atw10qp4 | 22.02.2014 18:17 | Hallo, Schrauber!
Wollte dir keine unnötige Arbeit machen (bin das erste Mal hier). Hier die beiden Files:
FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by root (administrator) on ASUS-LAPTOP on 16-02-2014 13:29:27
Running from C:\tmp\Trojaner-Abwehr\Programme\2_frst
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(Huawei Technologies Co., Ltd.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lyrics) C:\program files (x86)\a2zlyrics-1\a2zlyrics-1-bg.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\tmp\Trojaner-Abwehr\Programme\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [BtPreLoad] - C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-31] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [37960 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS InstantKey] - C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [20456 2012-02-20] (ASUS)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2012-07-03] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [DataCardMonitor] - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe [253952 2013-02-01] (Huawei Technologies Co., Ltd.)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-08-12] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [NeroFilterCheck] - C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh)
HKLM-x32\...\Run: [Philips Device Listener] - C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-03-19] ()
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-06] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1579230505-512059319-4025757163-1007\...\Run: [iDevice Manager Launcher] - C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe [139728 2013-01-09] (Marx Softwareentwicklung - www.software4u.de)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho64.dll (Lyrics)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: a2zLyrics-1 - {11111111-1111-1111-1111-110411151154} - C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho.dll (Lyrics)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\fnlg3prk.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: a2zLyrics-1 - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\fnlg3prk.default\Extensions\536c2ac1-a17c-4de1-a3f2-1b869a3be96c@2f6608a0-8c65-4bfe-8e2f-c65b5cc757cb.com [2013-11-28]
FF Extension: No Name - C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\fnlg3prk.default\Extensions\staged [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\peter\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\peter\AppData\Roaming\Helper [2013-02-04]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
==================== Services (Whitelisted) =================
R2 AddonsHelper; C:\Users\peter\AppData\Local\Temp\OCS\Downloads\8895a6ff54aa6156ee6d3370468ad434\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [865792 2013-02-03] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-01] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations)
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445304 2013-08-12] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [54160 2013-06-18] (Check Point Software Technologies, Ltd.)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-31] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-01] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-31] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-05-22] ()
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [284008 2012-10-08] (NVIDIA Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [451096 2013-06-13] (Check Point Software Technologies LTD)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-10-21] (Huawei Technologies Co., Ltd.)
U0 msahci;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-16 13:27 - 2014-02-16 13:27 - 00000000 _____ () C:\Users\root\defogger_reenable
2014-02-16 13:25 - 2014-02-16 13:29 - 00000000 ____D () C:\FRST
2014-02-16 13:24 - 2014-02-16 13:24 - 02152960 _____ (Farbar) C:\Users\root\Downloads\FRST64.exe
2014-02-16 12:57 - 2014-02-16 12:57 - 00000242 _____ () C:\Windows\SysWOW64\defogger_enable.log
2014-02-16 12:56 - 2014-02-16 12:56 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-16 12:37 - 2014-02-16 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-10 21:36 - 2014-02-10 21:36 - 00001728 _____ () C:\ProgramData\__wdump.txt
2014-02-10 21:35 - 2014-02-10 21:35 - 00001196 _____ () C:\Users\alina\Desktop\Pinnacle Studio 15.lnk
2014-02-10 21:35 - 2014-02-10 21:35 - 00000000 ____D () C:\Users\alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
2014-02-09 15:33 - 2014-02-09 15:33 - 00000000 ____D () C:\Users\alina\AppData\Roaming\NVIDIA
2014-01-19 14:51 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-19 14:51 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-19 14:51 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-19 14:51 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-19 14:51 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-19 14:51 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-19 14:51 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-19 14:51 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-19 14:51 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-19 14:51 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-19 14:51 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-19 14:51 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-19 14:51 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-19 14:51 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-19 14:51 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
==================== One Month Modified Files and Folders =======
2014-02-16 13:29 - 2014-02-16 13:25 - 00000000 ____D () C:\FRST
2014-02-16 13:29 - 2012-10-18 20:37 - 01558033 _____ () C:\Windows\WindowsUpdate.log
2014-02-16 13:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-02-16 13:27 - 2014-02-16 13:27 - 00000000 _____ () C:\Users\root\defogger_reenable
2014-02-16 13:27 - 2013-02-07 20:36 - 00000000 ____D () C:\Users\root
2014-02-16 13:26 - 2013-11-10 21:39 - 00050477 _____ () C:\Users\root\Downloads\Defogger.exe
2014-02-16 13:24 - 2014-02-16 13:24 - 02152960 _____ (Farbar) C:\Users\root\Downloads\FRST64.exe
2014-02-16 13:19 - 2013-02-01 20:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-16 13:12 - 2013-02-02 16:37 - 00000000 ____D () C:\tmp
2014-02-16 13:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-02-16 12:57 - 2014-02-16 12:57 - 00000242 _____ () C:\Windows\SysWOW64\defogger_enable.log
2014-02-16 12:56 - 2014-02-16 12:56 - 00000470 _____ () C:\Windows\SysWOW64\defogger_disable.log
2014-02-16 12:45 - 2013-02-12 13:25 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579230505-512059319-4025757163-1007
2014-02-16 12:40 - 2013-07-16 20:13 - 00000000 ____D () C:\Users\root\AppData\Local\HTC MediaHub
2014-02-16 12:40 - 2013-02-07 20:38 - 00000408 _____ () C:\Users\root\AppData\Roaming\sp_data.sys
2014-02-16 12:39 - 2013-10-06 16:39 - 00001314 _____ () C:\Windows\Tasks\a2zLyrics-1-updater.job
2014-02-16 12:39 - 2013-10-06 16:39 - 00001218 _____ () C:\Windows\Tasks\a2zLyrics-1-codedownloader.job
2014-02-16 12:39 - 2013-10-06 16:39 - 00001118 _____ () C:\Windows\Tasks\a2zLyrics-1-enabler.job
2014-02-16 12:39 - 2013-10-06 16:38 - 00001850 _____ () C:\Windows\Tasks\a2zLyrics-1-firefoxinstaller.job
2014-02-16 12:39 - 2012-10-18 20:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-02-16 12:39 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-16 12:38 - 2013-02-06 19:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 12:37 - 2014-02-16 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 12:37 - 2013-02-07 18:29 - 00000000 ____D () C:\Users\karin\AppData\Roaming\Skype
2014-02-16 11:58 - 2013-02-07 15:31 - 00000000 ____D () C:\Users\karin\Documents\Bluetooth Folder
2014-02-16 11:56 - 2013-02-07 15:30 - 00000408 _____ () C:\Users\karin\AppData\Roaming\sp_data.sys
2014-02-16 11:55 - 2013-08-13 20:15 - 00000000 ____D () C:\Users\karin\AppData\Local\HTC MediaHub
2014-02-10 21:40 - 2013-02-09 15:19 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579230505-512059319-4025757163-1006
2014-02-10 21:36 - 2014-02-10 21:36 - 00001728 _____ () C:\ProgramData\__wdump.txt
2014-02-10 21:35 - 2014-02-10 21:35 - 00001196 _____ () C:\Users\alina\Desktop\Pinnacle Studio 15.lnk
2014-02-10 21:35 - 2014-02-10 21:35 - 00000000 ____D () C:\Users\alina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
2014-02-10 21:35 - 2013-02-04 20:46 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-02-10 21:30 - 2013-03-05 17:58 - 00000000 ____D () C:\Users\fabjana\AppData\Roaming\Skype
2014-02-10 21:20 - 2013-02-21 18:50 - 00006144 _____ () C:\Users\alina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-10 21:20 - 2013-02-17 18:56 - 00000000 ____D () C:\Users\alina\AppData\Roaming\Skype
2014-02-10 20:19 - 2013-03-10 15:27 - 00000000 ____D () C:\Users\alina\AppData\Local\Adobe
2014-02-10 20:19 - 2012-08-17 01:52 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-10 20:12 - 2013-07-01 10:23 - 00000000 ____D () C:\Users\alina\AppData\Local\CrashDumps
2014-02-10 17:04 - 2013-02-09 15:14 - 00000408 _____ () C:\Users\alina\AppData\Roaming\sp_data.sys
2014-02-09 15:38 - 2012-08-03 00:02 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-02-09 15:38 - 2012-08-03 00:02 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-02-09 15:38 - 2012-07-26 08:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-09 15:36 - 2013-02-09 15:13 - 00000000 ____D () C:\Users\alina\AppData\Roaming\Adobe
2014-02-09 15:33 - 2014-02-09 15:33 - 00000000 ____D () C:\Users\alina\AppData\Roaming\NVIDIA
2014-02-09 15:31 - 2013-02-09 16:35 - 00000000 ____D () C:\Users\fabjana\Documents\Bluetooth Folder
2014-02-08 21:01 - 2013-02-09 16:18 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579230505-512059319-4025757163-1005
2014-02-08 20:57 - 2013-02-01 20:31 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-08 20:55 - 2013-02-09 16:13 - 00000408 _____ () C:\Users\fabjana\AppData\Roaming\sp_data.sys
2014-02-08 20:52 - 2013-02-01 18:31 - 00000000 ____D () C:\Users\peter\AppData\Roaming\Skype
2014-02-08 20:52 - 2013-01-31 04:32 - 00000408 _____ () C:\Users\peter\AppData\Roaming\sp_data.sys
2014-02-08 20:40 - 2013-09-14 07:04 - 00000000 ____D () C:\Users\fabjana\AppData\Local\HTC MediaHub
2014-02-08 20:37 - 2012-07-26 06:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-02-08 18:59 - 2013-01-31 04:37 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1579230505-512059319-4025757163-1002
2014-02-08 18:49 - 2013-07-24 18:49 - 00000000 ____D () C:\Users\peter\AppData\Local\HTC MediaHub
2014-02-08 18:41 - 2013-08-12 15:11 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-08 18:41 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-02-08 18:38 - 2013-02-01 07:13 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-30 22:10 - 2013-11-20 23:40 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-30 22:10 - 2013-11-20 23:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
Some content of TEMP:
====================
C:\Users\alina\AppData\Local\Temp\avgnt.exe
C:\Users\fabjana\AppData\Local\Temp\avgnt.exe
C:\Users\karin\AppData\Local\Temp\avgnt.exe
C:\Users\karin\AppData\Local\Temp\COMAP.EXE
C:\Users\peter\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\peter\AppData\Local\Temp\AskSLib.dll
C:\Users\peter\AppData\Local\Temp\avgnt.exe
C:\Users\peter\AppData\Local\Temp\COMAP.EXE
C:\Users\peter\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\peter\AppData\Local\Temp\Execute2App.exe
C:\Users\peter\AppData\Local\Temp\MSETUP4.EXE
C:\Users\peter\AppData\Local\Temp\msvcp90.dll
C:\Users\peter\AppData\Local\Temp\msvcr90.dll
C:\Users\peter\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\peter\AppData\Local\Temp\SAV2RemoveAll.exe
C:\Users\peter\AppData\Local\Temp\tmp93C.tmp.exe
C:\Users\peter\AppData\Local\Temp\tmpA756.tmp.exe
C:\Users\peter\AppData\Local\Temp\uninstall.exe
C:\Users\peter\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\root\AppData\Local\Temp\avgnt.exe
C:\Users\root\AppData\Local\Temp\COMAP.EXE
C:\Users\root\AppData\Local\Temp\DeltaTB.exe
C:\Users\root\AppData\Local\Temp\filebulldogTb_1.0.0.8.exe
C:\Users\root\AppData\Local\Temp\IDMSetup_1.5.0.0.exe
C:\Users\root\AppData\Local\Temp\OptimizerPro.exe
C:\Users\root\AppData\Local\Temp\tmp32C7.tmp.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-08 18:34
==================== End Of Log ============================ --- --- ---
Addition.txt:
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by root at 2014-02-16 13:29:49
Running from C:\tmp\Trojaner-Abwehr\Programme\2_frst
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Disabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
==================== Installed Programs ======================
a2zLyrics-1 (x32 Version: 1.28.153.3 - Lyrics) <==== ATTENTION
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.1.0.5790 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 4 Master Collection (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Encore CS4 (x32 Version: 4 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Application Feature Set Files (Roman) (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Common Base Files (x32 Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Dolby (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 1.1 - Adobe Systems Incorporated)
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.8.142.61628 - Alcor Micro Corp.) Hidden
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (x32 Version: 1.2.8 - ASUS)
ASUS Instant Key (x32 Version: 1.0.5 - ASUS)
ASUS InstantOn (x32 Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (x32 Version: 3.1.5 - ASUS)
ASUS Live Update (x32 Version: 3.1.8 - ASUS)
ASUS N Series Demo (x32 Version: 1.0.0002 - ASUS)
ASUS Power4Gear Hybrid (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (x32 Version: 1.0.35 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 1.03.0004 - ASUS)
ASUS Tutor (x32 Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (x32 Version: 2.1.4 - ASUS)
ASUS Video Magic (x32 Version: 6.0.4712 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.4712 - CyberLink Corp.) Hidden
ASUS WebStorage Sync Agent (x32 Version: 1.1.9.120 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (x32 Version: 2.0.10.168 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (x32 Version: 1.0.0022 - ASUS)
Audiograbber 1.83 SE (x32 Version: 1.83 SE - Audiograbber)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Beyond Compare Version 2.5.3 (x32 Version: - Scooter Software)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bulk Rename Utility 2.7.1.2 (Version: - TGRMN Software)
Bundled software uninstaller (x32 Version: - ) <==== ATTENTION
Canon G.726 WMP-Decoder (x32 Version: 1.1.0.4 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.3.1.5 - )
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.5.1.4 - )
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 2.4.0.14 - )
Canon RAW Image Task for ZoomBrowser EX (x32 Version: 2.6.0.13 - )
Canon Utilities ImageBrowser EX (x32 Version: 1.1.1.19 - Canon Inc.)
Canon Utilities PhotoStitch (x32 Version: 3.1.19.43 - )
Canon Utilities ZoomBrowser EX (x32 Version: 5.8.0.74 - )
Classic Shell (Version: 3.6.5 - IvoSoft)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3019_44673 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3019_44673 - CyberLink Corp.) Hidden
CyberLink PowerDirector (x32 Version: 8.0.4905d - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.4905d - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Desktop Icon für Amazon (Version: 1.0.1 (de) - )
EasyBCD 2.2 (x32 Version: 2.2 - NeoSmart Technologies)
FilesFrog Update Checker (x32 Version: - ) <==== ATTENTION
FireJump (x32 Version: 1.0.2.5 - FireJump.net)
Free CD Ripper V2.0 (x32 Version: 2.0.0.0 - Koyote Soft)
Free YouTube to MP3 Converter version 3.12.0.128 (x32 Version: 3.12.0.128 - DVDVideoSoft Ltd.)
HTC Driver Installer (x32 Version: 4.2.0.001 - HTC Corporation)
HTC Sync Manager (x32 Version: 2.0.61.0 - HTC)
iDevice Manager (x32 Version: 3.0.0.3 - Marx Softwareentwicklung)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IPTInstaller (x32 Version: 4.0.8 - HTC)
iTunes (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 25 (x32 Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Knoll Light Factory EZ Studio 15 (x32 Version: - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Magic Bullet Looks Studio 15 (x32 Version: - )
Microsoft Office (x32 Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office 2010 Language Pack Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Project 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Project Professional 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visio 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft)
Microsoft Visio Premium 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (x32 Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (x32 Version: 27.0.1 - Mozilla)
Mp3tag v2.54 (x32 Version: v2.54 - Florian Heidenreich)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Nero 11 DiscSpeed (x32 Version: 11.0.00400 - Nero AG)
Nero 6 Demo (x32 Version: - )
Nero Core Components 11 (x32 Version: 11.0.15401.1.15 - Nero AG) Hidden
Nero DiscSpeed 11 (x32 Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NVIDIA 3D Vision Treiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafiktreiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.0613 (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.0697 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Paint.NET v3.5.10 (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (x32 Version: 12.0.27.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.1.0 (x32 Version: - PDF24.org)
PDF-Viewer (Version: 2.5.209.0 - Tracker Software Products Ltd)
Philips Songbird (x32 Version: 6.1.2265 (2265) - Koninklijke Philips Electronics N.V.)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pinnacle Studio 15 (x32 Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Collection Plugins (x32 Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (x32 Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle Video Treiber (Version: 12.1.0.030 - Pinnacle Systems)
Preispilot für Firefox (x32 Version: 2.0 - Preispilot)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.208 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6710 - Realtek Semiconductor Corp.)
Red Giant ToonIt Studio 15 (x32 Version: - )
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Skype™ 6.1 (x32 Version: 6.1.129 - Skype Technologies S.A.)
Stellarium 0.12.0 (Version: 0.12.0 - Stellarium team)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SureThing Express Labeler (x32 Version: - MicroVision Development, Inc.)
T-Mobile Internet Manager (x32 Version: 11.301.05.39.55 - Huawei Technologies Co.,Ltd)
TomTom HOME (x32 Version: 2.9.3 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Trapcode 3DStroke Studio 15 (x32 Version: - )
Trapcode Particular Studio (x32 Version: - )
Trapcode Shine Studio 15 (x32 Version: - )
TreeSize Professional 5.1.2 (x32 Version: - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VLC media player 2.0.5 (Version: 2.0.5 - VideoLAN)
Windows-Treiberpaket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (Version: 10/29/2012 1.0.0.148 - ASUS)
Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinFlash (x32 Version: 2.41.1 - ASUS)
WinSCP 5.1.3 (x32 Version: 5.1.3 - Martin Prikryl)
WinZip (x32 Version: 9.0 (6028) - WinZip Computing, Inc.)
ZoneAlarm Firewall (x32 Version: 11.0.780.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (x32 Version: 11.0.780.000 - Check Point)
ZoneAlarm LTD Toolbar (Version: - Check Point Software Technologies)
ZoneAlarm Security (x32 Version: 11.0.780.000 - Check Point Software Technologies Ltd.) Hidden
==================== Restore Points =========================
19-01-2014 19:00:15 Windows Update
08-02-2014 17:38:10 Windows Update
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0B388C5E-A507-4AC2-98B8-960CAD453C66} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3DED79E6-F6B2-4173-8505-16A53E30F74B} - System32\Tasks\BtvStack => C:\Program
Task: {46785A24-84F5-43B8-AFD7-AF60A4E5050D} - System32\Tasks\a2zLyrics-1-codedownloader => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe [2013-10-06] (Lyrics) <==== ATTENTION
Task: {5907D24C-F3C2-4AEE-9C5B-409DF35685C4} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {7BBCBFA6-E87D-43A2-BE39-E1A3FB565E9C} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {8DCD7671-43D5-49D6-BE9F-863C2DCA0DAE} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {92EA533C-40C4-4189-8030-6B0F36D64D36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-08] (Adobe Systems Incorporated)
Task: {936EA498-C280-4D6A-8BBD-05455EC3E66A} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {9BF72BC0-9F19-4603-97BA-C09C0D961A3A} - System32\Tasks\BtTray => C:\Program
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B750498F-A829-4679-8236-0707CE7A368B} - System32\Tasks\a2zLyrics-1-enabler => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe [2013-10-06] (Lyrics) <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CB625FDA-FCAF-4618-9779-3A23E22CC032} - System32\Tasks\a2zLyrics-1-updater => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe [2013-10-06] (Lyrics) <==== ATTENTION
Task: {CFFE89DE-F8EF-41E2-B1D8-E8439CA53F6C} - System32\Tasks\DSite => C:\Users\peter\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D24E9F0F-6B3E-489B-BE66-30C04DB7CA36} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {E55DBE54-CEA7-48FC-92DB-08B6A5E1A8ED} - System32\Tasks\a2zLyrics-1-firefoxinstaller => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-firefoxinstaller.exe [2013-10-06] (Lyrics) <==== ATTENTION
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {FAD7601C-094E-4C82-9380-D25393AB0DEE} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: C:\Windows\Tasks\a2zLyrics-1-codedownloader.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\a2zLyrics-1-enabler.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\a2zLyrics-1-firefoxinstaller.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\a2zLyrics-1-updater.job => C:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-10-18 20:16 - 2012-07-31 17:02 - 00004096 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2012-08-31 16:44 - 2012-08-31 16:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-31 16:38 - 2012-08-31 16:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-08-24 17:26 - 2012-08-24 17:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-17 11:43 - 2013-05-17 11:43 - 00169312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-08-30 13:46 - 2012-11-27 13:48 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2012-08-30 14:27 - 2012-08-15 18:52 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2012-03-19 11:23 - 2012-03-19 11:23 - 00380416 _____ () C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
2013-02-01 21:19 - 2013-02-01 21:15 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-02-03 11:07 - 2013-02-03 11:07 - 00865792 _____ () C:\Users\peter\AppData\Local\Temp\OCS\Downloads\8895a6ff54aa6156ee6d3370468ad434\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-17 11:42 - 2013-05-17 11:42 - 00030056 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-05-17 11:42 - 2013-05-17 11:42 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-05-17 11:42 - 2013-05-17 11:42 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-05-17 11:42 - 2013-05-17 11:42 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-05-17 11:43 - 2013-05-17 11:43 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-05-17 11:47 - 2013-05-17 11:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-07-16 20:12 - 2012-12-07 16:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-10-18 20:34 - 2009-04-17 11:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-10-18 20:16 - 2012-07-31 17:02 - 00004096 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-02-16 12:37 - 2014-02-16 12:37 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-08-24 17:17 - 2012-08-24 17:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2012-08-30 13:39 - 2012-11-27 13:38 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-10-18 20:13 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-02-03 11:07 - 2013-02-03 11:07 - 00111616 _____ () C:\ProgramData\DNSErrorHelper\bho.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/16/2014 00:36:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 647343
Error: (02/16/2014 00:36:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 647343
Error: (02/16/2014 00:36:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/16/2014 00:26:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1500
Error: (02/16/2014 00:26:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1500
Error: (02/16/2014 00:26:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/16/2014 11:54:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.2.9200.16420, Zeitstempel: 0x505a9a4e
Name des fehlerhaften Moduls: wiaservc.dll, Version: 6.2.9200.16384, Zeitstempel: 0x501094f4
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000004139e
ID des fehlerhaften Prozesses: 0xce4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5
Error: (02/10/2014 08:12:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537, Zeitstempel: 0x512347f7
Name des fehlerhaften Moduls: a2zLyrics-1-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5208ae68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0606ba3d
ID des fehlerhaften Prozesses: 0x1dcc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (02/10/2014 08:12:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537, Zeitstempel: 0x512347f7
Name des fehlerhaften Moduls: a2zLyrics-1-bho.dll, Version: 1.0.0.1, Zeitstempel: 0x5208ae68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e10b
ID des fehlerhaften Prozesses: 0x1dcc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (02/10/2014 08:10:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537, Zeitstempel: 0x512347f7
Name des fehlerhaften Moduls: a2zLyrics-1-bho.dll, Version: 1.0.0.1, Zeitstempel: 0x5208ae68
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e10b
ID des fehlerhaften Prozesses: 0x2078
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
System errors:
=============
Error: (02/16/2014 11:55:54 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/08/2014 06:41:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2903938)
Error: (01/19/2014 08:05:29 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 08:00:18 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 02:41:16 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 02:36:06 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 02:30:54 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/19/2014 02:27:48 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/06/2014 11:59:25 AM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (01/06/2014 11:58:17 AM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 10.0.0.2
registriert werden. Der Computer mit IP-Adresse 10.0.0.23 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Microsoft Office Sessions:
=========================
Error: (02/16/2014 00:36:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 647343
Error: (02/16/2014 00:36:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 647343
Error: (02/16/2014 00:36:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/16/2014 00:26:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1500
Error: (02/16/2014 00:26:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1500
Error: (02/16/2014 00:26:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/16/2014 11:54:59 AM) (Source: Application Error)(User: )
Description: svchost.exe_stisvc6.2.9200.16420505a9a4ewiaservc.dll6.2.9200.16384501094f4c0000409000000000004139ece401cf2b057f26fd94C:\Windows\system32\svchost.exec:\windows\system32\wiaservc.dllc736325c-96f8-11e3-bef0-dc85de69baec
Error: (02/10/2014 08:12:46 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7a2zLyrics-1-bho.dll_unloaded0.0.0.05208ae68c00000050606ba3d1dcc01cf2693eef4c7cfC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEa2zLyrics-1-bho.dll52a8ec06-9287-11e3-beef-dc85de69baec
Error: (02/10/2014 08:12:46 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7a2zLyrics-1-bho.dll1.0.0.15208ae68c00000050002e10b1dcc01cf2693eef4c7cfC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho.dll52878aa5-9287-11e3-beef-dc85de69baec
Error: (02/10/2014 08:10:40 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7a2zLyrics-1-bho.dll1.0.0.15208ae68c00000050002e10b207801cf2693a234a208C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Program Files (x86)\a2zLyrics-1\a2zLyrics-1-bho.dll077443d6-9287-11e3-beef-dc85de69baec
CodeIntegrity Errors:
===================================
Date: 2013-07-13 13:57:15.719
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-13 13:57:13.656
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-13 13:57:11.592
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-13 13:57:09.523
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-13 13:57:07.460
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-13 13:57:05.396
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-02-01 17:47:08.195
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-02-01 17:39:02.816
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-02-01 17:04:49.894
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-02-01 16:22:44.335
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 8077.47 MB
Available physical RAM: 5206.4 MB
Total Pagefile: 9293.47 MB
Available Pagefile: 6055.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:279.45 GB) (Free:43.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:398.17 GB) (Free:270.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: CDFAD22C)
Partition: GPT Partition Type
==================== End Of Log ============================ --- --- ---
Hoffe, es passt jetzt.
LG, Peter |