Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win 7 mit 3 Problemen: Problem beim Starten von C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll (https://www.trojaner-board.de/149723-win-7-3-problemen-problem-beim-starten-c-users-admin-appdata-local-conduit-backgroundcontainer-dll.html)

cosinus 15.02.2014 15:09

Ok, jetzt ging ESET ja

Zitat:

C:\Program Files (x86)\iSchach\update.exe"
Wasndas? Kennst du das?

stuffi67 15.02.2014 22:28

Ja, das ist eine Datei zu einem Programm Schach online zu spielen. Wird von mir aber nicht mehr genutzt. Könnte das auch deinstallieren.

cosinus 16.02.2014 21:53

Dann ist das wohl eher ein Fehlalarm.

TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

stuffi67 17.02.2014 14:54

Schade, die Fehlermeldung kommt immer noch. Was habe ich jetzt falsch gemacht??

cosinus 17.02.2014 15:02

Was für ne Fehlermeldung kommt schon wieder, bitte genauer! :glaskugel:

stuffi67 17.02.2014 15:08

Beim Hochfahren die Meldung: C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer.dll

cosinus 17.02.2014 16:24

Neue FRST Logs, Haken setzen bei additions und dann scannen

stuffi67 17.02.2014 16:29

FRST Logfile:

FRST Logfile:
Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Admin (administrator) on ADMIN-PC on 17-02-2014 16:26:40
Running from C:\Users\Admin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
() C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
() C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_44_ActiveX.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroBroker.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-11] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2586504 2010-08-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\Run: [Adobe Reader Synchronizer] - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [698760 2013-12-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: E - E:\FSetup.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: F - F:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {07f834b9-1f13-11e1-83a1-002454de19a2} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {07f834c6-1f13-11e1-83a1-002454de19a2} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f40c1-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f4107-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {113f4130-3f62-11e1-82e2-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {1620fda4-2988-11e2-83cf-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {1620fe48-2988-11e2-83cf-001e101f7f74} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {244b3c55-2178-11e1-8370-4cedde226fcd} - D:\AutoRun.exe
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {25a37d7e-6187-11e1-b279-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e14d-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e15f-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e190-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e19b-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {3928e1ab-bdf7-11e2-9a7b-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a0f77-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a0ff5-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a1018-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {488a1027-4539-11e2-883f-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {5497a038-44cc-11e2-b233-001e101fe70e} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {5497a04f-44cc-11e2-b233-001e101fe70e} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {9fc37f9d-eb8f-11e2-b1d3-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {aa50d1b7-6f0f-11e2-a9cf-806e6f6e6963} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {ad5d6f15-4b3c-11e1-82ef-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {ad5d6f9d-4b3c-11e1-82ef-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {b3055611-66b6-11e2-9930-002454de19a2} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {cb651a38-f569-11e2-b17d-4cedde226fcd} - D:\.\Setup.exe AUTORUN=1
HKU\S-1-5-21-184453861-435592055-3614440537-1000\...\MountPoints2: {f58342a0-9aa9-11e1-88d7-002454de19a2} - D:\.\Setup.exe AUTORUN=1

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
SearchScopes: HKCU - DefaultScope {C5DEEA89-9BC1-4B78-8FA0-396C4C484222} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {C5DEEA89-9BC1-4B78-8FA0-396C4C484222} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKCU - {CA715ED4-91FF-4F5E-A053-EA79F72CDBD0} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
BHO: No Name - {11111111-1111-1111-1111-110311341140} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Admin\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: W2PBrowser Class - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll ()
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome:
=======
CHR Extension: (Der Schnäppchenfuchs Gutscheinfinder) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\camijhkahcckljhgpgfgglbegedoepda [2014-01-13]
CHR HKLM\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKCU\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [camijhkahcckljhgpgfgglbegedoepda] - C:\Program Files (x86)\PallySoftAddon\PallySoftAddon-crx.crx [2014-01-13]
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Admin\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Services (Whitelisted) =================

R2 ALDITALKVerbindungsassistent_Service; C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe [358968 2013-08-16] ()
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
S4 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
S4 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [570368 2011-10-27] (Hauppauge Computer Works)
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2014-01-02] (iolo technologies, LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 WOTUpdater; C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-05-07] (EldoS Corporation)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [138752 2012-01-19] (Huawei Technologies Co., Ltd.)
S3 ewusbnet; C:\Windows\SysWOW64\DRIVERS\ewusbnet.sys [138752 2013-05-18] (Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\SysWOW64\DRIVERS\ew_hwusbdev.sys [117248 2013-05-18] (Huawei Technologies Co., Ltd.)
S3 hcw10bda; C:\Windows\System32\drivers\hcw10bda.sys [641920 2010-12-09] (Hauppauge Computer Works, Inc.)
S2 hcw10cir; C:\Windows\System32\drivers\hcw10cir.sys [46080 2010-05-10] (Hauppauge Computer Works, Inc.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [121600 2013-05-18] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-16] (Windows (R) 2003 DDK 3790 provider)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-17 16:26 - 2014-02-17 16:26 - 00017119 ____C () C:\Users\Admin\Desktop\FRST.txt
2014-02-17 15:01 - 2014-02-17 15:05 - 00100352 ____C () C:\Users\Admin\Desktop\D-Mädchen.xls
2014-02-17 14:26 - 2014-02-17 14:26 - 00448512 ____C (OldTimer Tools) C:\Users\Admin\Desktop\TFC.exe
2014-02-14 16:35 - 2014-02-14 16:49 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-14 16:33 - 2014-02-14 16:33 - 00000207 ____C () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-14 16:32 - 2014-02-14 16:32 - 00000000 ___DC () C:\RegBackup
2014-02-14 15:33 - 2014-02-14 15:33 - 00000000 ___DC () C:\Users\Admin\Desktop\tweaking.com_windows_repair_aio
2014-02-14 15:31 - 2014-02-14 15:31 - 02903255 ____C () C:\Users\Admin\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-14 14:51 - 2014-02-14 14:51 - 02347384 ____C (ESET) C:\Users\Admin 2\Desktop\esetsmartinstaller_enu.exe
2014-02-14 14:49 - 2014-02-14 14:49 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\ATI
2014-02-14 14:49 - 2014-02-14 14:49 - 00000000 ___DC () C:\Users\Admin 2\AppData\Local\ATI
2014-02-14 14:47 - 2014-02-14 14:47 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\Macromedia
2014-02-14 14:46 - 2014-02-14 14:46 - 00116048 ____C () C:\Users\Admin 2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-14 14:46 - 2014-02-14 14:46 - 00001457 ____C () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 14:46 - 2014-02-14 14:46 - 00000020 __SHC () C:\Users\Admin 2\ntuser.ini
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Vorlagen
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Startmenü
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Netzwerkumgebung
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Lokale Einstellungen
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Eigene Dateien
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Druckumgebung
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Documents\Eigene Musik
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Documents\Eigene Bilder
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\AppData\Local\Verlauf
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\AppData\Local\Anwendungsdaten
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Anwendungsdaten
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 __RDC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 __RDC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\ioloGovernor
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\Adobe
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Local\VirtualStore
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2
2014-02-14 14:46 - 2014-02-13 12:17 - 00000000 ___DC () C:\Users\Admin 2\AppData\Local\Microsoft Help
2014-02-14 14:46 - 2014-02-07 22:13 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-14 14:46 - 2009-07-14 05:54 - 00000000 __RDC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-14 14:46 - 2009-07-14 05:49 - 00000000 __RDC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-14 12:56 - 2014-02-14 12:56 - 02347384 ____C (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_enu.exe
2014-02-13 17:00 - 2014-02-13 17:44 - 00000000 ___DC () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-13 16:56 - 2014-02-13 17:44 - 00000000 ___DC () C:\Users\Admin\Desktop\mbar
2014-02-13 16:51 - 2014-02-13 16:51 - 12589848 ____C (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.07.0.1009.exe
2014-02-13 13:00 - 2014-02-13 13:00 - 00380416 ____C () C:\Users\Admin\Desktop\Gmer-19357.exe
2014-02-13 12:53 - 2014-02-17 16:26 - 00000000 ___DC () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-02-13 12:52 - 2014-02-13 12:52 - 00000000 ____C () C:\Users\Admin\defogger_reenable
2014-02-13 12:51 - 2014-02-13 12:51 - 00050477 ____C () C:\Users\Admin\Desktop\Defogger.exe
2014-02-13 12:11 - 2014-02-13 12:11 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 12:10 - 2014-02-13 12:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:10 - 2014-02-13 12:11 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:10 - 2014-02-13 12:11 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 12:10 - 2014-02-13 12:11 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:10 - 2014-02-13 12:11 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 12:10 - 2014-02-13 12:11 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 13:11 - 2014-02-13 12:16 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 13:11 - 2014-02-13 12:16 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 13:11 - 2014-02-13 12:15 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 13:11 - 2014-02-13 12:15 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 13:11 - 2014-02-13 12:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 13:10 - 2014-02-13 12:14 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-12 13:10 - 2014-02-13 12:14 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 13:10 - 2014-02-13 12:13 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-10 21:19 - 2014-02-17 16:26 - 02152448 ____C (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-02-10 18:05 - 2014-02-10 18:05 - 00000335 ____C () C:\Users\Admin\Fixlist.txt
2014-02-10 17:33 - 2014-02-10 17:34 - 01037530 ____C (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-02-10 17:22 - 2014-02-10 17:22 - 01166132 ____C () C:\Users\Admin\Desktop\adwcleaner.exe
2014-02-10 17:03 - 2014-02-10 17:03 - 10285040 ____C (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-08 22:58 - 2014-02-08 22:58 - 00001912 ____C () C:\Windows\epplauncher.mif
2014-02-08 22:58 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Security Client
2014-02-07 13:02 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files\Microsoft Security Client
2014-02-05 22:31 - 2014-02-05 22:31 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Macromedia
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Mozilla
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-02-04 21:14 - 2014-02-04 21:14 - 00000000 ___DC () C:\Windows\ERUNT
2014-02-04 20:56 - 2014-02-13 19:59 - 00000000 ___DC () C:\AdwCleaner
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-02-04 18:04 - 2014-02-17 16:26 - 00000000 ___DC () C:\FRST
2014-02-01 18:24 - 2014-02-01 18:24 - 00090112 ____C () C:\Users\Admin\Desktop\D- Mädchen- Spielplan.xls

==================== One Month Modified Files and Folders =======

2014-02-17 16:26 - 2014-02-17 16:26 - 00017119 ____C () C:\Users\Admin\Desktop\FRST.txt
2014-02-17 16:26 - 2014-02-13 12:53 - 00000000 ___DC () C:\Users\Admin\Desktop\FRST-OlderVersion
2014-02-17 16:26 - 2014-02-10 21:19 - 02152448 ____C (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-02-17 16:26 - 2014-02-04 18:04 - 00000000 ___DC () C:\FRST
2014-02-17 15:05 - 2014-02-17 15:01 - 00100352 ____C () C:\Users\Admin\Desktop\D-Mädchen.xls
2014-02-17 14:52 - 2009-07-14 05:45 - 00013936 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-17 14:52 - 2009-07-14 05:45 - 00013936 ___HC () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-17 14:50 - 2010-09-01 00:01 - 01952987 ____C () C:\Windows\WindowsUpdate.log
2014-02-17 14:49 - 2012-01-16 13:43 - 00000000 ___DC () C:\Users\Admin\Desktop\Kurzfristige Datei
2014-02-17 14:47 - 2012-10-04 10:25 - 00040188 ____C () C:\Windows\setupact.log
2014-02-17 14:47 - 2009-07-14 06:08 - 00000006 ___HC () C:\Windows\Tasks\SA.DAT
2014-02-17 14:26 - 2014-02-17 14:26 - 00448512 ____C (OldTimer Tools) C:\Users\Admin\Desktop\TFC.exe
2014-02-16 23:01 - 2012-01-02 15:34 - 00003930 ____C () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EA6C763E-97F2-4220-93F2-531FCE4ABB8C}
2014-02-16 22:27 - 2012-10-10 20:16 - 00324278 ____C () C:\Windows\PFRO.log
2014-02-15 10:01 - 2012-06-23 16:17 - 00000000 __RDC () C:\Program Files (x86)\Skype
2014-02-14 21:52 - 2010-11-02 22:29 - 01570280 ____C () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-14 21:52 - 2010-09-01 05:23 - 00686272 ____C () C:\Windows\system32\perfh007.dat
2014-02-14 21:52 - 2010-09-01 05:23 - 00145814 ____C () C:\Windows\system32\perfc007.dat
2014-02-14 21:52 - 2009-07-14 06:13 - 01570280 ____C () C:\Windows\system32\PerfStringBackup.INI
2014-02-14 16:52 - 2010-10-28 15:38 - 00116048 ____C () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-14 16:51 - 2009-07-14 05:45 - 00438904 ____C () C:\Windows\system32\FNTCACHE.DAT
2014-02-14 16:49 - 2014-02-14 16:35 - 00181064 ____C (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-14 16:45 - 2009-07-14 03:34 - 00000514 ____C () C:\Windows\win.ini
2014-02-14 16:33 - 2014-02-14 16:33 - 00000207 ____C () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-14 16:32 - 2014-02-14 16:32 - 00000000 ___DC () C:\RegBackup
2014-02-14 16:07 - 2009-07-14 00:34 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntmarta.dll
2014-02-14 15:33 - 2014-02-14 15:33 - 00000000 ___DC () C:\Users\Admin\Desktop\tweaking.com_windows_repair_aio
2014-02-14 15:31 - 2014-02-14 15:31 - 02903255 ____C () C:\Users\Admin\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-14 14:51 - 2014-02-14 14:51 - 02347384 ____C (ESET) C:\Users\Admin 2\Desktop\esetsmartinstaller_enu.exe
2014-02-14 14:49 - 2014-02-14 14:49 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\ATI
2014-02-14 14:49 - 2014-02-14 14:49 - 00000000 ___DC () C:\Users\Admin 2\AppData\Local\ATI
2014-02-14 14:47 - 2014-02-14 14:47 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\Macromedia
2014-02-14 14:46 - 2014-02-14 14:46 - 00116048 ____C () C:\Users\Admin 2\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-14 14:46 - 2014-02-14 14:46 - 00001457 ____C () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-14 14:46 - 2014-02-14 14:46 - 00000020 __SHC () C:\Users\Admin 2\ntuser.ini
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Vorlagen
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Startmenü
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Netzwerkumgebung
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Lokale Einstellungen
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Eigene Dateien
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Druckumgebung
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Documents\Eigene Musik
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Documents\Eigene Bilder
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\AppData\Local\Verlauf
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\AppData\Local\Anwendungsdaten
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 SHDCL () C:\Users\Admin 2\Anwendungsdaten
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 __RDC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 __RDC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\ioloGovernor
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\Adobe
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Local\VirtualStore
2014-02-14 14:46 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2
2014-02-14 13:11 - 2013-08-14 22:01 - 00000000 ___DC () C:\Windows\system32\MRT
2014-02-14 13:08 - 2010-12-07 17:34 - 88567024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 12:56 - 2014-02-14 12:56 - 02347384 ____C (ESET) C:\Users\Admin\Desktop\esetsmartinstaller_enu.exe
2014-02-13 19:59 - 2014-02-04 20:56 - 00000000 ___DC () C:\AdwCleaner
2014-02-13 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 17:44 - 2014-02-13 17:00 - 00000000 ___DC () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-13 17:44 - 2014-02-13 16:56 - 00000000 ___DC () C:\Users\Admin\Desktop\mbar
2014-02-13 16:51 - 2014-02-13 16:51 - 12589848 ____C (Malwarebytes Corp.) C:\Users\Admin\Desktop\mbar-1.07.0.1009.exe
2014-02-13 13:00 - 2014-02-13 13:00 - 00380416 ____C () C:\Users\Admin\Desktop\Gmer-19357.exe
2014-02-13 12:52 - 2014-02-13 12:52 - 00000000 ____C () C:\Users\Admin\defogger_reenable
2014-02-13 12:52 - 2010-10-28 15:35 - 00000000 ___DC () C:\Users\Admin
2014-02-13 12:51 - 2014-02-13 12:51 - 00050477 ____C () C:\Users\Admin\Desktop\Defogger.exe
2014-02-13 12:17 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Local\Microsoft Help
2014-02-13 12:17 - 2011-08-19 14:49 - 00000000 ___DC () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-13 12:17 - 2011-08-19 14:49 - 00000000 ___DC () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-13 12:16 - 2014-02-12 13:11 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 12:16 - 2014-02-12 13:11 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 12:15 - 2014-02-12 13:11 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 12:15 - 2014-02-12 13:11 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 12:15 - 2014-02-12 13:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 12:14 - 2014-02-12 13:10 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-13 12:14 - 2014-02-12 13:10 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 12:13 - 2014-02-12 13:10 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:11 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 12:11 - 2014-02-13 12:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 12:11 - 2014-02-13 12:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 12:11 - 2014-02-13 12:10 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 12:11 - 2014-02-13 12:10 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 12:11 - 2014-02-13 12:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 12:11 - 2014-02-13 12:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 15:31 - 2010-10-28 15:37 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Adobe
2014-02-10 18:05 - 2014-02-10 18:05 - 00000335 ____C () C:\Users\Admin\Fixlist.txt
2014-02-10 17:34 - 2014-02-10 17:33 - 01037530 ____C (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-02-10 17:25 - 2012-07-04 21:38 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-02-10 17:22 - 2014-02-10 17:22 - 01166132 ____C () C:\Users\Admin\Desktop\adwcleaner.exe
2014-02-10 17:03 - 2014-02-10 17:03 - 10285040 ____C (Malwarebytes Corporation ) C:\Users\Admin\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-10 12:45 - 2010-10-28 15:35 - 00000000 _SHDC () C:\Recovery
2014-02-08 22:58 - 2014-02-08 22:58 - 00001912 ____C () C:\Windows\epplauncher.mif
2014-02-08 22:58 - 2014-02-08 22:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Security Client
2014-02-08 22:58 - 2014-02-07 13:02 - 00000000 ___DC () C:\Program Files\Microsoft Security Client
2014-02-07 22:20 - 2010-12-08 17:12 - 00000000 ___DC () C:\Users\Admin\AppData\Local\CrashDumps
2014-02-07 22:13 - 2014-02-14 14:46 - 00000000 ___DC () C:\Users\Admin 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2011-11-12 11:13 - 00000000 ___DC () C:\Windows\system32\Macromed
2014-02-07 22:13 - 2010-11-06 18:36 - 00000000 ___DC () C:\Users\Gast
2014-02-07 22:13 - 2010-11-06 18:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2010-10-28 15:42 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2014-02-07 22:13 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\AppCompat
2014-02-07 22:12 - 2014-01-16 15:29 - 00000000 ___DC () C:\Program Files (x86)\Avira
2014-02-07 22:12 - 2014-01-09 16:59 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\iolo
2014-02-07 22:12 - 2012-10-19 19:14 - 00000000 ___DC () C:\ProgramData\Avira
2014-02-07 22:12 - 2012-09-07 21:18 - 00000000 __HDC () C:\ProgramData\CanonIJEGV
2014-02-07 22:12 - 2010-09-01 00:09 - 00000000 ___DC () C:\ProgramData\WinClon
2014-02-07 22:11 - 2010-12-12 17:02 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Skype
2014-02-07 22:11 - 2009-07-14 04:20 - 00000000 ___DC () C:\Windows\registration
2014-02-07 22:08 - 2010-12-06 21:40 - 00000000 _RHDC () C:\MSOCache
2014-02-05 22:31 - 2014-02-05 22:31 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Macromedia
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\Users\Admin\AppData\Local\Mozilla
2014-02-05 21:59 - 2014-02-05 21:59 - 00000000 ___DC () C:\ProgramData\Mozilla
2014-02-04 21:14 - 2014-02-04 21:14 - 00000000 ___DC () C:\Windows\ERUNT
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-02-04 20:12 - 2014-02-04 20:12 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-02-01 18:24 - 2014-02-01 18:24 - 00090112 ____C () C:\Users\Admin\Desktop\D- Mädchen- Spielplan.xls
2014-01-19 08:33 - 2010-12-07 19:41 - 00270496 ____C (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-08 14:57

==================== End Of Log ============================

--- --- ---

--- --- ---


Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by Admin at 2014-02-17 16:27:26
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
ALDI TALK Verbindungsassistent (x32 Version: ALDI TALK 4.0 - ALDI TALK Verbindungsassistent)
Amazon Kindle (HKCU Version:  - Amazon)
Amazon MP3-Downloader 1.0.9 (x32 Version:  - )
Atheros Client Installation Program (x32 Version: 1.0.5.0621 - Atheros)
ATI Catalyst Install Manager (Version: 3.0.765.0 - ATI Technologies, Inc.)
Auerswald COMset 2.7.2 (x32 Version: 2.7.2 - Auerswald GmbH & Co.KG)
AVM FRITZ!Box Dokumentation (x32 Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (x32 Version:  - AVM Berlin)
BatteryLifeExtender (x32 Version: 1.0.5 - Samsung)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Broadcom 802.11 Network Adapter (Version: 5.60.48.44 - Broadcom Corporation)
Brother HL-3040CN (x32 Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-425CN (x32 Version: 1.0.1.0 - Brother Industries, Ltd.)
Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden
Canon Easy-PhotoPrint EX (x32 Version:  - )
Canon Easy-WebPrint EX (x32 Version:  - )
Canon IJ Network Scan Utility (x32 Version:  - )
Canon IJ Network Tool (x32 Version:  - )
Canon MG5200 series Benutzerregistrierung (x32 Version:  - )
Canon MG5200 series MP Drivers (Version:  - )
Canon MP Navigator EX 4.0 (x32 Version:  - )
Canon My Printer (x32 Version:  - )
Canon Solution Menu EX (x32 Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0329.836.13543 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0329.836.13543 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0329.836.13543 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help English (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help French (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help German (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0329.0835.13543 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0329.836.13543 - ATI) Hidden
ccc-utility64 (Version: 2010.0329.836.13543 - ATI) Hidden
CCleaner (Version: 3.23 - Piriform)
CD-LabelPrint (x32 Version:  - )
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
CVE-2013-3893 (Version:  - )
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX Codec (x32 Version: 5.1.1 - DivXNetworks, Inc.)
DivX Player (x32 Version: 2.5.3 - DivXNetworks, Inc.)
Easy Display Manager (x32 Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (x32 Version: 4.4.1 - Samsung)
Easy SpeedUp Manager (x32 Version: 2.1.0.15 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (x32 Version: 4.0.0.4 - Samsung)
ETDWare PS/2-X64 8.0.7.0_WHQL (Version: 8.0.7.0 - ELAN Microelectronic Corp.)
Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden
Free MP3 Cutter and Editor 2.6 (x32 Version:  - musetips.com)
FreePDF (Remove only) (x32 Version:  - )
GPL Ghostscript (x32 Version: 9.07 - Artifex Software Inc.)
Hauppauge WinTV 7 (x32 Version: v7.0.29302 (CD 2.4d) - Hauppauge Computer Works)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
iolo technologies' System Mechanic (x32 Version: 12.5.0 - iolo technologies, LLC)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden
JRE 1.6.1 (x32 Version: 1.6.1 - Auerswald GmbH & Co.KG)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Marvell Miniport Driver (x32 Version: 11.24.27.3 - Marvell)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (x32 Version: 3.3.0.1342 - TomTom)
OpenOffice.org 3.4 (x32 Version: 3.4.9590 - OpenOffice.org)
Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden
QuickTime (x32 Version:  - )
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6176 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (Version:  - )
Samsung AnyWeb Print (x32 Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung AnyWeb Print (x32 Version: 1.1.19.0 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 5 (x32 Version: 5.0.0.6 - Samsung)
Samsung Support Center 1.0 (x32 Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (x32 Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (x32 Version: 3.0.1.17 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype Click to Call (x32 Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
SweetIM for Messenger 3.6 (x32 Version: 3.6.0003 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetIM Toolbar for Internet Explorer 4.3 (x32 Version: 4.3.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
User Guide (x32 Version: 1.0 - )
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.0.8 (x32 Version: 2.0.8 - VideoLAN)
WildTangent Games (x32 Version: 1.0.1.5 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ZoneAlarm Security Toolbar on IE and Chrome (x32 Version: 1.8.11.11 - Check Point Software Technologies LTD)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

13-02-2014 11:08:49 Windows Update
14-02-2014 11:30:23 Windows Update
14-02-2014 12:05:56 Windows Update
14-02-2014 12:12:41 Windows Update
14-02-2014 13:15:55 Windows Update
14-02-2014 13:17:12 Windows Update
14-02-2014 13:17:55 Windows Update
14-02-2014 13:20:05 Windows Update
14-02-2014 14:06:16 Windows Update
14-02-2014 15:31:12 Tweaking.com - Windows Repair
14-02-2014 20:51:24 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-14 16:46 - 00000855 ___AC C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {00BEB64F-E24F-473C-9365-EC1A6FC6E26A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {320C56DF-84E9-48F7-8A4E-2C88DDE462B6} - System32\Tasks\{33682CEF-5B67-4FCC-9369-150761E7F3B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1618
Task: {4575AA02-124C-4CBD-AC86-355C01D02EF9} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {59CB789D-CF6B-42B1-B46E-F97BC154750E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
Task: {6314B01E-A90D-4A61-AB27-C938E744D1A4} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-08-09] (Samsung Electronics Co., Ltd.)
Task: {6B5A75D0-D66E-43EF-8C27-4B06EDE690FB} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {6D42FE76-FE67-448E-BF42-2AABFD17503F} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2014-01-02] (iolo technologies, LLC)
Task: {81E8427D-ADEC-457D-8980-A3B6241B5FB5} - \PC Performer_DEFAULT No Task File
Task: {8F5D96D0-7119-42F6-8A71-8A0806AC49A7} - \PC Performer_UPDATES No Task File
Task: {9CA92E41-C014-418E-A675-506C5522CBF4} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-07-27] (SEC)
Task: {9EC85110-821E-4634-8345-111FD0BA6EB8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-12-20] (Samsung Electronics)
Task: {ADB17B23-E301-4D04-8499-EEC695D4E114} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-08-05] (Samsung Electronics)
Task: {D418A444-5912-4689-964C-5FAEB1D83588} - System32\Tasks\{4452FA3D-120C-422A-A66D-7682A63E81E3} => C:\Users\Admin\Downloads\Adobe-Flash-Player-Setup.exe [2014-01-14] ()
Task: {DCE395CF-4395-49B2-BC76-3CCDD1DBF626} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {DED44D84-DDC2-4B4D-B9D5-BCC933250AD8} - System32\Tasks\{42CE070D-EAD3-428A-B7E7-EDD2C008F8BD} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.5.0.158/de/go/help.faq.installer?LastError=1618
Task: {F382143A-D4EC-45CC-8F36-AD528839516E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2013-05-18 19:50 - 2013-05-18 19:57 - 00510520 ____C () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe
2009-02-12 06:32 - 2009-02-12 06:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-31 23:59 - 2010-08-31 23:59 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-05-18 19:50 - 2013-08-16 13:45 - 00358968 ____C () C:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
2012-01-12 11:23 - 2012-01-12 11:23 - 00018432 ____C () C:\Users\Admin\AppData\LocalLow\WOT\IE\WOTUpdater.exe
2010-09-01 00:07 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2013-11-29 10:29 - 2013-11-29 10:29 - 00026520 ____C () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00082840 ____C () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00344984 ____C () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2010-09-01 00:10 - 2010-05-07 15:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 ____C () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/14/2014 09:31:17 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 09:16:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 09:16:25 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 09:13:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 05:01:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 05:01:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 05:01:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/14/2014 04:42:48 PM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\DE-DE\AACLIENT.MFL

Error: (02/14/2014 04:42:33 PM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (02/14/2014 02:51:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/17/2014 02:47:45 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Hauppauge CIR Receiver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058

Error: (02/17/2014 02:47:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/17/2014 02:47:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.

Error: (02/17/2014 02:47:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/17/2014 02:47:40 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.

Error: (02/17/2014 02:27:19 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/16/2014 10:27:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Hauppauge CIR Receiver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058

Error: (02/16/2014 10:27:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/16/2014 10:27:40 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.

Error: (02/16/2014 10:27:36 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (02/14/2014 09:31:17 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/14/2014 09:16:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Admin\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\7PZRAFAI\esetsmartinstaller_enu.exe

Error: (02/14/2014 09:16:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Admin\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\7PZRAFAI\esetsmartinstaller_enu.exe

Error: (02/14/2014 09:13:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/14/2014 05:01:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Desktop\esetsmartinstaller_enu.exe

Error: (02/14/2014 05:01:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Desktop\esetsmartinstaller_enu.exe

Error: (02/14/2014 05:01:33 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Desktop\esetsmartinstaller_enu.exe

Error: (02/14/2014 04:42:48 PM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\DE-DE\AACLIENT.MFL

Error: (02/14/2014 04:42:33 PM) (Source: WinMgmt)(User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (02/14/2014 02:51:48 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin 2\Desktop\esetsmartinstaller_enu.exe


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 4060.61 MB
Available physical RAM: 2374.73 MB
Total Pagefile: 10148.79 MB
Available Pagefile: 8189.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:280.1 GB) (Free:167.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 8074A547)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=280 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=27)

==================== End Of Log ============================


cosinus 17.02.2014 16:37

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

Task: {59CB789D-CF6B-42B1-B46E-F97BC154750E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer


Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


stuffi67 17.02.2014 16:41

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014
Ran by Admin at 2014-02-17 16:40:30 Run:2
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {59CB789D-CF6B-42B1-B46E-F97BC154750E} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59CB789D-CF6B-42B1-B46E-F97BC154750E} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59CB789D-CF6B-42B1-B46E-F97BC154750E} => Key deleted successfully.
C:\Windows\System32\Tasks\BackgroundContainer Startup Task => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task => Key deleted successfully.
"C:\Users\Admin\AppData\Local\Conduit\BackgroundContainer" => File/Directory not found.

==== End of Fixlog ====


cosinus 17.02.2014 20:54

Meldung weg?

stuffi67 19.02.2014 17:18

*** JUHUUU !!!! *** Fehlermeldung ist jetzt weg und sonst läuft gerade auch alles. :applaus:
Ich habe bei mir inzwischen Avira-free-antivir deinstalliert und stattdessen Microsoft Security Essentials laufen.
Welches Antivirus-Programm ist denn Empfehlenswert?

Danke jedenfalls für Eure Unterstützung !!!!!!!
:dankeschoen:

cosinus 19.02.2014 21:59

Anti-Virusprogramme
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten. :daumenhoc



Dann wären wir durch! :daumenhoc


Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board

Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden.

Helfen kann dir dabei delfix:


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.






Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132