05 19:41 - 13849784 _____ (Microsoft Corporation) C:\Users\Eva\Downloads\mseinstall.exe
2014-07-05 19:34 - 2014-07-05 19:34 - 00001150 _____ () C:\Users\Eva\Downloads\w7-wscsvc.zip
2014-07-05 19:24 - 2014-07-05 19:21 - 47783495 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\ske6221_e722x_cx_wxpw7.exe
2014-07-05 19:19 - 2011-11-07 17:56 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-05 18:38 - 2014-07-05 18:38 - 00001056 _____ () C:\Windows\Synaptics.log
2014-07-05 18:36 - 2014-07-05 18:36 - 00273240 _____ () C:\Users\Eva\Documents\cc_20140705_183607.reg
2014-07-05 18:35 - 2012-10-09 16:55 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 18:35 - 2011-11-04 04:27 - 00000000 ____D () C:\Windows\Panther
2014-07-05 18:32 - 2014-07-05 18:32 - 03736040 _____ (Piriform Ltd) C:\Users\Eva\Downloads\ccsetup415_slim.exe
2014-07-05 18:32 - 2014-07-05 18:32 - 00002768 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-05 18:32 - 2014-07-05 18:32 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-05 18:25 - 2014-07-05 18:25 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk
2014-07-05 18:25 - 2014-07-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-07-05 18:25 - 2014-02-04 20:43 - 00005898 _____ () C:\Windows\BRPARAM.INI
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-07-05 18:24 - 2014-07-05 18:24 - 00000000 ____D () C:\Brother
2014-07-05 18:24 - 2011-11-10 20:16 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-05 18:22 - 2014-07-05 18:22 - 00380416 _____ () C:\Users\Eva\Downloads\ensq62f6.exe
2014-07-05 18:22 - 2014-07-05 18:22 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\InstallShield
2014-07-05 18:19 - 2014-07-05 18:18 - 00000000 ____D () C:\Users\Eva\Downloads\install
2014-07-05 18:19 - 2014-02-04 20:43 - 00000000 ____D () C:\ProgramData\Brother
2014-07-05 18:17 - 2014-07-05 18:14 - 140480296 _____ (A.I.SOFT,INC.) C:\Users\Eva\Downloads\MFC-J5910DW-inst-C1-eu1.EXE
2014-07-05 18:15 - 2012-07-23 18:32 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\vlc
2014-07-05 17:55 - 2014-07-05 16:04 - 00000000 ____D () C:\Medion
2014-07-05 17:54 - 2014-07-05 17:53 - 24679491 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\tpdp6634w7_32_64.exe
2014-07-05 17:38 - 2014-07-05 17:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-05 17:38 - 2014-07-05 17:37 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-05 17:37 - 2014-07-05 17:37 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 17:36 - 2014-07-05 17:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Eva\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Users\Eva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-07-05 16:28 - 2014-07-05 16:28 - 00000000 ____D () C:\Program Files\Unlocker
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\2C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C0A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0C04
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0816
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0804
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0424
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041F
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\041B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0419
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0416
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0415
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0414
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0413
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0412
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0411
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0410
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040E
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040D
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040C
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040B
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\040A
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0409
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0408
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0407
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0406
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0405
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0404
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Windows\system32\0401
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-07-05 16:06 - 2014-07-05 16:06 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-07-05 16:05 - 2014-07-05 16:05 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-07-05 16:04 - 2014-07-05 16:03 - 09144982 _____ (SWE Sven Ritter ) C:\Users\Eva\Downloads\usb3e6221_e722xw7.exe
2014-07-04 19:50 - 2014-05-17 20:32 - 00000000 ____D () C:\Users\Eva\AppData\Local\Windows Live
2014-06-25 14:58 - 2013-03-12 20:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-14 13:37 - 2011-11-03 22:34 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 13:33 - 2014-04-30 01:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-05-06 22:12
==================== End Of Log ============================
--- --- --- |
|
10.07.2014, 15:32
| #6 |
| /// the machine /// TB-Ausbilder | Sicherheitscenter lässt sich nicht mehr aktivierenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Sicherheitscenter lässt sich nicht mehr aktivieren |
|
11.07.2014, 09:34
| #7 |
| | Sicherheitscenter lässt sich nicht mehr aktivieren Ich habe ESET ausgeführt, es wurde auch etwas gefunden, aber ich denke nicht, dass das etwas mit dem Deaktivieren vom Sicherheitscenter zu tun hat. Das Problem besteht leider immer noch. Gefunden wurde Code:
ATTFilter D:\EVA-PC\Backup Set 2014-05-09 211824\Backup Files 2014-05-18 221635\Backup files 1.zip Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung
D:\EVA-PC\Backup Set 2014-06-02 180318\Backup Files 2014-06-02 180318\Backup files 2.zip Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung
D:\EVA-PC\Backup Set 2014-06-22 231757\Backup Files 2014-06-22 231757\Backup files 4.zip Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung
D:\TOOLS\Medion MediaPack\medion_mediapack_2_ext.exe Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung
MBR.exe log: Code:
ATTFilter Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, hxxp://www.gmer.net
Windows 6.1.7601
device: opened successfully
user: error reading MBR
Disk trace:
error: Read Das Handle ist ungültig.
kernel: error reading MBR
Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Medion
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: Medion
System Product Name: P6634
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 209):
0x02E18000 \SystemRoot\system32\ntoskrnl.exe
0x033FD000 \SystemRoot\system32\hal.dll
0x00BA6000 \SystemRoot\system32\kdcom.dll
0x00CF8000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00D47000 \SystemRoot\system32\PSHED.dll
0x00D5B000 \SystemRoot\system32\CLFS.SYS
0x00C00000 \SystemRoot\system32\CI.dll
0x00E06000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00EC8000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ED8000 \SystemRoot\system32\drivers\ACPI.sys
0x00F2F000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F38000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F42000 \SystemRoot\system32\drivers\pci.sys
0x00F75000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F82000 \SystemRoot\System32\drivers\partmgr.sys
0x00F97000 \SystemRoot\system32\drivers\compbatt.sys
0x00FA0000 \SystemRoot\system32\drivers\BATTC.SYS
0x00FAC000 \SystemRoot\system32\drivers\volmgr.sys
0x01067000 \SystemRoot\System32\drivers\volmgrx.sys
0x010C3000 \SystemRoot\System32\drivers\mountmgr.sys
0x01207000 \SystemRoot\system32\drivers\iaStor.sys
0x015A9000 \SystemRoot\system32\DRIVERS\atapi.sys
0x015B2000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x015DC000 \SystemRoot\system32\DRIVERS\msahci.sys
0x015E7000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x010DD000 \SystemRoot\system32\drivers\amdxata.sys
0x010E8000 \SystemRoot\system32\drivers\fltmgr.sys
0x01134000 \SystemRoot\system32\drivers\fileinfo.sys
0x01148000 \SystemRoot\system32\DRIVERS\MpFilter.sys
0x0163C000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0118A000 \SystemRoot\System32\Drivers\msrpc.sys
0x017E5000 \SystemRoot\System32\Drivers\ksecdd.sys
0x018AE000 \SystemRoot\System32\Drivers\cng.sys
0x01920000 \SystemRoot\System32\drivers\pcw.sys
0x01931000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01A12000 \SystemRoot\system32\drivers\ndis.sys
0x01B04000 \SystemRoot\system32\drivers\NETIO.SYS
0x01B64000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01C00000 \SystemRoot\System32\drivers\tcpip.sys
0x01B90000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x0193B000 \SystemRoot\system32\drivers\volsnap.sys
0x01BD9000 \SystemRoot\System32\Drivers\spldr.sys
0x01987000 \SystemRoot\System32\drivers\rdyboost.sys
0x01BE1000 \SystemRoot\system32\DRIVERS\nvpciflt.sys
0x01BEC000 \SystemRoot\System32\Drivers\mup.sys
0x01A00000 \SystemRoot\System32\drivers\hwpolicy.sys
0x019C1000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01800000 \SystemRoot\system32\drivers\disk.sys
0x01816000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x0187E000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01A09000 \SystemRoot\System32\Drivers\Null.SYS
0x01600000 \SystemRoot\System32\Drivers\Beep.SYS
0x01607000 \SystemRoot\System32\drivers\vga.sys
0x01615000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x011E8000 \SystemRoot\System32\drivers\watchdog.sys
0x015F7000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01000000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01009000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01012000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0101D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x0102E000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01050000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x0304E000 \SystemRoot\system32\drivers\afd.sys
0x030D7000 \SystemRoot\System32\DRIVERS\netbt.sys
0x0311C000 \SystemRoot\system32\drivers\ws2ifsl.sys
0x03127000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03130000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03156000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x0316C000 \SystemRoot\system32\DRIVERS\netbios.sys
0x0317B000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03196000 \SystemRoot\system32\drivers\termdd.sys
0x031AA000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03000000 \SystemRoot\system32\drivers\nsiproxy.sys
0x0300C000 \SystemRoot\system32\drivers\mssmbios.sys
0x03017000 \SystemRoot\System32\drivers\discache.sys
0x03026000 \SystemRoot\System32\Drivers\dfsc.sys
0x00FC1000 \SystemRoot\system32\drivers\blbdrive.sys
0x00FD2000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x0F4AD000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x100E4000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0F400000 \SystemRoot\System32\drivers\dxgmms1.sys
0x0444E000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x0496C000 \SystemRoot\system32\drivers\HECIx64.sys
0x0497D000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x0498F000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04400000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x04CB9000 \SystemRoot\system32\DRIVERS\NETwNs64.sys
0x0553F000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x0554C000 \SystemRoot\system32\DRIVERS\nusb3xhc.sys
0x05585000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x05587000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x0559C000 \SystemRoot\system32\DRIVERS\ICCWDT.sys
0x055A8000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04C00000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x04C8C000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04C9B000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x04CAA000 \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
0x055C6000 \SystemRoot\system32\drivers\CmBatt.sys
0x055CB000 \SystemRoot\system32\drivers\wmiacpi.sys
0x055D4000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x0F446000 \SystemRoot\system32\DRIVERS\AMPPAL.sys
0x055EA000 \SystemRoot\system32\drivers\CompositeBus.sys
0x04424000 \SystemRoot\system32\DRIVERS\serscan.sys
0x055FA000 \SystemRoot\system32\drivers\ksthunk.sys
0x00DB9000 \SystemRoot\system32\drivers\ks.sys
0x0442C000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x101D8000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x04442000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x00CC0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x049E5000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x05AE2000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x05B03000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x05B1D000 \SystemRoot\system32\drivers\swenum.sys
0x05B1F000 \SystemRoot\system32\drivers\iwdbus.sys
0x05B2B000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05B3D000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05B97000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05A00000 \SystemRoot\system32\drivers\HdAudio.sys
0x05A5C000 \SystemRoot\system32\drivers\portcls.sys
0x05A99000 \SystemRoot\system32\drivers\drmk.sys
0x05BAC000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x05ABB000 \SystemRoot\system32\DRIVERS\nusb3hub.sys
0x0F496000 \SystemRoot\System32\Drivers\crashdmp.sys
0x01846000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x05AD7000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x01852000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x00070000 \SystemRoot\System32\win32k.sys
0x01865000 \SystemRoot\System32\drivers\Dxapi.sys
0x02849000 \SystemRoot\system32\DRIVERS\monitor.sys
0x0295B000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x02978000 \SystemRoot\system32\DRIVERS\dc3d.sys
0x0298A000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x02993000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x029A1000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x029BA000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x029C8000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x029D5000 \SystemRoot\system32\DRIVERS\point64.sys
0x02800000 \SystemRoot\System32\Drivers\usbvideo.sys
0x004A0000 \SystemRoot\System32\TSDDD.dll
0x00780000 \SystemRoot\System32\cdd.dll
0x04A8A000 \SystemRoot\system32\drivers\luafv.sys
0x04AAD000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x04AC2000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x04B15000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x04B28000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x04B40000 \??\C:\Program Files (x86)\PHotkey\PEGAGFN.sys
0x09646000 \SystemRoot\system32\drivers\HTTP.sys
0x0970F000 \SystemRoot\system32\DRIVERS\bowser.sys
0x0972D000 \SystemRoot\System32\drivers\mpsdrv.sys
0x09745000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x09772000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x097C0000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x09600000 \SystemRoot\system32\DRIVERS\NisDrvWFP.sys
0x04B47000 \SystemRoot\system32\drivers\peauth.sys
0x09621000 \SystemRoot\System32\Drivers\secdrv.SYS
0x0A4C5000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x0A4F6000 \SystemRoot\System32\drivers\tcpipreg.sys
0x0A508000 \SystemRoot\system32\DRIVERS\vwifimp.sys
0x00950000 \SystemRoot\System32\ATMFD.DLL
0x0A512000 \SystemRoot\System32\DRIVERS\srv2.sys
0x0A8D4000 \SystemRoot\System32\DRIVERS\srv.sys
0x772E0000 \Windows\System32\ntdll.dll
0x482C0000 \Windows\System32\smss.exe
0xFF600000 \Windows\System32\apisetschema.dll
0xFFC90000 \Windows\System32\autochk.exe
0xFF580000 \Windows\System32\gdi32.dll
0xFF4E0000 \Windows\System32\comdlg32.dll
0xFF4D0000 \Windows\System32\lpk.dll
0xFF430000 \Windows\System32\clbcatq.dll
0xFF3E0000 \Windows\System32\ws2_32.dll
0xFF2B0000 \Windows\System32\rpcrt4.dll
0xFF1D0000 \Windows\System32\advapi32.dll
0xFEFA0000 \Windows\System32\wininet.dll
0xFEE90000 \Windows\System32\msctf.dll
0x771E0000 \Windows\System32\user32.dll
0xFECB0000 \Windows\System32\setupapi.dll
0xFDF20000 \Windows\System32\shell32.dll
0x774B0000 \Windows\System32\psapi.dll
0xFDEC0000 \Windows\System32\Wldap32.dll
0xFDD60000 \Windows\System32\urlmon.dll
0xFDCC0000 \Windows\System32\msvcrt.dll
0xFDA10000 \Windows\System32\iertutil.dll
0xFD940000 \Windows\System32\usp10.dll
0xFD8C0000 \Windows\System32\shlwapi.dll
0xFD840000 \Windows\System32\difxapi.dll
0xFD820000 \Windows\System32\imagehlp.dll
0xFD610000 \Windows\System32\ole32.dll
0xFD600000 \Windows\System32\nsi.dll
0x774A0000 \Windows\System32\normaliz.dll
0xFD5E0000 \Windows\System32\sechost.dll
0xFD500000 \Windows\System32\oleaut32.dll
0xFD4D0000 \Windows\System32\imm32.dll
0x770C0000 \Windows\System32\kernel32.dll
0xFD4B0000 \Windows\System32\devobj.dll
0xFD490000 \Windows\System32\userenv.dll
0xFD450000 \Windows\System32\wintrust.dll
0xFD440000 \Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
0xFD430000 \Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
0xFD3F0000 \Windows\System32\cfgmgr32.dll
0xFD3E0000 \Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
0xFD340000 \Windows\System32\comctl32.dll
0xFD2D0000 \Windows\System32\KernelBase.dll
0xFD2C0000 \Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
0xFD2B0000 \Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
0xFD140000 \Windows\System32\crypt32.dll
0xFD130000 \Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
0xFD120000 \Windows\System32\profapi.dll
0xFD110000 \Windows\System32\msasn1.dll
0x77490000 \Windows\SysWOW64\normaliz.dll
Processes (total 93):
0 System Idle Process
4 System
288 C:\Windows\System32\smss.exe
428 csrss.exe
556 C:\Windows\System32\wininit.exe
580 csrss.exe
620 C:\Windows\System32\winlogon.exe
664 C:\Windows\System32\services.exe
680 C:\Windows\System32\lsass.exe
688 C:\Windows\System32\lsm.exe
788 C:\Windows\System32\svchost.exe
848 C:\Windows\System32\nvvsvc.exe
872 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
916 C:\Windows\System32\svchost.exe
992 C:\Program Files\Microsoft Security Client\MsMpEng.exe
468 C:\Windows\System32\svchost.exe
352 C:\Windows\System32\svchost.exe
932 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\svchost.exe
1136 C:\Windows\System32\svchost.exe
1312 C:\Windows\System32\svchost.exe
1388 C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
1408 C:\Windows\System32\wlanext.exe
1424 C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
1440 C:\Windows\System32\conhost.exe
1536 C:\Windows\System32\taskeng.exe
1576 C:\Windows\System32\spoolsv.exe
1612 C:\Windows\System32\svchost.exe
1652 C:\Windows\System32\rundll32.exe
1680 C:\Windows\SysWOW64\rundll32.exe
1760 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
1780 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
1804 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
1888 C:\Windows\System32\svchost.exe
1908 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
1748 C:\Program Files\Intel\WiFi\bin\EvtEng.exe
1200 C:\Windows\System32\svchost.exe
1976 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2140 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
2352 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
2420 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
2896 C:\Windows\System32\SearchIndexer.exe
1300 unsecapp.exe
3196 WmiPrvSE.exe
3684 C:\Program Files\Microsoft Security Client\NisSrv.exe
3760 C:\Windows\System32\svchost.exe
2848 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
3696 C:\Windows\System32\nvvsvc.exe
816 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
1664 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
3860 C:\Windows\System32\taskhost.exe
3868 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
1064 C:\Windows\System32\dwm.exe
1220 C:\Windows\explorer.exe
1132 C:\Windows\System32\igfxpers.exe
988 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
2204 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
4064 C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
2776 C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
2432 C:\Windows\System32\hkcmd.exe
796 C:\Windows\System32\rundll32.exe
2948 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
3584 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
2552 C:\Program Files (x86)\PHotkey\PHotkey.exe
1192 C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
4164 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4184 C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
4296 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
4320 C:\Program Files (x86)\PHotkey\HCSynApi.exe
4380 C:\Windows\System32\wbem\unsecapp.exe
4400 C:\Program Files (x86)\PHotkey\PVDesktop.exe
4432 C:\Program Files (x86)\PHotkey\PVDAgent.exe
4468 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
4680 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
4864 C:\Program Files (x86)\PHotkey\POsd.exe
4976 C:\Program Files\Windows Media Player\wmpnetwk.exe
4360 C:\Windows\System32\svchost.exe
1240 dllhost.exe
4924 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\audiodg.exe
860 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
3304 C:\Windows\System32\dllhost.exe
224 C:\Windows\System32\taskhost.exe
964 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
1508 C:\Windows\System32\mmc.exe
2116 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
2044 C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
3056 C:\Windows\System32\conhost.exe
4624 C:\Windows\System32\SearchProtocolHost.exe
4796 C:\Windows\System32\SearchFilterHost.exe
5460 C:\Users\Eva\Desktop\MBRCheck.exe
5468 C:\Windows\System32\conhost.exe
5516 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000065`30900000 (NTFS)
PhysicalDrive0 Model Number: ST9500325AS, Rev: 0003SDM1
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: F61074C24A6DA26C38919A0032AE32ED64E1F93E
Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:
Options:
[1] Dump the MBR of a physical disk to file.
[2] Restore the MBR of a physical disk with a standard boot code.
[3] Exit.
Enter your choice: Enter the physical disk number to dump (0-99, -1 to exit): 0Dumping \\.\PhysicalDisk0...
Enter filename to dump to: original_mbrDumped successfully!
Enter the physical disk number to dump (0-99, -1 to exit): -1
Done!
Danke noch mal für die Hilfe bisher. Problem gelöst! Das Programm UnHackMe hat die Datei C:\Windows\SYSWOW64\securityx.dll als bösartig identifiziert und gelöscht. Damit ist das Problem behoben. MSE, Windows Defender und Sicherheitscenter funktionieren wieder. |
|
12.07.2014, 07:30
| #8 |
| /// the machine /// TB-Ausbilder | Sicherheitscenter lässt sich nicht mehr aktivieren hab ich die beiden Tools angeordnet? Schritt 1 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Sicherheitscenter lässt sich nicht mehr aktivieren |
| .html, adwcleaner, aktiviere, aktivieren, anleitung, dankbar, deaktiviert, defender, entfern, folge, gefunde, leitung, malwarebytes, nicht mehr, nvpciflt.sys, problem, recht, registrierungsdatenbank, sicherheitscenter, unterstützung, versuch, versucht |
Hybrid-Darstellung
