Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.09.2014, 20:01   #1
GameMasterMM
 
Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



Guten Tag,

seit einigen Tagen gleicht meine Bandbreite scheinbar einer Schnecke. Jedoch nur an meinem Laptop. Handy und der danebenstehende Pc haben die volle Leistung. Auf meiner Suche habe ich folgenden Ordner entdeckt: C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
Mit dieser Datei: WiseCustomCalla.dll
Für mich wirkt dies ein wenig komisch und ich würde gerne wissen, was es damit auf sich hat.

Danke für eure Hilfe,
Marvin Metz

Alt 28.09.2014, 20:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 28.09.2014, 20:40   #3
GameMasterMM
 
Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



Hier die FRST.txt eine Addition.txt wurde nicht erstellt. Sollte ich dafür den Hacken setzten?


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 01
Ran by Marvin (administrator) on MARVIN-LAPTOP on 28-09-2014 21:39:04
Running from C:\Users\Marvin\Desktop
Loaded Profiles: Marvin &  (Available profiles: Marvin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
() C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\MountPoints2: {a53d0adf-bbf1-11e3-aa41-d4bed9269220} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\MountPoints2: {b17cbd96-9e24-11e3-8a42-d4bed9269220} - E:\SWINGRUN.EXE
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a53d0adf-bbf1-11e3-aa41-d4bed9269220} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b17cbd96-9e24-11e3-8a42-d4bed9269220} - E:\SWINGRUN.EXE
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x244FBE3871C4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "backup.ftp", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: Firebug - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\firebug@software.joehewitt.com.xpi [2014-04-04]
FF Extension: FlashGot - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-04-22]
FF Extension: NoScript - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-21]
FF Extension: Adblock Plus - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-21]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-12-27] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-12-27] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2014-07-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-01] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-10-16] (AnchorFree Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-07-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed]
S3 MWAC; \??\C:\Windows\SysWOW64\drivers\ [0 ] () [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-02-08] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2011-07-15] (Creative Technology Ltd.)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-28 21:39 - 2014-09-28 21:39 - 00016483 _____ () C:\Users\Marvin\Desktop\FRST.txt
2014-09-28 21:36 - 2014-09-28 21:37 - 00028730 _____ () C:\Users\Marvin\Downloads\FRST.txt
2014-09-28 21:35 - 2014-09-28 21:36 - 02108928 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2014-09-28 21:02 - 2014-09-28 21:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-28 20:44 - 2014-09-28 20:44 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-28 20:44 - 2014-09-28 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-28 15:16 - 2014-09-28 15:16 - 00000983 _____ () C:\Users\Public\Desktop\WTFast.lnk
2014-09-28 15:16 - 2014-09-28 15:16 - 00000000 ____D () C:\Users\Marvin\AppData\Local\AAA_Internet_Publishing,_
2014-09-28 15:16 - 2014-09-28 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast
2014-09-28 15:16 - 2014-09-28 15:16 - 00000000 ____D () C:\Program Files (x86)\WTFast
2014-09-28 15:16 - 2014-01-03 16:36 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll
2014-09-28 15:16 - 2014-01-03 16:36 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll
2014-09-28 15:16 - 2014-01-03 16:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2014-09-28 15:06 - 2014-09-28 15:07 - 05696256 _____ (Initex & AAA Internet Publishing ) C:\Users\Marvin\Downloads\WTFastSetup.3.2.13.309.exe
2014-09-28 01:33 - 2014-09-28 01:33 - 00000000 ____D () C:\Users\Marvin\Desktop\data
2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 23:02 - 2014-09-23 23:03 - 00000000 ____D () C:\Users\Marvin\Desktop\MusikCDS
2014-09-21 23:21 - 2014-09-07 17:43 - 09279247 _____ () C:\Users\Marvin\Desktop\Juli-JS.jar
2014-09-21 23:19 - 2014-09-21 23:19 - 00000000 ____D () C:\Users\Marvin\Downloads\data
2014-09-21 23:18 - 2014-09-21 23:19 - 17641177 _____ () C:\Users\Marvin\Downloads\1.1.4.zip
2014-09-17 23:24 - 2014-09-17 23:24 - 01789642 _____ () C:\Users\Marvin\Downloads\Voyage_dans_les_iles_L.zip
2014-09-16 19:51 - 2014-09-15 03:00 - 00002084 _____ () C:\Users\Marvin\Desktop\2014-09-15-1.log.gz
2014-09-15 16:01 - 2014-09-15 16:02 - 02377725 _____ () C:\Users\Marvin\Downloads\StatisticsBundle.zip
2014-09-14 22:26 - 2014-09-14 22:27 - 01315785 _____ () C:\Users\Marvin\Downloads\ProtocolLib-3.4.0.jar
2014-09-14 22:25 - 2014-09-14 22:25 - 00053657 _____ () C:\Users\Marvin\Downloads\FakePlayersOnline.jar
2014-09-14 18:38 - 2014-09-14 18:38 - 00001216 _____ () C:\Users\Public\Desktop\Magic Ball 2.lnk
2014-09-14 18:38 - 2014-09-14 18:38 - 00001135 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2014-09-14 18:38 - 2014-09-14 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT
2014-09-14 18:38 - 2014-09-14 18:38 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-09-14 18:35 - 2014-09-14 18:36 - 11371039 _____ (INTENIUM GmbH) C:\Users\Marvin\Desktop\MagicBall2.exe
2014-09-14 18:33 - 2014-09-14 18:33 - 00367456 _____ () C:\Users\Marvin\Downloads\SoftonicDownloader_fuer_magic-ball-2.exe
2014-09-14 18:17 - 2014-09-14 18:17 - 00000019 _____ () C:\Windows\popcinfo.dat
2014-09-14 18:13 - 2014-09-14 18:14 - 00000000 ____D () C:\Program Files (x86)\Insaniquarium! Deluxe
2014-09-14 18:13 - 2014-09-14 18:13 - 00002026 _____ () C:\Users\Public\Desktop\Spiel Insaniquarium! Deluxe.lnk
2014-09-14 18:13 - 2014-09-14 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insaniquarium! Deluxe
2014-09-14 18:12 - 2014-09-14 18:12 - 00000963 _____ () C:\Users\Public\Desktop\Spiele.lnk
2014-09-14 18:11 - 2014-09-14 18:33 - 00000000 ____D () C:\ProgramData\Big Fish
2014-09-14 18:07 - 2014-09-14 18:33 - 00000000 ____D () C:\BigFishCache
2014-09-14 18:07 - 2014-09-14 18:11 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Big Fish
2014-09-14 18:04 - 2014-09-14 18:04 - 00000000 ____D () C:\Program Files (x86)\OXXOGames
2014-09-14 17:59 - 2014-09-14 18:18 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Alawar
2014-09-14 17:54 - 2014-09-14 17:55 - 03035432 _____ () C:\Users\Marvin\Downloads\strikeball3_setup.exe
2014-09-14 17:52 - 2014-09-14 17:54 - 35958680 _____ (INTENIUM GmbH) C:\Users\Marvin\Downloads\StrikeBall3.exe
2014-09-14 17:28 - 2014-09-14 17:28 - 00002920 _____ () C:\Windows\System32\Tasks\{EAD786A0-6103-4166-8D2E-706576C92272}
2014-09-14 17:27 - 2014-09-14 17:27 - 00002920 _____ () C:\Windows\System32\Tasks\{A9A2CBD7-66FF-4D28-862E-6DABAC6EF6B3}
2014-09-14 15:01 - 2014-09-14 15:01 - 00115956 _____ () C:\Users\Marvin\Downloads\World Longgest AFK Pool.rar
2014-09-10 21:59 - 2014-09-10 21:59 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 16:43 - 2014-09-10 16:43 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-08 00:22 - 2014-09-08 00:22 - 00001460 _____ () C:\Users\Marvin\Desktop\exx.ppk
2014-09-08 00:15 - 2014-09-08 00:15 - 00001460 _____ () C:\Users\Marvin\Desktop\keysshp.ppk
2014-09-08 00:15 - 2014-09-08 00:15 - 00000468 _____ () C:\Users\Marvin\Desktop\keyssh
2014-09-08 00:13 - 2014-09-08 00:13 - 00184320 _____ (Simon Tatham) C:\Users\Marvin\Downloads\puttygen.exe
2014-09-08 00:11 - 2014-09-08 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-09-08 00:10 - 2014-09-08 00:11 - 00000000 ____D () C:\Program Files (x86)\Git
2014-09-08 00:08 - 2014-09-08 00:10 - 17806885 _____ (The Git Development Community ) C:\Users\Marvin\Downloads\Git-1.9.4-preview20140815.exe
2014-09-04 23:50 - 2014-09-04 23:49 - 00001511 _____ () C:\Users\Marvin\Desktop\bukkit.yml
2014-09-02 21:24 - 2014-09-02 21:24 - 00008658 _____ () C:\Users\Marvin\Downloads\VoteCmd(1).jar
2014-09-02 20:58 - 2014-09-02 20:58 - 00008630 _____ () C:\Users\Marvin\Downloads\VoteCmd.jar
2014-08-29 20:05 - 2014-08-29 20:06 - 02782320 _____ (Beepa Pty Ltd) C:\Users\Marvin\Downloads\Fraps 3.5.99 Build 15618.exe
2014-08-29 20:04 - 2014-08-29 20:04 - 00067137 _____ () C:\Users\Marvin\Downloads\DragonServerAnalyse.jar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-28 21:39 - 2014-03-18 13:47 - 00000000 ____D () C:\FRST
2014-09-28 21:02 - 2014-07-09 01:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-28 20:58 - 2013-10-09 10:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-28 20:51 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 20:51 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 20:49 - 2013-10-08 23:00 - 01834211 _____ () C:\Windows\WindowsUpdate.log
2014-09-28 20:46 - 2013-10-09 15:08 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Skype
2014-09-28 20:46 - 2013-10-09 01:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-28 20:44 - 2013-10-09 15:08 - 00000000 ____D () C:\ProgramData\Skype
2014-09-28 20:41 - 2013-10-09 00:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-28 20:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 20:41 - 2009-07-14 06:51 - 00130301 _____ () C:\Windows\setupact.log
2014-09-28 20:40 - 2013-10-09 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-28 20:40 - 2010-11-21 05:47 - 00746164 _____ () C:\Windows\PFRO.log
2014-09-28 17:47 - 2014-04-10 22:17 - 00000000 ____D () C:\Users\Marvin\Desktop\eclipse_luna
2014-09-28 17:03 - 2013-10-09 00:09 - 00007614 _____ () C:\Users\Marvin\AppData\Local\Resmon.ResmonCfg
2014-09-28 15:21 - 2013-10-09 01:44 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\.minecraft
2014-09-27 14:56 - 2013-10-09 00:39 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\TS3Client
2014-09-27 14:32 - 2014-04-20 19:25 - 00000600 _____ () C:\Users\Marvin\AppData\Roaming\winscp.rnd
2014-09-25 15:32 - 2014-07-28 00:56 - 00033280 ___SH () C:\Users\Marvin\Desktop\Thumbs.db
2014-09-23 22:50 - 2013-10-09 12:15 - 00000600 _____ () C:\Users\Marvin\AppData\Local\PUTTY.RND
2014-09-22 15:28 - 2013-10-11 10:46 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Eclipse
2014-09-22 15:28 - 2013-10-09 01:40 - 00000000 ____D () C:\Program Files (x86)\eclipse
2014-09-21 23:24 - 2013-10-09 01:32 - 00000000 ____D () C:\Users\Marvin\Desktop\Marvin
2014-09-21 18:04 - 2013-10-09 08:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-21 18:04 - 2013-10-09 08:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-21 18:04 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 13:27 - 2014-08-23 15:24 - 00055921 _____ () C:\Users\Marvin\Desktop\Unbenannt 2.ods
2014-09-21 13:13 - 2014-08-09 14:36 - 00145920 ___SH () C:\Users\Marvin\Documents\Thumbs.db
2014-09-17 23:35 - 2013-11-22 00:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-15 18:50 - 2013-10-09 01:43 - 00000000 ____D () C:\Users\Marvin\Desktop\workspace
2014-09-14 18:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 18:23 - 2013-10-09 15:29 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-14 18:20 - 2013-11-06 16:15 - 00000000 ____D () C:\Users\Marvin\AppData\Local\CrashDumps
2014-09-14 15:12 - 2014-01-05 01:17 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-10 21:59 - 2013-10-09 10:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 21:59 - 2013-10-09 10:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 21:59 - 2013-10-09 10:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 19:55 - 2013-10-30 16:23 - 00000000 ____D () C:\Users\Marvin\git
2014-09-10 19:54 - 2013-12-02 20:57 - 00000000 ____D () C:\Users\Marvin\.ssh
2014-09-10 19:53 - 2013-10-08 23:04 - 00000000 ____D () C:\Users\Marvin
2014-09-10 16:43 - 2014-03-30 10:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 16:43 - 2014-03-30 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-10 16:43 - 2013-10-08 23:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-31 23:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-30 20:05 - 2014-07-28 00:58 - 00000000 ____D () C:\Users\Marvin\AppData\Local\ftblauncher

Some content of TEMP:
====================
C:\Users\Marvin\AppData\Local\Temp\avgnt.exe
C:\Users\Marvin\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll
C:\Users\Marvin\AppData\Local\Temp\jansi-64-git-Spigot-1543.dll
C:\Users\Marvin\AppData\Local\Temp\tempmessage.bfg


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-28 19:25

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 29.09.2014, 16:08   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



FRST öffnen, Haken bei Addition, dann nochmal
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.09.2014, 16:45   #5
GameMasterMM
 
Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



So. Hier die neuen Loggs:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 01
Ran by Marvin (administrator) on MARVIN-LAPTOP on 29-09-2014 17:42:57
Running from C:\Users\Marvin\Desktop
Loaded Profiles: Marvin (Available profiles: Marvin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
() C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\MountPoints2: {a53d0adf-bbf1-11e3-aa41-d4bed9269220} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\MountPoints2: {b17cbd96-9e24-11e3-8a42-d4bed9269220} - E:\SWINGRUN.EXE
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [5085416 2014-09-28] (Avira)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x244FBE3871C4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 02 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 03 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 04 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 15 C:\Windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 03 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 04 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 15 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "backup.ftp", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: Firebug - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\firebug@software.joehewitt.com.xpi [2014-04-04]
FF Extension: FlashGot - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-04-22]
FF Extension: NoScript - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-21]
FF Extension: Adblock Plus - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-21]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-12-27] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-12-27] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2014-07-20] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-01] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-10-16] (AnchorFree Inc.)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-07-20] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 MWAC; \??\C:\Windows\system32\drivers\ [0 ] () [File not signed]
S3 MWAC; \??\C:\Windows\SysWOW64\drivers\ [0 ] () [File not signed]
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-02-08] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2011-07-15] (Creative Technology Ltd.)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-28 22:44 - 2014-09-28 22:44 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2014-09-28 22:44 - 2014-09-28 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2014-09-28 21:39 - 2014-09-29 17:43 - 00016747 _____ () C:\Users\Marvin\Desktop\FRST.txt
2014-09-28 21:36 - 2014-09-28 21:37 - 00028730 _____ () C:\Users\Marvin\Downloads\FRST.txt
2014-09-28 21:35 - 2014-09-28 21:36 - 02108928 _____ (Farbar) C:\Users\Marvin\Desktop\FRST64.exe
2014-09-28 21:02 - 2014-09-28 22:24 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-09-28 20:44 - 2014-09-28 20:44 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-28 20:44 - 2014-09-28 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-28 15:16 - 2014-09-28 15:16 - 00000983 _____ () C:\Users\Public\Desktop\WTFast.lnk
2014-09-28 15:16 - 2014-09-28 15:16 - 00000000 ____D () C:\Users\Marvin\AppData\Local\AAA_Internet_Publishing,_
2014-09-28 15:16 - 2014-09-28 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast
2014-09-28 15:16 - 2014-09-28 15:16 - 00000000 ____D () C:\Program Files (x86)\WTFast
2014-09-28 15:16 - 2014-01-03 16:36 - 00079464 _____ (Initex) C:\Windows\system32\WTFastDrv.dll
2014-09-28 15:16 - 2014-01-03 16:36 - 00072296 _____ (Initex) C:\Windows\SysWOW64\WTFastDrv.dll
2014-09-28 15:16 - 2014-01-03 16:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SPORDER.DLL
2014-09-28 15:06 - 2014-09-28 15:07 - 05696256 _____ (Initex & AAA Internet Publishing ) C:\Users\Marvin\Downloads\WTFastSetup.3.2.13.309.exe
2014-09-28 01:33 - 2014-09-28 01:33 - 00000000 ____D () C:\Users\Marvin\Desktop\data
2014-09-25 15:10 - 2014-09-25 15:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-23 23:02 - 2014-09-23 23:03 - 00000000 ____D () C:\Users\Marvin\Desktop\MusikCDS
2014-09-21 23:21 - 2014-09-07 17:43 - 09279247 _____ () C:\Users\Marvin\Desktop\Juli-JS.jar
2014-09-21 23:19 - 2014-09-21 23:19 - 00000000 ____D () C:\Users\Marvin\Downloads\data
2014-09-21 23:18 - 2014-09-21 23:19 - 17641177 _____ () C:\Users\Marvin\Downloads\1.1.4.zip
2014-09-17 23:24 - 2014-09-17 23:24 - 01789642 _____ () C:\Users\Marvin\Downloads\Voyage_dans_les_iles_L.zip
2014-09-16 19:51 - 2014-09-15 03:00 - 00002084 _____ () C:\Users\Marvin\Desktop\2014-09-15-1.log.gz
2014-09-15 16:01 - 2014-09-15 16:02 - 02377725 _____ () C:\Users\Marvin\Downloads\StatisticsBundle.zip
2014-09-14 22:26 - 2014-09-14 22:27 - 01315785 _____ () C:\Users\Marvin\Downloads\ProtocolLib-3.4.0.jar
2014-09-14 22:25 - 2014-09-14 22:25 - 00053657 _____ () C:\Users\Marvin\Downloads\FakePlayersOnline.jar
2014-09-14 18:38 - 2014-09-14 18:38 - 00001216 _____ () C:\Users\Public\Desktop\Magic Ball 2.lnk
2014-09-14 18:38 - 2014-09-14 18:38 - 00001135 _____ () C:\Users\Public\Desktop\GAME CENTER.lnk
2014-09-14 18:38 - 2014-09-14 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT
2014-09-14 18:38 - 2014-09-14 18:38 - 00000000 ____D () C:\Program Files (x86)\DEUTSCHLAND SPIELT
2014-09-14 18:35 - 2014-09-14 18:36 - 11371039 _____ (INTENIUM GmbH) C:\Users\Marvin\Desktop\MagicBall2.exe
2014-09-14 18:33 - 2014-09-14 18:33 - 00367456 _____ () C:\Users\Marvin\Downloads\SoftonicDownloader_fuer_magic-ball-2.exe
2014-09-14 18:17 - 2014-09-14 18:17 - 00000019 _____ () C:\Windows\popcinfo.dat
2014-09-14 18:13 - 2014-09-14 18:14 - 00000000 ____D () C:\Program Files (x86)\Insaniquarium! Deluxe
2014-09-14 18:13 - 2014-09-14 18:13 - 00002026 _____ () C:\Users\Public\Desktop\Spiel Insaniquarium! Deluxe.lnk
2014-09-14 18:13 - 2014-09-14 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insaniquarium! Deluxe
2014-09-14 18:12 - 2014-09-14 18:12 - 00000963 _____ () C:\Users\Public\Desktop\Spiele.lnk
2014-09-14 18:11 - 2014-09-14 18:33 - 00000000 ____D () C:\ProgramData\Big Fish
2014-09-14 18:07 - 2014-09-14 18:33 - 00000000 ____D () C:\BigFishCache
2014-09-14 18:07 - 2014-09-14 18:11 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Big Fish
2014-09-14 18:04 - 2014-09-14 18:04 - 00000000 ____D () C:\Program Files (x86)\OXXOGames
2014-09-14 17:59 - 2014-09-14 18:18 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Alawar
2014-09-14 17:54 - 2014-09-14 17:55 - 03035432 _____ () C:\Users\Marvin\Downloads\strikeball3_setup.exe
2014-09-14 17:52 - 2014-09-14 17:54 - 35958680 _____ (INTENIUM GmbH) C:\Users\Marvin\Downloads\StrikeBall3.exe
2014-09-14 17:28 - 2014-09-14 17:28 - 00002920 _____ () C:\Windows\System32\Tasks\{EAD786A0-6103-4166-8D2E-706576C92272}
2014-09-14 17:27 - 2014-09-14 17:27 - 00002920 _____ () C:\Windows\System32\Tasks\{A9A2CBD7-66FF-4D28-862E-6DABAC6EF6B3}
2014-09-14 15:01 - 2014-09-14 15:01 - 00115956 _____ () C:\Users\Marvin\Downloads\World Longgest AFK Pool.rar
2014-09-10 21:59 - 2014-09-10 21:59 - 17903792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-09-10 16:43 - 2014-09-10 16:43 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-08 00:22 - 2014-09-08 00:22 - 00001460 _____ () C:\Users\Marvin\Desktop\exx.ppk
2014-09-08 00:15 - 2014-09-08 00:15 - 00001460 _____ () C:\Users\Marvin\Desktop\keysshp.ppk
2014-09-08 00:15 - 2014-09-08 00:15 - 00000468 _____ () C:\Users\Marvin\Desktop\keyssh
2014-09-08 00:13 - 2014-09-08 00:13 - 00184320 _____ (Simon Tatham) C:\Users\Marvin\Downloads\puttygen.exe
2014-09-08 00:11 - 2014-09-08 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-09-08 00:10 - 2014-09-08 00:11 - 00000000 ____D () C:\Program Files (x86)\Git
2014-09-08 00:08 - 2014-09-08 00:10 - 17806885 _____ (The Git Development Community ) C:\Users\Marvin\Downloads\Git-1.9.4-preview20140815.exe
2014-09-04 23:50 - 2014-09-04 23:49 - 00001511 _____ () C:\Users\Marvin\Desktop\bukkit.yml
2014-09-02 21:24 - 2014-09-02 21:24 - 00008658 _____ () C:\Users\Marvin\Downloads\VoteCmd(1).jar
2014-09-02 20:58 - 2014-09-02 20:58 - 00008630 _____ () C:\Users\Marvin\Downloads\VoteCmd.jar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-29 17:43 - 2014-03-18 13:47 - 00000000 ____D () C:\FRST
2014-09-29 17:34 - 2013-10-09 15:08 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Skype
2014-09-29 17:30 - 2013-10-09 01:44 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\.minecraft
2014-09-29 16:58 - 2013-10-09 10:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-29 15:18 - 2013-10-09 01:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-29 15:04 - 2013-10-09 00:39 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\TS3Client
2014-09-29 15:04 - 2013-10-08 23:00 - 01878977 _____ () C:\Windows\WindowsUpdate.log
2014-09-29 15:04 - 2009-07-14 06:51 - 00130357 _____ () C:\Windows\setupact.log
2014-09-29 15:03 - 2014-07-09 01:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-28 22:44 - 2013-10-08 23:07 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-28 22:37 - 2013-10-09 00:09 - 00007614 _____ () C:\Users\Marvin\AppData\Local\Resmon.ResmonCfg
2014-09-28 20:51 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 20:51 - 2009-07-14 06:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 20:44 - 2013-10-09 15:08 - 00000000 ____D () C:\ProgramData\Skype
2014-09-28 20:41 - 2013-10-09 00:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-28 20:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 20:40 - 2013-10-09 00:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-28 20:40 - 2010-11-21 05:47 - 00746164 _____ () C:\Windows\PFRO.log
2014-09-28 17:47 - 2014-04-10 22:17 - 00000000 ____D () C:\Users\Marvin\Desktop\eclipse_luna
2014-09-27 14:32 - 2014-04-20 19:25 - 00000600 _____ () C:\Users\Marvin\AppData\Roaming\winscp.rnd
2014-09-25 15:32 - 2014-07-28 00:56 - 00033280 ___SH () C:\Users\Marvin\Desktop\Thumbs.db
2014-09-23 22:50 - 2013-10-09 12:15 - 00000600 _____ () C:\Users\Marvin\AppData\Local\PUTTY.RND
2014-09-22 15:28 - 2013-10-11 10:46 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Eclipse
2014-09-22 15:28 - 2013-10-09 01:40 - 00000000 ____D () C:\Program Files (x86)\eclipse
2014-09-21 23:24 - 2013-10-09 01:32 - 00000000 ____D () C:\Users\Marvin\Desktop\Marvin
2014-09-21 18:04 - 2013-10-09 08:54 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2014-09-21 18:04 - 2013-10-09 08:54 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2014-09-21 18:04 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 13:27 - 2014-08-23 15:24 - 00055921 _____ () C:\Users\Marvin\Desktop\Unbenannt 2.ods
2014-09-21 13:13 - 2014-08-09 14:36 - 00145920 ___SH () C:\Users\Marvin\Documents\Thumbs.db
2014-09-17 23:35 - 2013-11-22 00:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-15 18:50 - 2013-10-09 01:43 - 00000000 ____D () C:\Users\Marvin\Desktop\workspace
2014-09-14 18:34 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-14 18:23 - 2013-10-09 15:29 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-14 18:20 - 2013-11-06 16:15 - 00000000 ____D () C:\Users\Marvin\AppData\Local\CrashDumps
2014-09-14 15:12 - 2014-01-05 01:17 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-10 21:59 - 2013-10-09 10:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 21:59 - 2013-10-09 10:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 21:59 - 2013-10-09 10:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-10 19:55 - 2013-10-30 16:23 - 00000000 ____D () C:\Users\Marvin\git
2014-09-10 19:54 - 2013-12-02 20:57 - 00000000 ____D () C:\Users\Marvin\.ssh
2014-09-10 19:53 - 2013-10-08 23:04 - 00000000 ____D () C:\Users\Marvin
2014-09-10 16:43 - 2014-03-30 10:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 16:43 - 2014-03-30 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-31 23:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-30 20:05 - 2014-07-28 00:58 - 00000000 ____D () C:\Users\Marvin\AppData\Local\ftblauncher

Some content of TEMP:
====================
C:\Users\Marvin\AppData\Local\Temp\avgnt.exe
C:\Users\Marvin\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.2-b2974jnks.dll
C:\Users\Marvin\AppData\Local\Temp\jansi-64-git-Spigot-1543.dll
C:\Users\Marvin\AppData\Local\Temp\tempmessage.bfg


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-28 19:25

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 01
Ran by Marvin at 2014-09-29 17:43:50
Running from C:\Users\Marvin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

10,000,000 (HKLM-x32\...\Steam App 227580) (Version:  - EightyEightGames)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden
Amazon Music (HKCU\...\Amazon Amazon Music) (Version: 3.2.0.591 - Amazon Services LLC)
ANNO 1404 - Venedig (HKLM-x32\...\{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}) (Version: 2.0.5008.0 - Ubisoft)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.03.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira System Speedup (HKLM-x32\...\AviraSpeedup) (Version: 1.3.1.9930 - Avira System Speedup)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Breath of Death VII  (HKLM-x32\...\Steam App 107300) (Version:  - Zeboyd Games)
BRINK (HKLM-x32\...\Steam App 22350) (Version:  - Splash Damage)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Car Tycoon (HKLM-x32\...\{1A75D40F-0DAB-47E1-BE66-85FD5703D1EE}) (Version: 1.00.0000 - Fishtank Interactive)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crazy Machines (HKLM-x32\...\Steam App 18420) (Version:  - Fakt Software)
Crazy Machines 1.5 Inventors Training Camp (HKLM-x32\...\Steam App 18460) (Version:  - Fakt Software)
Crazy Machines 1.5 New from the Lab (HKLM-x32\...\Steam App 18450) (Version:  - Fakt Software)
Crazy Machines 2 (HKLM-x32\...\Steam App 18400) (Version:  - Fakt Software)
Crazy Machines Elements (HKLM-x32\...\Steam App 206410) (Version:  - Fakt Software)
Crazy Machines: Golden Gears (HKLM-x32\...\Steam App 265240) (Version:  - FAKT Software Gmbh)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - Zeboyd Games)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Darwinia (HKLM-x32\...\Steam App 1500) (Version:  - Introversion Software)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DEFCON (HKLM-x32\...\Steam App 1520) (Version:  - Introversion Software)
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version:  - Positech Games)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version:  - )
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Free YouTube Download version 3.2.44.820 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.820 - DVDVideoSoft Ltd.)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - Mode 7)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Git version 1.9.4-preview20140815 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140815 - The Git Development Community)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.2.3.0 - GitHub, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version:  - IO Interactive)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - IO Interactive)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
Hive (HKLM-x32\...\Steam App 251210) (Version:  - Blueline Games)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version:  - BlinkWorks Media)
Insaniquarium! Deluxe (HKLM-x32\...\BFG-Insaniquarium! Deluxe) (Version:  - )
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
IntelliJ IDEA 13.1.1 (HKLM-x32\...\IntelliJ IDEA 13.1.1) (Version: 135.480 - JetBrains s.r.o.)
IntelliJ IDEA Community Edition 13.1.1 (HKLM-x32\...\IntelliJ IDEA Community Edition 13.1.1) (Version: 135.480 - JetBrains s.r.o.)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Just Cause (HKLM-x32\...\Steam App 6880) (Version:  - Avalanche)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
Magic Ball 2 (HKLM-x32\...\Magic Ball 2) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Minecolony floorplan editor 3.0c (HKCU\...\bd1bb547bd04472c) (Version: 1.0.0.1 - Lilleman)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
Mixxx 1.11.0 (HKLM-x32\...\Mixxx (1.11.0)) (Version: 1.11.0 - The Mixxx Development Team)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multiwinia (HKLM-x32\...\Steam App 1530) (Version:  - Introversion Software)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.2 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.8 (HKLM\...\{5D328A41-BFF8-4B78-B45E-5BEE1D133EF5}) (Version: 4.3.8 - Oracle Corporation)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Prototype (HKLM-x32\...\Steam App 10150) (Version:  - Radical Entertainment)
PROTOTYPE 2 (HKLM-x32\...\Steam App 115320) (Version:  - Radical Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PvP-Test Launcher Version 0.8 (HKLM-x32\...\{8DBB0017-F0B6-40E0-9883-1A49A3720E3A}_is1) (Version: 0.8 - PvP-Test.de & maxs97)
Python 2.7.5 (64-bit) (HKLM\...\{DBDD570E-0952-475F-9453-AB88F3DD565A}) (Version: 2.7.5150 - Python Software Foundation)
Rayman Legends (HKLM-x32\...\Steam App 242550) (Version:  - )
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Razer Mamba (HKLM-x32\...\{BF60B320-3AA3-4DFB-B542-BDA6D4F1A60E}) (Version: 2.01.05 - Razer USA Ltd.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Siedler3 (HKLM-x32\...\Siedler3Deinstall) (Version:  - )
simfy (HKLM-x32\...\Simfy) (Version: 1.7.5 - simfy AG)
simfy (x32 Version: 1.7.5 - simfy AG) Hidden
Singularity (HKLM-x32\...\Steam App 42670) (Version:  - Raven Software)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version:  - Raven Software)
Star Wars - Jedi Knight: Mysteries of the Sith (HKLM-x32\...\Steam App 32390) (Version:  - LucasArts)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version:  - LucasArts)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version:  - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Star Wars Starfighter (HKLM-x32\...\Steam App 32350) (Version:  - LucasArts)
Star Wars The Clone Wars: Republic Heroes (HKLM-x32\...\Steam App 32420) (Version:  - Krome Studios)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version:  - LucasArts)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version:  - Petroglyph)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Aspyr Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version:  - LucasArts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
SWING (HKLM-x32\...\SWING) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Basement Collection (HKLM-x32\...\Steam App 214790) (Version:  - Edmund McMillen, Tyler Glaiel)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
The Settlers 7: Paths to a Kingdom - Gold Edition (HKLM-x32\...\Steam App 48210) (Version:  - Blue Byte)
The Settlers: Rise of an Empire Gold Edition   (HKLM-x32\...\Steam App 19930) (Version:  - Blue Byte)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version:  - Outerlight)
The Walking Dead™: Survival Instinct (HKLM-x32\...\Steam App 220050) (Version:  - Terminal Reality, Inc.)
thriXXX Launcher (HKLM-x32\...\thriXXX Launcher) (Version:  - thriXXX Software GmbH)
TimeShift (HKLM-x32\...\Steam App 10130) (Version:  - Saber Interactive)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Steam App 207210) (Version:  - Robomodo)
TV3D SDK 6.5 Prerelease (HKLM-x32\...\TV3D SDK 6.5 Prerelease_is1) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Uplink (HKLM-x32\...\Steam App 1510) (Version:  - Introversion Software)
VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WhiteCap (HKLM-x32\...\WhiteCap) (Version: 6.1.2 - SoundSpectrum)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WinSCP 5.5.3 (HKLM-x32\...\winscp3_is1) (Version: 5.5.3 - Martin Prikryl)
Wireshark 1.10.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.3 - The Wireshark developer community, hxxp://www.wireshark.org)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)
WTFast 3.2 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.2.13.309 - Initex & AAA Internet Publishing)
YaCy (HKCU\...\YaCy) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3680688155-2668200437-4286530012-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()

==================== Restore Points  =========================

28-09-2014 17:32:32 Geplanter Prüfpunkt
28-09-2014 20:44:13 Avira System Speedup(1.3.1.9930)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03631551-92C8-4D5D-9ABC-F54062BAD714} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2014-09-28] (Avira)
Task: {0F963D41-3193-49AA-83CA-2244E89906B0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
Task: {29C934BB-892A-4B17-9E17-F1B48C42DECA} - System32\Tasks\{A9A2CBD7-66FF-4D28-862E-6DABAC6EF6B3} => D:\SIM_FARM\SETUP.EXE
Task: {6C47460D-9773-4247-B3EC-AB1F89D9DD1E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {78460CF6-BF52-4465-BF57-985C8C57437F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {D4D5E13F-E481-4051-AFB7-CC834E817A4C} - System32\Tasks\{EAD786A0-6103-4166-8D2E-706576C92272} => D:\SIM_FARM\SETUP.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 13:53 - 2010-12-17 13:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-12-28 00:44 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-02-22 23:24 - 2014-02-22 23:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-10-08 11:42 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-09 01:37 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-08-05 12:52 - 2014-07-22 22:46 - 03356480 _____ () C:\Users\Marvin\AppData\Local\Amazon Music\Amazon Music Helper.exe
2013-09-27 14:15 - 2013-09-27 14:15 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-09-27 14:15 - 2013-09-27 14:15 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-09-27 14:15 - 2013-09-27 14:15 - 00186344 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2013-09-27 14:15 - 2013-09-27 14:15 - 00565224 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-27 14:15 - 2013-09-27 14:15 - 00700904 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2013-10-30 17:01 - 2013-10-30 17:01 - 00055720 _____ () C:\Program Files\Java\jre7\bin\prism-d3d.dll
2013-10-30 17:01 - 2013-10-30 17:01 - 00197544 _____ () C:\Program Files\Java\jre7\bin\glass.dll
2013-10-30 17:01 - 2013-10-30 17:01 - 00590760 _____ () C:\Program Files\Java\jre7\bin\libxml2.dll
2013-10-30 17:01 - 2013-10-30 17:01 - 00202664 _____ () C:\Program Files\Java\jre7\bin\libxslt.dll
2013-10-30 17:01 - 2013-10-30 17:01 - 14863784 _____ () C:\Program Files\Java\jre7\bin\jfxwebkit.dll
2013-10-30 17:01 - 2013-10-30 17:01 - 00319912 _____ () C:\Program Files\Java\jre7\bin\javafx-font.dll
2014-09-29 16:54 - 2014-09-29 16:54 - 00306176 _____ () C:\Users\Marvin\AppData\Roaming\.minecraft\versions\1.7.2-LiteLoader1.7.2\1.7.2-LiteLoader1.7.2-natives-72802690425403\lwjgl64.dll
2014-09-29 16:54 - 2014-09-29 16:54 - 00382464 _____ () C:\Users\Marvin\AppData\Roaming\.minecraft\versions\1.7.2-LiteLoader1.7.2\1.7.2-LiteLoader1.7.2-natives-72802690425403\OpenAL64.dll
2014-09-29 16:54 - 2014-09-29 16:54 - 00065024 _____ () C:\Users\Marvin\AppData\Roaming\.minecraft\versions\1.7.2-LiteLoader1.7.2\1.7.2-LiteLoader1.7.2-natives-72802690425403\jinput-dx8_64.dll
2014-09-29 16:54 - 2014-09-29 16:54 - 00062464 _____ () C:\Users\Marvin\AppData\Roaming\.minecraft\versions\1.7.2-LiteLoader1.7.2\1.7.2-LiteLoader1.7.2-natives-72802690425403\jinput-raw_64.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-06 22:50 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-08-30 16:25 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 16:25 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 16:25 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-08-21 14:18 - 2014-09-03 21:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-24 14:43 - 2014-09-23 06:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 16:25 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 16:25 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-10-04 16:54 - 2014-09-23 06:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-03-30 11:20 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Marvin\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2013-09-10 14:20 - 2014-09-05 01:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-16 18:29 - 2014-09-05 01:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 08:50 - 2014-06-11 08:50 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-09-25 15:10 - 2014-09-25 15:10 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:1FD9DB67
AlternateDataStreams: C:\ProgramData\TEMP:FACB65E7

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3680688155-2668200437-4286530012-500 - Administrator - Disabled)
Gast (S-1-5-21-3680688155-2668200437-4286530012-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3680688155-2668200437-4286530012-1002 - Limited - Enabled)
Marvin (S-1-5-21-3680688155-2668200437-4286530012-1000 - Administrator - Enabled) => C:\Users\Marvin

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2014 03:03:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.0.2.0, Zeitstempel: 0x5318d363
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.0.2.0, Zeitstempel: 0x5318d363
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007da8a
ID des fehlerhaften Prozesses: 0x1a04
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3

Error: (09/29/2014 03:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (09/29/2014 03:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (09/29/2014 03:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/29/2014 01:54:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008

Error: (09/29/2014 01:54:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008

Error: (09/29/2014 01:54:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/29/2014 01:54:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (09/29/2014 01:54:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (09/29/2014 01:54:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/29/2014 03:03:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.

Error: (09/28/2014 11:47:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (09/28/2014 10:43:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/28/2014 09:02:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (09/28/2014 08:42:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/28/2014 08:41:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/28/2014 08:41:25 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (09/28/2014 03:08:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/28/2014 03:08:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/28/2014 03:08:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (09/29/2014 03:03:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.0.2.05318d363mbamservice.exe3.0.2.05318d363400000150007da8a1a0401cfdbe5d00e1513C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe0dcefb39-47d9-11e4-82b6-d4bed9269220

Error: (09/29/2014 03:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (09/29/2014 03:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999

Error: (09/29/2014 03:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/29/2014 01:54:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008

Error: (09/29/2014 01:54:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008

Error: (09/29/2014 01:54:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/29/2014 01:54:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (09/29/2014 01:54:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (09/29/2014 01:54:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-07-20 15:47:56.574
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-20 15:47:56.544
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-20 15:47:55.830
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-20 15:47:55.801
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 41%
Total physical RAM: 8139.86 MB
Available physical RAM: 4768.93 MB
Total Pagefile: 16277.9 MB
Available Pagefile: 11834.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:26.25 GB) NTFS
Drive e: (SWING2000) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: CE8E25DA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 30.09.2014, 09:17   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP

Alt 30.09.2014, 09:34   #7
GameMasterMM
 
Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



Guten Morgen,
Ich besitze bereits Malwarebytes, jedoch musste ich eben fesstellen, das sich die Database nicht mehr updaten lässt. Das Programm kann scheinbar keine Verbindung zum Server aufbauen.

Alt 01.10.2014, 07:26   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Standard

Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP



Dann scanne mit der alten und mach dann den Rest.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
bandbreite, datei, entdeck, fehlercode 0x40000015, fehlercode 22, fehlercode 28, fehlercode windows, folge, folgende, guten, handy, komisch, ordner, stehe, suche, this device is disabled. (code 22), verdächtige, volle, windows, wirkt, würde



Ähnliche Themen: Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP


  1. Win7: Verdächtigen DHL Link angeklickt + Bluescreen
    Log-Analyse und Auswertung - 15.06.2015 (10)
  2. Verdächtigen Link geöffnet, der über Email von Freundin kam (driversnews.tv)
    Smartphone, Tablet & Handy Security - 07.11.2014 (2)
  3. Windows 7: verdächtigen ZIP-Anhang geöffnet
    Log-Analyse und Auswertung - 05.10.2014 (9)
  4. Win 7 - AVG entdeckt Virus - *.sys dateien im windows ordner- Nach Löschung entstehen neue befallene Dateien
    Plagegeister aller Art und deren Bekämpfung - 14.09.2013 (13)
  5. Gen:Variant.Adware.Graftor.108504 im Temp Ordner entdeckt
    Plagegeister aller Art und deren Bekämpfung - 07.09.2013 (8)
  6. Backdoor.Generic12.CDKZ nach Einschalten einer PPPoE Pass Through-Verbindung im öffentlichen Benutzer-Ordner (Win7/64bit) entdeckt
    Plagegeister aller Art und deren Bekämpfung - 29.05.2013 (23)
  7. Verdächtigen e-mail Anhang heruntergeladen, aber nicht geöffnet: Ist das gefährlich?
    Alles rund um Mac OSX & Linux - 17.05.2013 (31)
  8. Bericht: USA verdächtigen Iran der Cyberangriffe
    Nachrichten - 13.10.2012 (0)
  9. TR/Crypt.XPACK.gen im WinAmp Ordner entdeckt
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (5)
  10. versteckter "poooooooasi" Ordner in C: entdeckt, Trojaner?!
    Log-Analyse und Auswertung - 27.08.2011 (6)
  11. Computer infiziert durch Besuch einer verdächtigen Seite?
    Log-Analyse und Auswertung - 30.09.2010 (4)
  12. Internet Explorer öffnet sich regelmäßig selbstständig. (Njywoa.exe macht verdächtigen Eindruck)
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (7)
  13. Avira findet verdächtigen Code (1001_de.htm)
    Log-Analyse und Auswertung - 19.07.2010 (1)
  14. Hilfe, habe auf der HDD ein Ordner mit allen PWs entdeckt
    Log-Analyse und Auswertung - 24.09.2008 (1)
  15. Firewall entdeckt Trojan.Win32.Patched/ Ordner nicht auffindbar
    Plagegeister aller Art und deren Bekämpfung - 07.08.2008 (2)
  16. Beim Anklicken einer verdächtigen Datei mit d. Maustaste im Explorer -> Systemabsturz
    Plagegeister aller Art und deren Bekämpfung - 15.03.2008 (8)
  17. "I-Worm.Sober.i" im Inbox-Ordner durch eScan entdeckt
    Log-Analyse und Auswertung - 25.12.2004 (2)

Zum Thema Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP - Guten Tag, seit einigen Tagen gleicht meine Bandbreite scheinbar einer Schnecke. Jedoch nur an meinem Laptop. Handy und der danebenstehende Pc haben die volle Leistung. Auf meiner Suche habe ich - Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP...
Archiv
Du betrachtest: Verdächtigen Ordner entdeckt 3F5C371F8EA24F259D3DD0B4526E3AEA.TMP auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.